Published on August 23rd, 2016 | by Daniel Sherman Fernandez0
Harman Responds to New Security Challenges Posed by Rise of Car Connectivity
Automotive electronics giant HARMAN is pioneering the new field of automotive cyber security, as the prospect of cyber-attacks on vehicles becomes an increasingly serious one. More and more users are embracing the ‘connected car’ and, in theory at least, any form of wireless link – even via a separate mobile phone or tablet – could provide the conduit that hackers need to launch an attack.
There seems to be a unique brand of fear associated with the idea of car hacking. One minute you’re driving down the road merrily listening to the radio and the next someone remotely hijacks your car. Brakes jammed on in the middle of the motorway; headlights disabled in the dead of night; stereo suddenly playing Justin Bieber. None of it bears thinking about.
Of course, the reality is rather different. To date, there hasn’t been a single instance of malicious car hacking – the examples that have made the headlines all involved engineers or researchers experimenting under controlled conditions. In most cases it also required a cable to be physically plugged into the car.
HARMAN has devised a specially-developed 5+1 security framework which consists of a series of layers that protects the car’s head unit from being compromised and used as a portal into the in-vehicle network (something which could jeopardise safety critical systems). It can be thought of like the layers of an onion:
- At the deepest level, a secure hardware platform provides a safe place to store cryptographic keys and execute highly-sensitive operations in a secured manner.
- Safety-critical functions are isolated from the infotainment system using what’s known as a hypervisor. This concept – originally developed for supercomputers – allows two completely separate operating systems to run off the same hardware. It makes it extremely difficult for an infection on one side of the system to spread to the other.
- The next level controls access to the memory, storage and peripherals. It essentially determines who has access to what. If, for instance, your CD player suddenly wants to control the brakes it’s a good indication that something is wrong.
- Next comes the sandbox function. This keeps newly downloaded applications separate from the core system so they can be disabled and removed if they’re found to be harmful.
- The fifth level is the network protection system. This controls the flow of information into and out of the car, looking for any signs of intrusion. Working on two levels, ECUSHIELD turns the vehicle’s ECU into an Intrusion Detection and Prevention (IDS/IPS) system and smart firewall to protect critical communications within the car. It continuously monitors the vehicle to provide real-time detection of malicious communications and prevents them from reaching the vehicle’s critical systems. Meanwhile, TCUSHIELD protects infotainment and telematics systems.
- The final ‘plus one’ level is the ability to install over-the-air (OTA) updates to various systems within the car such as the navigation, engine management and infotainment systems. By keeping the software up to date, it helps to ensure that the car is protected at all times.