Too often, industries only turn their attention to cybersecurity after a high-profile data breach. Although the automotive industry hasn’t experienced this yet, key players are moving to prioritize cybersecurity now to protect driver safety. Issak Davidovich, Vice President of Research & Development, C2A Security, provides insight on why cybersecurity should be a top priority for OEMs.
Connected vehicles can host up to 150 electronic control units and run on 100 million lines of code; tomorrow’s vehicles may contain up to 300 million lines of software code. Operational systems such as navigation, entertainment, as well as safety-related informational features like hazard warning multiply attack surfaces, or vulnerabilities, that a hacker could exploit.
As cars become more computerized, connected, and complex, so does the cyber vulnerability of each individual vehicle. These vulnerabilities pose real functional safety risks. More vulnerabilities mean a hacker has a better chance of controlling a safety-critical function in the vehicle, like the automatic emergency braking system or rearview video systems.
The automotive industry is learning from its technology peers about prioritizing cybersecurity and recognizing its critical importance to functional safety. By first understanding why this should be a top priority for OEMs, the industry can then delve into the more technical aspects of how cybersecurity should be tackled as a safety issue: by clearly defining security and safety goals, aligning internal strategy, and observing the importance of keeping it simple.
Why Should This be a Top Priority for OEMs? Here’s an Example
Modern vehicles contain a number of critical fail-safe features that act as an additional layer of safety for passengers and drivers. Previously, these components were exclusively hardware and therefore unhackable. Now, they are connected to millions of computing devices, leaving them vulnerable to hacking from the outside. If a hacker is able to break into an automated braking system, they could bring about a crash that could result in injury to or death of the driver and passengers.
The industry is waking up to critical concerns like these and is beginning efforts to stop attackers in their tracks; an incident like the above example could cost lives, along with millions of dollars’ worth of consumer and regulatory backlash against the automotive industry. As a result, the automotive cybersecurity industry is seeing major investments in solutions to prevent malicious actors from tampering with connected vehicles.
One report estimates that automotive cybersecurity solutions will reach $837 million in investment by 2024, while organizations like Auto ISAC open channels of communication across fragmented supply chains and foster conversation around a holistic, industry-wide approach to cybersecurity.
Holistic Approaches to Cybersecurity & Safety in Practice
The approach to functional safety has been mapped out in the industry for decades. It’s common practice to ensure vehicles will operate safely, that systems are designed with failsafe measures, and that drivers and passengers are protected as best as possible in the event of a crash or other safety-critical event.
While cybersecurity practices are not as well established, this doesn’t make them any less safety-critical. The advent of connected vehicles means cybersecurity processes are now being prioritized and should be given the same treatment from automakers as functional safety.
The importance of regarding cybersecurity as a safety issue is clear, and millions of dollars in investments demonstrate that the industry is beginning to take these threats seriously. The question remains: what does this new paradigm look like in practice?
Contextualizing Cybersecurity & Safety Goals
Using perimeter devices and their protection as a contextualized example, this section will look at how safety and cybersecurity goals, and the cyber engineering and functional safety teams that execute them, should work in parallel to ensure the safety of connected vehicles.
In this example, the security requirement: “Services provided to wireless networks shall be secured” relates to the three core security goals:
- Ensuring that all services provided via wireless networks are secured;
- Keeping perimeter device security issues from leaking into main communications networks or backend servers; and
- Safeguarding core security information in its place.
These align with the safety requirement “Safety relevant systems shall provide methods to detect faults during operation” which relate to the safety goal “Faults in the operation of the system shall be detected.”
Approaching these goals as one set of newly established priorities represents an essential shift in thinking, one that defines the new dovetailed approach to cybersecurity and safety.
Previously, safety goals have assumed that vehicle systems are not actively being manipulated to cause harm. Updated safety goals will ensure that safety systems are free from weaknesses that can be exploited, that all systems will be fault intolerant, that faults can be detected and remedied, and that malicious network activity won’t compromise the overall security and safety of the vehicle.
Aligning these goals and requirements internally, as a team, is critical to the successful mitigation of security and safety risks. Protection of these safety-critical functions and connected vehicle assets will require input from cybersecurity and functional safety managers, as well as safety engineers and architects. A blended perspective will align safety and security goals, creating a new set of aligned requirements.
The Best Approach is Built Together
In conclusion, though increasingly complicated and complex, connected architectures mean vehicles in the future are more vulnerable to attack, and the industry is taking the steps it needs to align its safety and security approaches. By breaking down goals and requirements in both categories, automotive companies can adequately address the industry’s need to prioritize cybersecurity to make cars and trucks safer.
Issak Davidovich has more than 16 years of experience in leading embedded security teams. As Vice President of Research and Development at C2A Security, he leverages his extensive background in embedded devices and the complexities of automotive cybersecurity solutions on both client and cloud applications. Davidovich holds a BSc in Electrical Engineering from the Jerusalem College of Technology and MSc from the Hebrew University in Applied Physics.