PARIS — Bringing popular Ethernet technology to cars seems like a natural progression. More vehicles are getting connected and incorporating a number of automated driving features while a much bigger volume of data is expected to pass both ways between cars and the external world.
But in the auto world, a straightforward trickle-down technology transfer — bringing Ethernet as we know it in computing to the automotive realm — isn’t likely to work.
Luca De Ambroggi, senior principal analyst for automotive Electronics at IHS Markit, told us, “Automotive is becoming a ‘beast.’” In such fields as security and autonomy, he explained, “Automotive no longer follows other industries. It is driving the implementation of new and more advanced technologies.”
Today’s case in point is Marvell, which on Monday (july 24) rolled out what the company calls “the industry’s first secure automotive gigabit Ethernet switch.”
Because Ethernet allows IP packets to log into in-vehicle networks, safeguarding vehicles from hackers becomes paramount, explained Andrew Klaus, director of business development and architecture of Marvell.
Regular gigabit Ethernet switches used by the PC industry, for example, carry no security, Klaus told EE Times. If this were a PC, “you can simply run security software (like the ones from Symantec) to protect it from hackers,” he said. However, vehicles use multiple ECUs, each of which has much less processing power than that of PC. “You can’t run such a blocking software in a car,” he explained.
Automotive Ransomware in 2017? (Image: Marvell)
Marvell’s newly developed secure Ethernet switch has been “purpose built” to combat the growing risk of cybercrime facing the automotive industry today. It deploys a deep packet inspection (DPI) engine and trusted boot functionality “to ensure a robust level of security at the foundational hardware layer,” said the company. The company’s new switch also supports both blacklisting and whitelisting addresses on all Ethernet ports to further enhance security.
In blacklisting, Klaus said, “You define certain packets as dangerous and when you see them, you throw them away.” The problem with this approach is that there’s no way to predict what sort of packets hackers in the future will use, he added.
In contrast, by whitelisting, “OEMs and tier ones can pre-define the architecture for cameras and other data. Only when a certain packet is addressed to a certain destination — a specific ECU in a vehicle, for example, you instruct the switch to take that packet,” he explained.
Next page: Ethernet switch is the right place for security?