Internal electronic threats
While physical network isolation is desirable, touch points will inevitably exist. For example, in some markets, the car’s navigation system must be disabled while in motion, implying communication between systems of widely differing safety criticality. Furthermore, a strong trend towards consolidation—where more powerful multicore microprocessors are used to host disparate systems, turning many ECUs into virtual ECUs—increases the risk of software-borne threats such as privilege escalation due to operating system vulnerabilities, side-channel attacks on cryptography, and denials of service.
Therefore, the car’s internal electronics architecture must be designed from the ground up for security. Interfaces between critical and non-critical systems and networks must be justified at the highest management levels, exhaustively analyzed, and certified devoid of vulnerabilities at the highest assurance levels, such as ISO 15408
evaluated assurance level (EAL) 6+.
(Principles of High Assurance Software/Security Engineering) protocol espouses minimization of complexity, software component architecture, the principle of least privilege, secure software and systems development process, and independent expert security validation must be learned and adopted by OEMs and promulgated throughout their supply chain.
Car manufacturers and Tier 1s may not have been thinking a great deal about security when they designed the cars hitting roads today, but clearly that is changing. Manufacturers must work closely with embedded security specialists early in the design and architecture of in-car electronics and networks and must raise the bar on security-driven engineering and software assurance. Finally, the automotive industry is sorely in need of an independent standards body to define and enforce a system-level security certification program for in-vehicle electronics.
David Kleidermacher is CTO at Green Hills Software.
Koscher, Karl, et al., "Experimental Analysis of a Modern Automobile," 2010 IEEE Symposium on Security and Privacy
If you liked this article, go to the Automotive Designline home page
for the latest in automotive electronics design, technology, trends, products, and news. Also, get a weekly highlights update delivered directly to your inbox by signing up for our weekly automotive electronics newsletter here