The idea of the ‘connected car’ has existed for many years but now they’ve developed to the point at which vehicles can have dozens of Electronic Control Units (ECUs) controlling systems that drivers might never interact with. Each component has some kind of connection outside of the vehicle that needs to be secured against intrusion, leading to increased complexity between overlapping security systems, says Alois Kliner, pictured, VP Automotive & IoT Manufacturing, at the cyber and compliance product firm Ultimaco.
Now, this array of disconnected systems, often made by different manufacturers, is replacing the numerous ECUs with a small number of HPC High Performance Computers that function more like a modern day smartphone. So called ‘software-defined vehicles’ (SDVs) are a single system onto which software ‘apps’ can be installed in a similar way to said smartphone. This has opened up the ability for automobile manufacturers to offer subscription-based features like BMW’s Front Seat Heating or Tesla’s Supercharger.
However, with cybersecurity threats to vehicles on the rise, a hack on a vehicle could have extremely grave consequences, such as disabling its brakes or take over the steering. Automotive security is being taken extremely seriously by automotive manufacturers for both the above reason, as well the threat that one serious breach could destroy their company’s reputation.
SDVs and security
The move to software-defined vehicles has profound implications for how drivers interact with their vehicles and for the security of those vehicles. Early motor vehicles were entirely mechanical but as they developed over the course of the 20th century even though they incorporated more electrical components they were chiefly defined by their hardware – bigger engines, lighter alloys, two seats instead of four. An SDV has features that are defined by more than just its physical hardware – it can have features ‘unlocked’ by subscribing to new services. Having a vehicle’s systems built around a single interoperable stack also means that individual components can ‘talk’ to each other: the car’s navigation system can check the battery to see whether there is enough charge to make a journey, and if not what the options are for charging, for instance.
Overall, the move to the SDV era promises to make vehicles more flexible, personalised and, as we’ll cover in the next section, secure.
Securing a modern automotive future
One clear downside to having a vehicle’s connected system spread over individual ECUs, is that it creates a situation in which there is much more likely to be a vulnerability in one of the ECUs. When all the connected systems are in a single stack and use a single language to allow inter-operability a security vulnerability in one area could potentially affect all others.
For example, in 2022 an attacker manipulated a power steering ECU by modifying its firmware, and was able to brute-force the ECU authentication. Potentially this could lead to the intruder being able to control the steering of thousands of vehicles that use the same Original Equipment Manufacturer (OEM) component. In the same year a cybersecurity researcher exploited a vulnerability in a popular third-party app and gained access to all of the functions of 25 vehicles around the world. We are seeing a highly variable threat environment when it comes to cyber attacks on vehicles, with 4 per cent of attacks coming from electric vehicle charging, 18pc targeting wireless keyfobs, and 35pc targeting telematics and application servers, which could potentially spread malware to thousands of vehicles. According to research of 1100+ vehicle cyberattacks by Upstream Security the majority (31pc) of incidents were data or privacy breaches, with a further 22pc being vehicle thefts and break-ins.
This is why vehicle manufacturers and the OEMs they work with must incorporate next-generation key management and other enterprise-grade cybersecurity systems into vehicles and the software ecosystem that supports them. It’s also why there are standards like ISO 21434 and UNECE WP.29 R155 that ‘establish a common language for communicating and managing cybersecurity risk’.
Key management enables components to be kept up to date through Firmware Over The Air (FOTA) updates, and these would be ideal vectors for bad actors to send spyware and malware to thousands of vehicles. Using asymmetric encryption for in-car communication significantly strengthens the vehicle’s defenses against counterfeit updates. Similarly, device attestation is a vital part of keeping a vehicle secure: put simply, it allows individual devices to show that they are authentic, something which is vital in a vehicle. These are just a few examples of the digital security systems that will be keeping vehicles secure as they increasingly become SDVs. It is time for OEMs, vehicle manufacturers and even drivers to start taking vehicle cybersecurity seriously.