Mitigating circumstances

As vehicles become more highly connected, protecting them from malicious cyber attacks will be incredibly important. Multi-layered security systems could be the answer

As consumer demand for greater infotainment functionality grows and vehicles become better connected, the industry starts to face the same challenges that have the best minds in the consumer electronics field fighting a constant battle. How to make systems secure from malicious attacks?

Anyone who uses a computer, tablet or even a smartphone will no doubt have faced system warnings at some point telling them that a virus has been detected. And it doesn’t matter what anti-virus software you have installed, the malicious software is constantly being adapted so that it can circumvent security programs.

On a user’s desktop computer, it can be frustrating and costly, but the price isn’t as high as if a vehicle were to be attacked and safety-critical systems controlled by a third party.

But while there have been well-documented occasions when a vehicle’s systems have been assessed as being vulnerable, there have been few, if any, widespread hacking cases so far. And it’s a state that OEMs and suppliers want to maintain, no matter how connected vehicles become.

The emphasis is likely to be placed on suppliers to develop the hardware and software that will enable OEMs to balance opposing demands for connectivity and security. And firms such as Harman have already made some headway with development programmes for the technologies.

Pankil Vyas, Harman’s senior manager for cyber security, says: “We’re working across the industry and with Tier One suppliers to put security solutions in place to make the car safer.”  

Six layers of security

It needs to be doing this – Harman wants to position itself as a leader in connectivity, and has developed a host of technologies, including updateable infotainment systems, over-the-air services, and greater functionality for autonomous vehicles in the future.

That is why the company has been developing its security architecture for the past year. The system is based on six layers: hardware, hypervisor, operating system access control, application sandboxing, the network layer and, finally, over-the-air firmware updates.

“The hardware security layer allows the system to securely boot, storing keys so you can authorise and authenticate firmware, as well as the application and the user,” says Vyas. “It gives you the capability for secure storage and because it’s in the hardware it’s tamper-proof.”  

Hypervisor technology is well known, and gives firms the ability to separate cores on silicon technology, running different operating systems on each if necessary. That means a single chip can be used for multiple tasks, but each core is fenced off from another, improving security.

Vyas says: “Hypervisors provide distinct operating systems running on the same silicon, so you can have multiple operating systems in isolated boxes which are secure in their own environment. So we can run mission-critical systems at the same time as Android applications and infotainment systems.” 

Perhaps linked to that, and arguably one of the most important areas, is what systems have authority to communicate with one another. As has been found in the past, what need to be prohibited are malicious attacks that target the infotainment, for example, but can then communicate with safety-critical systems, such as the steering or braking.

tags: April 2016 Connectivity