The evolution of connected cybersecurity for EVs and SDVs.
The automotive industry has undergone two paradigm development shifts in just the last few years. The evolution of EV and SDV architecture, and the introduction of the ISO/SAE 21434 standard and the UN R155 regulation, address the cybersecurity-changing threat landscape.
Other pivotal transformations pertain to the evolving modification of the supply-chain hierarchy, from a flat supported pyramid hierarchy to a dynamic and streamlined one, and the major transformation of the development structure from the traditional V-shaped development process to the most current continuous development infinity-shape cyclic structure.
In this document, we’d like to explore the evolving challenges for the automotive cybersecurity industry, and review the values and benefits that are created by emerging cybersecurity platforms.
Automotive cybersecurity and embedded development.
The introduction of the ISO/SAE 21434 standard has exposed three major weaknesses that the automotive industry needs to address urgently:
- The overwhelming absence of professional cybersecurity personnel
- The structure: From development to production release
- Continual monitoring requirements enforced throughout the entire lifecycle
Since the implementation and the obligation to meet the ISO standard, we are witnessing a real absence of cybersecurity professionals to lead the ISO compliance process. OEMs and Tier-1 suppliers are struggling to fully understand requirements of the standard and to grasp the new back-and-forth relationship between R&D teams and the coordination of cybersecurity operations.
ISO project-based activities are now performed at different points along the development process and could be construed as a danger for timetables and a potential source of SOP delays. The challenge is how to address the ISO requirements in parallel to development without creating conflicts. Traditionally, TARA is carried out first and pen-testing last, but in-house cybersecurity prioritization is often low on the list, creating a bottleneck effect and last-minute compromises.
A major growing challenge as a result of the ISO standard is the requirement of continual monitoring of cybersecurity, from development through to ELV (end-of-life vehicle). This requirement is extremely pertinent to Software-Defined vehicles due to continuous cybersecurity exploit breaches, some of which could take many years to surface. Today’s R&D is accustomed to a ‘creating and forgetting’ methodology, of development and release without regard to future cybersecurity threats. SDV ecosystems, as regarded by the ISO standard, are a continuous cycle of monitoring, expecting to discover and mitigate new exploits and vulnerabilities even 5-10 years after SOP. The way automotive R&D departments are structured today, they are poorly prepared for these types of scenarios and the challenge of maintaining and understanding the various software applications that will be updated constantly by OTA hotfixes during the next 5-10 years. This is one of the causes for the industry-wide shift from a V-shaped cascaded development process to the adoption of the infinity-shaped model of continuous cybersecurity as required by the ISO standard. This forces R&D to perform design, TARA, pen-testing, validation, and verification side-by-side with development. Accelerating dev-ops in perpetuity.
The challenges of continuous connectivity.
One of the advantages of the Software-Defined Era is the constant connectivity to vehicle systems, constant monitoring, and constant cloud-based updates and upgrades. The downside to this is the non-stop exposure to potential cybersecurity breaches that could be exploited in two major aspects: Safety and Financial.
In just the past few years we have been exposed to many malicious cybersecurity attacks and exploits on vehicles: From gaining unauthorized access to sensitive information, theft, or compromising the safety of passengers by controlling the vehicle’s functions remotely.
Some of the most common types of vehicle cybersecurity exploits are:
- Remote access attacks involve gaining unauthorized access to the vehicle’s ECUs and electronic systems through the internet, satellite, or other remote connections
- Wireless attacks involve intercepting or manipulating wireless signals used by the vehicle’s electronic systems, such as Bluetooth, Wi-Fi, NFC, UWB, or cellular signals
- Physical access attacks involve hackers gaining physical access to the vehicle and manipulating its systems to gain control
The main ECUs that are in danger of exploits are: The communication gateway, the on-board charger, the battery management system, the infotainment system, the E-motor inverter, any of the mobile apps, and the most dangerous to passenger safety: The ADAS & Sensors (Advanced Driver Assistance System).
The ADAS is increasingly becoming one of the focused areas for automotive original equipment manufacturers (OEMs) to enhance user safety. These systems are highly vulnerable to cyber-attacks, including unauthorized access and modification. The demands for cybersecurity solutions to address the growing threats around ADAS and safety systems are likely to grow significantly over the coming years. The ADAS vulnerabilities focus on two scenarios above others: Replacement of firmware, and validation of sensor input. As a solution, cybersecurity elements to the sensor-fusion algorithms are incorporated, and a thorough examination of the communication channels and subsystems is carried out.
The financial impact facet: Remote communication opens the door for malicious cyber-attacks that are already wreaking havoc financially through several attack paths: Keyless theft is a major concern both for car owners and insurance companies that have already altered their insurance modules.
Another potential financial exploit is breaching the in-car payment system. One of the more anticipated features of connected vehicles is the ability to upgrade and upsell advanced services and features to car owners. These mobile app features could be unlocked remotely, and the in-car payment system hijacked and exploited.
Karamba Security’s End-to-End Product Security and Services address all the challenges of the EV and SDV era, and provide OEMs and Tier-1 suppliers solutions that comply with the ISO/SAE 21434 standard and the UN R155 regulation, integrate into existing CI/CD systems from the development phase throughout the entire lifecycle, and do not affect SOP release dates.