This is how IAV vaccinates vehicles against cyber viruses

Cybersecurity is the subject of tomorrow’s mobility: Autonomous driving and the networking of vehicles are increasingly targeted by hackers and must be reliably protected from attacks. Together with easycore GmbH and the University of Applied Sciences Hamburg (HAW), IAV has developed a concept that secures networked vehicles.

This research protects human lives: “Every new online interface that is integrated into the vehicle is a door for hackers who want to attack data and programs,” explains Professor Falk Langer, Team Manager Connected Systems Technology at IAV and Foundation Director for Connectivity and Services Automotive Software at the University Mittweida. The defense against cyber attacks on vehicles is not only about possible economic damage that can arise from extortion, recalls or image loss. IT-Security is a key requirement for successful innovations in the area of intelligent mobility.

That is why the project partners launched the “SecVI: Security for vehicle information” research project in 2018, with which vehicles can detect attacks early and prevent them from being robust – without having to change all existing vehicle components. This makes driving with networked cars safer. “Vehicles are now rolling computers, all of which are connected to each other,” so Langer. “They are constantly online, communicating with each other and with the backend.”

As in martial arts: Recognize and block attack

The partners of the research project – IAV, easycore GmbH and the University of Applied Sciences Hamburg (HAW) – have developed intelligent methods for the control, monitoring and reconfiguration of networks in vehicles in order to protect our increasingly interconnected vehicles. The IAV-initiated Automotive Cyber Defense Center (ACDC) coordinates these procedures and monitors the flow of messages between the car and infrastructure, as well as between control units, software components and services (for example, navigation devices) on three levels. The first two levels always transmit abnormalities to the IAV ACDC.

Easycore provides a firewall for the Controller Area Network (CAN) for the first level, which protects the vehicle and its control units and blocks faulty communication at an early stage. For the second step, the HAW has developed software that can protect the vehicle network thanks to intelligent building blocks. These building blocks enable communication flows only if they comply with the previously defined network access control rules. A self-learning anomaly detection completes the protection on a third level: Thus, attacks can be identified and prevented. The concepts of the SecVI project were evaluated in a demonstration vehicle.

How does the Automotive Cyber Defense Center work?

Autonomous driving is only possible if driver assistance systems use a variety of information from different sources. The data from the immediate environment of the vehicle must be processed with information from the Internet (weather, traffic, etc.) in the operating control of the car.

«OEMs are becoming the vehicle operator from the manufacturer, because the cars are almost a server that is always online and must be permanently protected.»

Falk Langer — Team Manager Connected Systems Technology at IAV and Endowed Professor for Connectivity and Services Automotive Software at the University of Applied Sciences Mittweida

This requires different security levels: In the control unit, in the vehicle and beyond.

IAV integrates the findings developed in the SecVI project into current developments on cyber security monitoring and incident response, i.e. reactions to threat situations. The resulting products and services can be used by OEMs, smaller vehicle specialist equipment or also in agriculture. The ACDC is to be offered as a service: The data from the vehicle or the vehicle fleet are first recorded and analyzed. When a threat is detected, the response is made to ensure the safety of the individual vehicle as well as the safety of entire fleets.

Security specialist Langer describes possible scenarios: If a car is attacked, the virus can spread to other vehicles through networking. Because the vehicle is networked to the ACDC, safety algorithms detect the anomaly. But drivers don’t have to rely on technology alone. “Our staff will then take the necessary countermeasure and put the car into which the virus has penetrated into a quasi-quarantine. This prevents transmission to other vehicles,” Langer describes the functioning of the ACDC. In short: Algorithms take over basic monitoring, recognize the threat situation and human personnel take action in the event of an emergency. The security engineers must then carry out a forensic analysis based on the development of an update that can be corrected.

However, because the development of safety updates can take between a few days and many months depending on the problem, the vehicles must be protected differently in the meantime. “Certain services, such as the traffic information of the navigation systems, or even control unit functions, can be temporarily disabled. Individual online functionalities are then not available until the update is available,” explains Langer. “The services that are absolutely necessary for the basic functionality of the vehicle are transferred to other computers by means of reconfiguration and continue to function.” With limited functionality, the safe operation of the vehicle is thus ensured. With the ACDC, IAV is thus paving the way for a secure and autonomous mobility of the future.