Blog

by Kenotom,

The future of autonomous driving seems very promising, with the rise of innovative technologies, such as Advanced Driver Assistance Systems (ADAS) and Artificial Intelligence (AI). Connected vehicles are designed and manufactured with advanced safety features, along with access to infotainment services and services for vehicles’ remote monitoring and predictive maintenance and much more support services.  

However, within this context and the increasing complexity, connected and autonomous vehicles face a series of cybersecurity risks, given the widening of the attack surface for cybercriminals [1, 2]. Due to their numerous electronic control units (ECUs) and interconnected systems, wireless connectivity (e.g., among other vehicles, or between a vehicle and the OEM for over-the-air updates) and to various other factors. To ensure safety in driving, it is imperative for manufacturers to handle the possible threats and risks and create strong systems that will endure against their occurrence. 

In order to fortify a system against malicious attacks, someone must first be aware of the ways hackers try to penetrate it to gain control (e.g., of safety-critical parts of the vehicle, such as acceleration and braking) or to extract information. Some of these ways and areas of concern are listed below [1, 2, 3]: 

• Remote access: hackers can find vulnerabilities through remote access to vehicles, for example via mobile apps or telematics systems used for navigation, entertainment, safety services, etc. 

• Wireless connection: there are vulnerabilities in wireless communications with the vehicle (e.g., during an OTA software update by the OEM) that hackers leverage to violate systems (e.g., through man-in-the-middle attacks and spoofing). 

• OBD-II Port access: attackers can infiltrate vehicles through direct access by plugging malware devices on their OBD-II port. 

• Fleet management systems: connected fleet vehicles face greater risks than regular vehicles, since a group of vehicles is controlled by one fleet management server. Therefore, if the server gets hacked, all of them can be simultaneously violated, which makes them appealing to hackers and thus more susceptible to attacks.   

• V2X Communications: as it is with fleet management systems, when vehicles are connected to each other (V2V) or to infrastructure (V2I), the attack surface, as well as the vulnerability increases. 

• Adoption of new advanced technologies: emerging technologies such as blockchain and AI provide plenty of advantages for the manufacturers of modern vehicles. However, there is a lot of uncharted territory in such technologies, which could potentially pose new threats to the system.  

Cybersecurity attacks in transportation constitute multiple and multidimensional threats to civilians. Attackers could gain control over safety-critical parts of the vehicle (e.g., acceleration, braking) and tamper with vehicle data (remote manipulation) that could lead to accidents, even threatening human lives. Attackers could also encrypt vehicle systems and demand ransom for their release or even use the driver’s sensitive information for blackmail [1, 2]. In addition, attackers could gain unauthorized access to the driver’s sensitive information, such as bank accounts or home address etc. (threatening personal privacy and fundamental human rights).    

It is apparent that significant efforts and actions need to be undertaken to fortify connected and autonomous vehicles. Some of the actions that OEMs take to safeguard vehicles against potential attacks are indicated below [1, 2], such as the compliance with the international cybersecurity standards, (e.g., SAE J3061, ISO/SAE 21434) and other guidelines, as well as the best practices for cybersecurity (e.g., Critical Security Controls (CIS), NHTSA Cybersecurity Best Practices, OTA updates, penetration testing, supplier chain security, cybersecurity employee training, etc.). Moreover, the manufacturers need to increase the available cybersecurity job positions, which enhances the development of cutting-edge security mechanisms and the training and awareness of the staff over cybersecurity topics. Last but not least, the collaboration with other OEMs and tech firms for knowledge sharing regarding modern threat areas and investing in R&D for the development and enhancement of security mechanisms (e.g., Secure-by-Design system, authenticated encryption, etc.) against detected threats. 

With this motivation, REWIRE offers a great set of cybersecurity mechanisms, toward the advanced safeguarding of modern vehicles. Some indicative examples of technologies implemented, tested and verified within the Use Case of Smart Transportation are the following:  

• Secure-by-Design System: REWIRE integrates security techniques into the design of the system in the form of formal verification, to verify the compliance of the RISC-V processor that is used in the project with the design specifications and architecture, to fortify the HW against potential attacks. Two of the mathematical techniques used for this are: Theorem Proving and Model Checking. REWIRE will turn the outputs of the formal verification process into enforceable security policies that will govern the device. 

• Monitoring during runtime operation: REWIRE will launch security monitoring techniques on the properties that cannot be verified with formal verification approaches. They will be monitored during runtime operation of the device in the vehicle use-case environment. These techniques include modeling of security hooks, SW/FW analysis (prior to deployment), enforcement of security policies and creation of conformity certificates, all of which complement the formal verification. 

• Secure SW/FW OTA updates: secure SW/FW OTA updates are essential for patching vulnerabilities, addressing bugs, fortifying the system against evolving security threats and adding new features and functionalities. To ensure the security of the update process, REWIRE uses authenticated encryption schemes and other security mechanisms such as key-leakage resilience for protection against side-channel attacks. REWIRE also uses SW/FW validation processes to make sure that the update is free of vulnerabilities. 

• Zero-Touch Onboarding (ZTO): ZTO requires strict identity verification for every entity (ECU board) that wants to be logged in REWIRE’s infrastructure. For the onboarding of each device, its state will be checked, and only if it is valid will the device be able to join and operate in the infrastructure. This is very useful to OEMs, to avoid connecting compromised vehicles into their network.   

• Migration: this is useful in case of a risk indication, to migrate and maintain a part or the whole operation, at least when it comes to the critical functionalities of an ECU, such as vehicle acceleration and braking. It enables the system to securely migrate and send the state of an enclave running on the compromised device to another device. That will initialize a new enclave that will run the original application and restore the original state. In case the migration is not possible, the system will go into a fail-safe.  

Because of the continual investment of vehicle manufacturers, as well as thousands of engineers and researchers, vehicles can be increasingly protected against cyberthreats, thus providing a safer driving experience. The purpose of REWIRE is to enhance these efforts by exploring various cybersecurity mechanisms applicable to different use-cases, one of them being the automotive. Stay tuned for more, as we love to share with you our latest news. 

References:  

1. David Lemon, “Automotive Cyber Security: Protecting Connected Vehicles from Emerging Threats,” in Linkedin, 2023. 

1. Nav Tech Electronics, “Safeguarding the Future: Automotive Cybersecurity in an Era of Connectivity,” in Linkedin, 2023. 

1. Chetan Shidling, “Need Of Automotive Cybersecurity,” in Linkedin, 2024.