Putting a Stop to Hackers with the UNECE
With increasing interconnectivity, vehicles also offer criminals more scope for attack. Security is therefore becoming an even higher priority for manufacturers and their suppliers. In addition, UN regulations impose new requirements – a challenge that IAV is tackling.
No motorist wants to experience something like this: From the sofa, two hackers from the “Wired” magazine demonstrate a remote attack on a Jeep Cherokee in 2015. From a distance, the two will take control of the vehicle, switch off the engine, deactivate the brakes and intervene in the steering. How could this happen? The vehicle’s control unit architecture was insufficiently protected by Wi-Fi and mobile communications, and the other entrance gate to the attack was inadequately secured software updates. A series of security problems enabled the two hackers to take control of the vehicle via radio.
Today, many vehicle manufacturers and their suppliers must struggle with security problems: The number of known cybersecurity attacks has increased sevenfold between 2010 and 2019, according to the Upstream Security Global Cybersecurity Report 2020. This is because with increasing interconnectivity, the targets and possibilities for attacks on vehicles are multiplying – whether via charging stations, vehicle keys, Wi-Fi, Bluetooth or mobile communications, to name just a few examples. And in the future, too, the problem is likely to grow rather than shrink: Already today, more and more functions are being combined on domain computers. In the future, these will be at least partially outsourced to the cloud – and thus create new targets for attacks.
Combine security and safety
How can this be prevented? An important step is to combine security and safety, i.e. cybersecurity and vehicle safety. An attacker only needs to find one way to attack a vehicle, while the developers need to know and protect all of them. This means that the safety systems in the car can be infiltrated in a targeted manner by a remote attack, as in the example above. Safety and security are thus closely related – even if in the past they were usually considered separately.
The United Nations has also intervened to further improve the cybersecurity of vehicles: The Working Party on Automated/Autonomous and Connected Vehicles
(GRVA) within the UN/ECE Economic Commission is working on a new regulation on cybersecurity and software updates. Comprehensive changes are planned, which, although not yet fully in force, will already have an impact on the work of manufacturers and suppliers, as they will be relevant for type approval from 2022 and for all new registrations from 2024.
A central point of the new regulations is that manufacturers, subcontractors, suppliers and potential third parties will in the future be jointly responsible for improving the security of systems in vehicles. In doing so, all must prove that they meet the official requirements in terms of the principles of security. In the future, vehicle architectures must be designed in such a way that by overcoming one component it is not possible to access the next. In addition, it will be the task of companies in the future to digitally monitor cybersecurity throughout the entire life cycle of a vehicle and to react to incidents accordingly.
A mammoth task for vehicle development
This is a mammoth task for all those involved – including IAV. For example, all ECUs with security relevance must be checked and functions such as a dedicated security module for communication (e.g. Autosar SecOC – Secure Onboard Communication) must be added. The new standards also fundamentally change the customer process: This means that a risk analysis will be central to every system and every function in the future.
IAV is already working flat out to master this complexity and implement the new standards. For instance, the company is currently redefining processes and roles – also together with customers. We are also expanding the methodological expertise of our employees through security training. Furthermore we are already conducting risk analyses on behalf of our customers. Although there is still some work ahead of us in implementing the directive – the goal is clear: We do not want to give hackers a chance.
IAV offers special expertise and experience in …
- the establishment of a cybersecurity management system
- the analysis of threats and risks
- the creation of cybersecurity concepts on process, product and information level
- the design of vehicle architecture with domain separation
- the observation of hacker progress, CVEs and CWEs (especially for FOSS software)
- penetration tests
UN-ECE WP.29: New rules for cybersecurity (CS)
Cybersecurity requires the vehicle to have:
- Architecture with domain separation
- Security protection for critical vehicle systems such as systems with an influence on:
- external interfaces
- safety (including longitudinal and lateral acceleration)
- availability (including theft protection)
- type approvals
- personenbezogene Daten
- Manipulationserkennung (Intrusion Detection)
Cybersecurity erfordert von den Unternehmen u. a.:
- Eestablish a Cybersecurity Management System (CSMS)
- introduce processes and responsible persons (roles)
- manage security for suppliers and service providers
- identify, assess and respond to risks
- monitor attacks, threats and vulnerabilities (e.g. hacking successes, quantum computers)
- continuously evaluate the effectiveness of previous measures
- always be ready to respond to (detected and threatened) attacks
- quickly deploy security patches even after EOP
The article was published in automotion 02/2020, the automotive engineering magazine of IAV. Here you can order the automotion free of charge.