SECURITY CHALLENGES IN THE SMART CAR

Similar documents
Secure software updates for ITS communications devices

Security in Vehicle Networks

The relevance of cyber-security to functional safety of connected and automated vehicles

Acquisition of Novero. Investor presentation 18th December 2015

Identification of Authenticity Requirements in Systems of Systems by Functional Security Analysis

Security risk analysis approach for on-board vehicle networks

Telematics Workshop: Remote 2-Way Communication Meeting Results

Automotive Software Development Challenges Virtualisation and Embedded Security

Mentor Embedded Automotive Solutions

Vehicular On-board Security: EVITA Project

Customer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions

Automotive and Industrial Data Security

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications

Technology.Transfer.Application.

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE

Frost & Sullivan Cybersecurity Presentation

EB Automotive Driver Assistance EB Assist Solutions. Damian Barnett Director Automotive Software June 5, 2015

Developing software for Autonomous Vehicle Applications; a Look Into the Software Development Process

AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems. Robert Leibinger 5 th June 2015

Mentor Embedded IVI Solutions

The research area of SET group is software engineering, and model-based software engineering in particular:

What is Really Needed to Secure the Internet of Things?

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

Key requirements for Interoperable IoT systems

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis,

Crucial Role of ICT for the Reinvention of the Car

Toward Connected Vehicle with AGL

S E P T E M B E R

SNAPPIN.IO. FWR is a Hardware & Software Factory, which designs and develops digital platforms.

For the Future IT Convergence Vehicle Connected & Downloadable Infotainment Platform. Pusik Park. Korea Electronics Technology Institute

GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M

Advanced Electronic Platform Technologies Supporting Development of Complicated Vehicle Control Software

Automotive (R)evolution: Defining a Security Paradigm in the Age of the Connected Car

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.

Cyber-Security in the Connected Car Age

PEMS Conference. Acquiring Data from In-Vehicle Networks. Rick Walter, P.E. HEM Data Corporation

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Security in ST : From Company to Products

A Survey of Existing Technologies, Applications, Products, and Services for Geofencing

EMX-2500 DATA SHEET FEATURES GIGABIT ETHERNET REMOTE CONTROLLER FOR PXI EXPRESS MAINFRAMES SYSTEM LEVEL FUNCTIONALITY

2016 North American Over-the-air Update Enabling Technology Leadership Award

CYBERSECURITY FOR THE AUTOMOBILE IS THE CAR OF THE FUTURE STILL A CAR?

In the pursuit of becoming smart

Challenges for the European Automotive Software Industry

Over-the-Air Software Updates: Deployment Strategies

EB TechPaper. Test drive with the tablet. automotive.elektrobit.com

Symantec Client Management Suite 8.0

In-Vehicle Infotainment. A View of the European Marketplace

Car Data New access via telematic systems. Maja Berends, ADAC. 12 September SEPT 1

Secure Services and Quality Testing SST. Security Engineering Privacy by Design Trusted Solutions. Mario Hoffmann. for Service Ecosystems

Introduction CHAPTER 1

Security Security by Separation

The Vision of Vehicle Infrastructure Integration (VII)

Enterprise M2M Solutions. Fast, Flexible, Cost Effective

About the Authors Preface Acknowledgements List of Acronyms

Web of Things Architecture

Wearable Technology Evolution & Security: Grant Brown - Security Strategist Symantec

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri

WIND RIVER SECURE ANDROID CAPABILITY

DesignWare IP for IoT SoC Designs

Introducing BEEKS Proximity Solutions. Developer Kit Gets You Started

Keeping Up with the Data & Security Demands of the Automotive IoT

Integrated Engineering Solutions

AN INTEL COMPANY WIND RIVER AUTOMOTIVE SOLUTIONS

Embedded Java & Secure Element for high security in IoT systems

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Cyber Security and Privacy

An OSGi based HMI for networked vehicles. Telefónica I+D Miguel García Longarón

INSTALLATION FUTURES - ITS IN YOUR VEHICLE FCS / ITS (UK) EVENT, DAVENTRY, 19 MAY Alan Carter Consultant to innovits

ARC Forum Orlando 2015 Building a Secure Industrial Internet of Things

IoT Security Concerns and Renesas Synergy Solutions

Bellevue University Cybersecurity Programs & Courses

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

Industrial Application of MultiPARTES

RIOT CONTROL The Art of Managing Risk for Internet of Things

JEREMY SALINGER Innovation Program Manager Electrical & Control Systems Research Lab GM Global Research & Development

Testing the Internet of Things

Security, Cloud. Guy Pujolle

TOP 3 STRATEGIES TO REDUCE RISK IN AUTOMOTIVE/IN-VEHICLE SOFTWARE DEVELOPMENT

Enabling Smart Data on M2M Gateways and Aggregators

Network Security in Building Networks

Data Protection: From PKI to Virtualization & Cloud

IOTIVITY AND EMBEDDED LINUX SUPPORT. Kishen Maloor Intel Open Source Technology Center

Advanced Safety. Driver Vehicle Interface Collision Avoidance & Mitigation Vehicle Communications. Helping industry engineer safe vehicles

NXP s Solution to ecall Brussels, October 19 th, 2010

ACEA PRINCIPLES OF DATA PROTECTION IN RELATION TO CONNECTED VEHICLES AND SERVICES

Secure Communication Made Easy

Enabling Secure Mobile Operations with Commercial Products

Hitachi Europe R&D. Dr. David Williams. Activity in Europe. Hitachi Cambridge Laboratory. March 2014

rm Management apping eather iagnostics Integrating ntroller adcell/sensors lematics

Where Do You Draw the Creepy Line? Privacy, Big Data Analytics and the Internet of Things

Paradigm shift in insurance policies

Ethernet Oriented E/E Architecture with CAN Virtualization for Automated Driving Vehicles

Chris Boykin VP of Professional Services

Introduction: Why do we need computer networks?

The Internet on Wheels and Hitachi, Ltd. By Hitachi Data Systems

Introduction Chapter 1. Uses of Computer Networks

Security for the Internet of Things (IoT) John Yeoh, IoT Working Group

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

An Overview of NHTSA s Electronics Reliability and Cybersecurity Research Programs Paper ID Abstract

Transcription:

SECURITY CHALLENGES IN THE SMART CAR BASED ON ELA / SYSTEMX (http://www.irt-systemx.fr/project/ela/?lang=en) & ECO-FEV / FP7 PROJECTS RESULT (https://www.eco-fev.eu/) W. KLAUDEL 26/11/2015 GROUPE RENAULT

AGENDA Car evolution and cybersecurity threats Why such interest today? ELA/SystemX project contribution to cybersecurity challenges Methods, Architecture and Technology eco-fev/fp7 project contribution to the Identity and right management for extended car & enterprise Service delivery and identity management separation, federative approach (OpenID) W. KLAUDEL 26/11/2015 2

CAR EVOLUTION AND CYBERSECURITY THREATS In the past Today Threats electronics dysfunction Threats. + direct attacks from the Internet! theft of personal data navigation and infotainment dysfunction mass attacks possible Threats. + car theft theft of personal data TCU safety critical electronics W. KLAUDEL 26/11/2015 3

CAR EVOLUTION AND CYBERSECURITY THREATS Tomorrow Services Remote access to the car sensors (position, temperature, cameras,...) Diagnostic and remote update (OTA) Remote control (PC, smartphone...): preconditioning, opening Keyless access & start (smartphone, biometric wearable...) => car sharing ADAS (passive, active, cooperative) Autonomous driving Production After sale / Help Desk Services RSU Biometric Isolated TCU architecture no more possible remote (mass) sabotage threats have to be considered!!!! W. KLAUDEL 26/11/2015 4

CYBER SECURITY THREATS: MITIGATION ACTIONS Strengthening cybersecurity milestones in the V cycle & objectification of the about risk evaluation, standardization and certification (like ISO 2700x and Common Criteria) EE architecture adaptation to new threats More cyber security technology in all EE components W. KLAUDEL 26/11/2015 5

SystemX ELA project Projet ELA Electronique et Logiciel pour l Automobile Challenges Create architectural patterns ensuring the tradeoffs between scalability, safety, security and cost Propose methods and tools to control the costs of design and validation Create the technological components for "affordable architectures Tasks (work packages) T1: Real time virtualization T2: Image processing, data fusion for ADAS T3: Safe algorithms for Autosar multicore architectures T4: Cybersecurity

ELA : end user use cases / services ADAS Emergency stop, raised by ITS geonet or pedestrian recognition Automatic parking (monitored by the user from his smart device) Lane and Distance Keeping Assistance NAVIGATION AND INFOTAINMENT Internet access, Internet radio Connected navigation with Points of Interest Integrated HMI and vehicle equipment personalization OTHERS Vehicle access, preconditioning and start through Internet using Smartphone Software installation and update through Internet (OTA) E-Tolling, ecall Display of vehicle environment on the driver smartphone or tablet Remote diagnostics

Cybersecurity Risk Management: an optimization problem Design space {product definition x architecture & protections} => {attacks, consequences of successful attacks} Attack tree Attack goal: attacker aim, e.g. car theft, sabotage of brakes while driving at high speed Attacked function: attacked vehicle function, e.g. automatic brake Attack method: technical idea of attack, e.g. install unauthorized software Attack on asset: attack technique which is applied to an asset, e.g. message injection on the Ethernet interface of the Image Processing Unit (i.e. the asset) Attack entry point: attack entry point in the vehicle, e.g. 3G/4G interface of the Communication Unit (CU). consequences attack probabilities Optimization objectives Propose architecture and protection mechanism in order to: Min. cost Max. performance, usage facilities Min. risk, i.e. (consequence * probability) Problem definition Degree of freedom

ELA RISK ANALYSIS METHOD: ATTACK TREE Attack goal: attacker aim, e.g. inhibit/lock brakes while driving at high speed R=F(S,C,A): attack goal risk (vector) S: severity vector : Safety, Privacy, Financial, Operational C: controllability for safety related attacks A: attack probability Attacked function: attacked vehicle function, e.g. automatic brake Attack method: technical idea of attack, e.g. install unauthorized software, communicate falsified information Attack on asset: attack technique which is applied to an asset, e.g. message injection on the Ethernet of the IPU (Image Proc. Unit) Attack entry point: attack entry point to the vehicle, e.g. 3G/4G interface of the Communication Unit (CU). Two applications for elaborated method: 1. Security requirement establishment for all Attack goals qualified by R, S & C => maximum of accepted probability A for all Attacks on assets: 2. Security audit for all Attack goals qualified by S & C and known A for all Attacks on assets => R for all Attack goals (A calculated according to known protections) 9

CYBERSECURITY MILESTONES IN THE V CYCLE Attack goals (*) Concepts of operation Verification and validation Operation and maintenance New risk monitoring and countermeasures (*) Risk analysis and security requirements (*) Requirements and architecture System verification and validation Risk analysis and audit (*) Security mechanism selection (*) Detailed design Integration, tests and verification Pentesting, certification (*) Implementation Security mechanism implementation (*) (*) security add-ons

ELA attack goals Car stealing Personal data theft (credentials included) Sensor information access (position, camera, temperature ) Navigation/infotainment malfunction Preconditioning/personalization activation/deactivation/malfunction Vehicle immobilization Braking inhibition, untimely braking or steering movement

ELA, Secure architecture, defense perimeters Internet radio source Internet web sites OEM OEM & partner clouds radio GPS Internet Internet network access : 3/4 G, WI-FI Internet network access : 3/4 G, WI-FI, G5 Internet Vehicle Communication Unit Switch/Router Ethernet IP Dashboard Other displays Three defense perimeters Infotainment Control Unit Vehicle Control Unit Image Processing Unit CAN ECU ECU ECU ECU ECU ECU Body & multimedia Powertrain & chassis

SECURE ARCHITECTURE: VIRTUALISATION Cellular GNSS G5 BT Radio broadcasting IP connectivity gateway Safety related service gateways (ecall, G5, GPS,..) Hypervisor No safety related service gateways (phone, radio, http...) Communication Unit (Antenna module) - Virtualization & partitioning - IDS & IPS - Secure boot IP comm. Ethernet USB Hypervisor Autosar GENEVI Android IP comm. Infotainment Control Unit - Virtualization & partitioning - Secure boot CAN Ethernet

Execution environment and security Secure boot and signed dynamic modules Application security : authentication and access rights (vehicle access included) Application separation OS applications Virtualization Communication and security Protocols & authentication/signature/encryption (authenticity, non repudiation, confidentiality, anonymization) CAN (*), Ethernet, WI-FI, 3/4/5 G, G5, Bluetooth, USB But also application level: http, CoAP, Some IP, Webservices. Hardware Security Modules (HSM) TECHNOLOGICAL COMPONENTS / FUNCTIONALITIES Cryptographic hardware acceleration, secure storage, secure execution zones (*) project proposed patent

eco-fev efficient Cooperative infrastructure for Fully Electric Vehicles Witold KLAUDEL, Renault This project is co-funded by the European Union

Identity and right management, extended car & enterprise, eco-fev/fp7 project eco-fev: efficient Cooperative infrastructure for Fully Electric Vehicles (Sept 2012-June2015, 4,3 M ) set of mobility services based on learning machine Hitachi Europe (coordinator), CEA, Centro Ricerche FIAT, Conseil Général de l Isère, EICT, ENERGRID, Facit Research,Politecnico di Torino, RENAULT (use cases, architecture, system spec), TECNOSITAF and TU Berlin Public transport operators Road infra operators Car rental operators Services Trip planning, assistance & monitoring Charging & parking facility operators Urban delivery operators Data collection & mining Monitoring & Optimization Weather info & map providers Banks 16 FEV, drivers & travelers

Design orientation eco-fev IT solutions as a support for business model flexibility Banking Banking Identity Management (users, cars) OpenID & OAuth Unique subscription Service delivery and identity management separation, federative approach (OpenID) Route planning & navigation Data collection & aggregation Integration & applications Operator Operator Internet of things style, web-services eco-fev ontology HMI & raw service separation Road infra. Road infra. Operator Operator Parking & Charging Parking & Charging facility operator facility operator 17 Backend function Reference implementation Energy provider

STILL NEED TO BE WORKED Normative approaches, risk management, validation / certification ISO, SAE (J3061)=>ISO, ETSI (TVRA) Identity and Right management life cycle: production, sale, after sale, second hand market, destruction Cars, parts Drivers & passengers Car makers, parts manufacturers, road infrastructure (car2x), service providers Federative approach introduction Architecture Hardware acceleration on SOCs & Linux, Autosar integration Communication protocols, network management Defense in Depth Embedded IDS / IPS (use of hardware acceleration) W. KLAUDEL 26/11/2015 18 18

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information