For security experts, connectivity is the gift that keeps on giving. The number of threats will increase rapidly as more vehicles are connected, and vulnerabilities on older vehicles will be in constant need of updating.
Tier 1s and OEMs have many reasons to worry about hackers, and the use of vehicles in terror attacks makes them a concern for security agencies at many levels. While successful real world attacks are still quite rare, many observers fear that things could change quickly.
“I don’t think we’ll have a gradual change,” said Dan Massey, Cybersecurity Program Manager at the U.S. Dept. Of Homeland Security. “I’d love to see a slow progression starting with one or two one-off attacks. I fear we won’t have the opportunity – that it will go from seeing nothing but a few cyber-attack demonstrations to tens or hundreds of thousands of vehicles to be concerned about.”
Massey and other panelists at the SAE WCX 2017’s “Vehicle Cybersecurity and the IoT” session cited a number of instances where connectivity has the potential for considerable problems. Kevin Harnett of the Dept. of Transportation’s Volpe Center noted that new vehicles acquired by the FBI, U.S. Border Patrol and other agencies have factory-installed connectivity, raising the dangerous possibility that their movements and locations can be tracked.
Graham Watson of Stinger Ghaffarian Technologies expressed concern that equipment from various levels of the supply chain could be compromised, creating vulnerabilities in vehicles if malware is not detected. Large fleet vehicles may be particularly vulnerable to attacks, partially because of their long lifetimes.
“Trucks are often 20 years old; the architectures you see on the road now are quite outdated,” said Andre Weimerskirch of Lear Corp. “They do not have separation between networks, and they use standardized CAN messages. Once there’s a successful hack into the telematic system, hackers have access to the vehicle network, they can speed up the truck or control the brakes.”
There’s a lot of work aimed at preventing attacks. In 2015, the industry formed the Automotive Information Sharing and Analysis Center (Auto ISAC) to focus on cybersecurity. Executive Director Faye Francy described an extensive Best Practices project that was created to provide guidelines for suppliers. Panelists also noted that SAE, IEEE and NHTSA are also working diligently to help the industry ramp up its security efforts. Efforts span the entire supply chain.
“The semiconductor industry has risen to the challenge,” said Brian Murray of ZF-TRW. “They put hardware security modules on chips.”
Testing systems for security is an area that still requires more work. Panelists agreed that penetration tests should be performed, often by outsiders rather than staffers who helped create the system under test. While some suggested standardizing penetration testing to ensure that companies address a wide number of potential vulnerabilities, that was not a consensus opinion.
Penetration testing has to be a very creative process,” said Russ Bielawski of the University of Michigan. He also noted that over the air updating will be an important factor. As new threats emerge, vehicles already on the highway will need to be updated. However, these updates must be extremely secure, since they alter the firmware that controls the vehicle. That will make updates an attractive target for hackers, panelists agreed. Attacks that are deep within the vehicle may be particularly difficult to address.
“If a Tier 4 inserts compromised code in a module and the OEM authorizes it, how will companies deal with compromised code that’s been certified?” Lear's Weimerskirch mused. “Most companies aren’t able to do anything about that.”