Connected vehicles will be hackers' trophy

  • 14-Apr-2016 01:00 EDT
wcwdigitalexhaust.jpg

Toyota’s Derek Lewis and Denso’s Roger Berg ruminate on the many security challenges being detailed by Tejas Desai of Continental. (Terry Costlow)

Cyber security has swiftly gone from a loose concept to an issue that rivals quality, safety and other mainstays of design must-haves. It’s a multi-faceted challenge that extends from simple vehicle systems to cloud connectivity.

“The biggest challenge is how many interconnections there are to many different things,” said Tejas Desai, Head of Interior Electronics Solutions, North America, for Continental AG. “All different types of things connect to the vehicle and we don’t know about what’s on the other side.”

It’s not just the dark side of the Internet that concerns automakers. While hackers are a major concern, automakers must also ensure that a disgruntled employee at a supplier does not create problems.

“Threats are not just external, they can be internal, from within the company or the supply chain,” said Joe Kwederis, Principal, Deloitte & Touche. “That’s not to discount that a predicted 200 million connected vehicles by 2020 will be a huge target, vehicles will be a real trophy for hackers.”

Companies have to protect systems that might not seem to be of interest to hackers. But mundane systems could be taken over by extortionists who search for easy targets.

“Even the heating-air conditioning system has to be protected,” said Roger Berg, Vice President at Denso International America. “You might well wonder who would attack that, but it’s still something we have to consider.”

Experts described a number of issues that arise with connectivity during the 2016 SAE World Congress Panel, “Controlling Digital Exhaust: Cyber Risk and Security in the Age of Autonomous and Connected Vehicles.”

Panelists all cited the need for defense in depth, with a number of layers of protection to an attack that bypasses one protective technology will be caught by another security feature. Many of the charts presented showed scores of factors that must be considered and options that can be implemented.

That has made security an integral part of development programs, much akin to functional safety. It’s becoming a part of processes within Toyota and its suppliers.

“In every development project I’m part of at Toyota, the OEM and suppliers work closely together for a common goal,” said Derek Lewis, Manager, Electronic Systems at Toyota Technical Center. “It’s really critical to have a constant discussion back and forth.”

Corporate searches for solutions extend outside the automotive industry. Many are tapping information technology teams and military providers who have dealt with security for years.

“We want to partner with companies in other industries,” Desai said. “We want to gain insight from what they’ve already learned.”

Companies must also address long term factors. Hackers will be looking for vulnerabilities throughout the vehicle’s life cycle, so it will be important to deal with evolving threats. Information sharing may become common.

“We need global standards about how to react to attacks and minimizing vulnerabilities,” Berg said. “The industry has to look at the complete life-cycle domain, from concept through decommissioning. We need to look at life cycle of 15 years. The attack surface is a long-term thing.”

Panelists also noted that it will be helpful to provide a way for relevant companies to share information about attacks. That way, it will be easier for them to stay up to date. When companies learn about new types of attacks, they can create fixes and send them out using over the air updating technology. Updates are seen as an essential tool in the OEMs' security arsenal.

“There has to be a refined tracking system for attacks,” said Richard Popovich, Executive Vice President of FEDITC LLC. “The risk will turn more to OEMs if there are accidents. OEMs have to ensure that updates are installed to minimize their risks.”

Share
HTML for Linking to Page
Page URL
Grade
Rate It
4.43 Avg. Rating

Read More Articles On

2016-07-15
Validation testing of the new 2-step VCR by several OEMs has been successful to date and is expanding, as the industry examines more sophisticated solutions to meet CO2 regulations.
2016-07-15
Known internally as UTSB, the ultra-thin seats were designed in-house by GM and are supplied by Magna Seating.
2016-08-03
JaguarLandRover is pouring significant R&D resources into all-terrain automated and driverless technologies.
2016-09-10
The G-Vectoring Control name is a bit of a misnomer. It is not a torque-vectoring system aimed at dramatically improving race-circuit lap times. Rather, the purpose of the system is to endow the vehicle with refined and natural smoothness in normal day-to-day driving environments.

Related Items

Training / Education
2010-03-15
Standard
1971-01-01
Standard
1990-01-01
Technical Paper / Journal Article
2004-11-16
Standard
1990-01-01
Technical Paper / Journal Article
2004-11-16
Standard
1990-01-01
Technical Paper / Journal Article
2004-03-08