Cyber challenges and the rise of software-defined vehicles (SDVs)

Credit: 

Today’s modern vehicles are made from many thousand OEM components, each of which must be secure against electronic intrusion. Within that context, there is a new generation of ‘software-defined vehicles’ (SDVs) that merge physical hardware with digital capabilities. For example, drivers can download apps that unlock new functionality for their vehicle just as they can with their phones. Premium vehicles today can have up to 150 million lines of code across hundreds of electronic control units. 

Clearly with many digital components, one vulnerability could be catastrophic – researchers have known and reported that potentially fatal cyberattacks on vehicles have been possible for years. While a breach of security on a person’s personal device is extremely damaging, an attack on a vehicle could be deadly, such as disable its brakes on a highway or take over the steering. If a driver’s card details were stored in the vehicle – to automatically pay at toll booths for example – then this could also be taken.

What’s needed is a way for vehicle manufacturers to be able to have a top-down view of what components, physical and digital, are on the road. If, for example, a vulnerability was found in the code of an app that enables heated seating then a manufacturer would need to be able to push a fix to every affected component. That means that every component needs its own ‘birth certificate’, identifying it both individually and as part of a larger group of components. With that said, let’s explore some specific digital threats to SDVs and what can be done to secure them.

The two ways that malicious code can enter an SDV is either digitally or physically. Unlike computers and smartphones, SDVs aren’t general-purpose computers that are connected to the wider internet. You can’t accidentally download a keylogging programme or open a malware-infected email on the interfaces of SDVs, so bad actors would need to take different approaches. One example is to replace one of the many software updates that is sent to the vehicle with code that includes a ‘backdoor’, allowing them greater access to the vehicle. This would be much more difficult than phishing scams, but it is possible. 

5G connectivity gives manufacturers more bandwidth with which to introduce new updates but it also gives bad actors a greater number of connections into the vehicle where they can hide malware or extract data. The amount of data traffic in today’s modern SDVs, is on par with homes or even offices. That can be both an asset and a liability. 

There are similar techniques that could also be applied to the hardware that’s used in vehicles. An original component from the manufacturer could be replaced by an OEM component that has been purposefully infected with malware or have vulnerabilities.  

It’s worth noting that modern digital assets, both in and outside of vehicles, are secured by public key infrastructure (PKIs) and there are serious risks on the horizon that could make all existing public keys obsolete. The key point here is that existing vehicles will need to be updated to be secure against quantum threats – meaning that millions of vehicles currently on the road will need to have each of their digital components enumerated so that nothing slips through the net. 

We all have and know what a birth certificate is. A similar system can be used to secure the digital and physical components in SDVs. Each component can have a cryptographically secure identity given to it on its ‘birth’ on the factory line and continuing throughout its life. This would allow manufacturers to know what components they have on the roads and for anyone performing maintenance to know that they are using authentic components. It would also prevent the creation of unauthorized components, whether they are digital or physical. Components can also be given decommission dates. This would allow out of date, insecure components to be swapped out for newer, more secure components when they reach the end of their lifecycle.  

Implementing this would require extremely secure key injection – if it was compromised in any way then thousands of vehicles may no longer be secure. As with many aspects of digital life, ‘as a service’ models mean that companies can quickly and flexibly introduce new capabilities into their workflow, in this case ‘trust as a service’. It enables both car manufacturers and OEMs to create secure environments in which to introduce next-generation digital security into every aspect of their software or hardware.

To lean more, visit: www.utimaco.com.

Alois Kliner is VP Automotive & IoT Manufacturing at Utimaco. As a global executive with a background in Semiconductors, Software + Services and Cybersecurity, he has led multidisciplinary teams in Germany, The Netherlands and Taiwan and achieved leading market positions in the fields of Automotive Connectivity, eSIM, Smart ID Cards and Mobile Payments. Alois holds a Diploma for Electronics and Communication Engineering from TU Graz.

Prior to joining Utimaco, Alois worked at Philips, NXP and Giesecke + Devrient in various executive management roles.

UTIMACO is a global platform provider of trusted Cybersecurity and Compliance solutions and services with headquarters in Aachen (Germany) and Campbell, CA (USA). UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions for regulated critical infrastructures and Public Warning Systems. UTIMACO is one of the world's leading manufacturers in its key market segments. 

500+ employees around the globe create innovative solutions and services to protect data, identities and communication networks with responsibility for global customers and citizens. Customers and partners in many different industries value the reliability and long-term investment security of UTIMACO’s high-security products and solutions. Find out more on www.utimaco.com.