Security Concerns on Automobiles

Published:2011/8/30 1:47:00 Author:Phyllis From:SeekIC

Critical systems of a car such as study brakes, engine throttling play a vital role in the automotive security issue. If a car is in motion and its brakes and engine are disabled, attacks could indeed place passengers in peril.

Bringing the automobile together with wide-area networks is exactly the reason that many tragedies happen. A single flaw may cause damage to the entire fleet of vehicles. Practical changes must be made to better isolate the network subsystems and secure critical functions.

There are two hundred microprocessors across one hundred components inside the High-end luxury cars nowadays. Such situation become untenable is not surprising.

Security threats to vehicles can be divided into three types: Local-physical, remote, and internal-electronic.

Local-physical is, for example, if someone physically taps into the drivetrain’s CAN network and disrupts communications. But a local attacker can harm only one car and therefore is unlikely to get the attention of security teams. A car’s complex electronic system is simply impractical to protect from physical attack. So we generally punt on this class of threats.

Key is a fundamental element. OEMs must be able to achieve assurance of key protection across the entire life cycle, from creation and embedding into ECUs, to delivery and integration within the car, and in the field.

Remote threats are the classic attacks: A hacker tries to probe the car’s long range radio interfaces for vulnerabilities in network security protocols, Web services, and applications to find a way into the internal electronics complex. In contrast to data centers, the car is unlikely to possess a full complement of IDS, IPS, firewalls, and UTMs.

When the Stuxnet attack came to light in 2010, U.S. Department of Defense CYBERCOM chief General Keith Alexander suggested that the U.S.’s critical infrastructure be isolated on its own secure network, distinct from the Internet. While this may seem heavy-handed, it is precisely the kind of thinking needed. A car’s critical systems must be strongly isolated from ECUs and networks not critical for safe operation.

The car’s internal electronics architecture must be designed from the ground up for security. Interfaces between critical and non-critical systems and networks must be justified at the highest management levels, exhaustively analyzed, and certified devoid of vulnerabilities at the highest assurance levels, such as ISO 15408 evaluated assurance level (EAL) 6+.

Car manufacturers may not consider too much about security when they designed the cars hitting roads today, but clearly that should change. Manufacturers must work closely with embedded security specialists early in the design and architecture of in-car electronics and networks and must raise the bar on security-driven engineering and software assurance. The automotive industry is sorely in need of an independent standards body to define and enforce a system-level security certification program for in-vehicle electronics.

Reprinted Url Of This Article: http://www.seekic.com/blog/Automotive/2011/08/30/Security_Concerns_on_Automobiles.html

Print this Page | Comments | Reading(9613)