Access Successfully Denied

Security and privacy: IAV advises its customers on designing and implementing protective measures

How do you prevent access to the technical systems in the vehicle and to the user’s personal information? This is a subject IAV is focusing much attention on – because in the light of increasing car connectivity, security and privacy will become key selling points in future. Many tried and proven concepts from the world of IT can be applied to the vehicle. Initial prototype implementations show how sensitive data can be protected.

Vehicles have always held a magical attraction for criminals. “You only have to think of car thieves who are making it necessary for manufacturers to develop ever more secure access, driver authorization and anti-theft systems”, says Kai Feuerstake, Senior Vice President for Software Development and Security at IAV. “The many different interfaces and vehicle connectivity are adding a new dimension in vulnerability. For instance, remote keyless entry, telephone connection, Wi-Fi or Bluetooth not only provide ways of getting useful data into the car but also malware.”

Alongside the mechanical security precautions, digital protective measures are more important than ever today. They need to cover five main protection goals – the integrity, authenticity, availability, confidentiality and trustworthiness of data. This applies to data communication within the vehicle as well as from the vehicle to the outside. In particular, data protection focuses on personal data.

Encryption and digital signature

In developing protection mechanisms, the engineers must not only bear in mind the vehicle’s internal but also its external communication. Internally, the focus is on communication between the control units. End-to-end encryption of data packages could reliably hide their content and prevent unauthorized access. Although many OEMs are already considering relevant approaches, this demands high computing capacities and puts heavy strain on the network.

Less complicated is the signing of messages on the vehicle buses. Here, the data are transferred in plaintext which means they can be read by others. “Signing messages makes any unnoticed manipulation of data far more difficult – and that is ultimately what matters”, explains Friedhelm Laubenstein, Senior Vice President for Electronics & Diagnostics at IAV. “For this purpose they are provided with an identification which helps to detect any change.” Current vehicle architectures do not yet allow for this. However, initial platforms are already being developed for volume production.

Very similar protection mechanisms are also to make vehicles’ external communication secure and deny hackers access to technology. Together with its partner, Hewlett Packard Enterprise (HPE), IAV showed how this can work in practice at CES 2017. The cloud car – a modified SEAT Leon Cupra – was linked with the HPE’s IoT platform, making cloud services part of several vehicle functions. Developed by IAV, a secure communication gateway had the task of identifying and warding off attacks. And it put on an impressive performance: all simulated attacks via wireless media, such as Wi-Fi, LTE and Bluetooth, were successfully averted.

“Unfortunately, though, there’s no universal remedy for this. The specific measures applied largely depend on the particular platform topology, such as on the given modular system and its architecture”, Feuerstake notes. “We see ourselves as a discussion partner for clients.” Of paramount importance was the “Security by Design” philosophy. The matter of security must be included from the very start – subsequent measures are harder to implement and, in most cases, only a compromise.

Anonymizing personal data

Besides security, the subject of privacy is taking on ever greater significance, i.e. protecting personal data. Their number is growing all the time. Today, for example, vehicles collect journey geo data and information on the vehicle owner’s driving style.

In future, these may be joined by biometric data, such as from fitness tracker wristbands. “Here, it’s important to discard or anonymize the identifying data as soon as possible so that they can’t be matched up to a specific person anymore”, Laubenstein says.

Many of the technologies needed for security and privacy are already available and have been used in the IT world for many years. “We don’t want to re-invent the wheel but get the tried and proven protection mechanisms into the vehicle. This is why we are involved in standardization bodies like AUTOSAR that work on security in the vehicle”, Feuerstake says. “Even today, a large part of our team is focusing attention on security and privacy. We are looking forward to joining our customers in driving developments forward in future.”

Security, Privacy, Safety: What’s what?

Security refers to protecting technical information. It aims to prevent the possibility of unauthorized data manipulation or the unintentional disclosure of data.

Privacy relates to the protection of personal data. It aims to prevent data from being used without the content of the person concerned.

Safety refers to the vehicle’s operational safety. It aims to ensure that safety-critical functions work reliably in every situation.