VIEWPOINT: A SELF-DEFENSE STRATEGY FOR VEHICULAR CYBER SECURITY

Providing cyber security protection is the next frontier for the automotive industry, and every major automaker is stepping up efforts to make its vehicles more secure against possible attacks. Developers are rethinking system design. Many companies are employing “white hat” security experts to probe for weak points through which a malicious attacker could penetrate a car’s electronic network.      

These approaches help, but they are not enough and take time to develop, cautions auto cyber security expert Anuja Sonalker, vice president of engineering and operations, at TowerSec. She says the simplest way automakers can defend against a malicious attack, or even a Trojan car threat, is to create “smart” firewalls, adopt systems that can detect attacks should something manage to penetrate the system and secure over-the-air updates (OTA). Together, these will give plenty of opportunity to detect, defend and adapt as the attack shifts.

How big is the threat?

It’s no secret that vehicles today are vulnerable to hacking and compromise. It’s also true that it takes a lot of skill to hack a car today because there are many layers and steps to go through before reaching critical systems. But it is possible to break through, and that alone makes it a problem. Federal agencies are reacting and automakers have launched recalls to fix security issues no matter how unlikely they are.

A federal court ruling that likely future harm is sufficient to sue opens the door to more class-action lawsuits by victims of cyber attacks. According to “7 Tactics for Winning the Cyber War” by the law firm of McDonald Hopkins, board members may “find themselves in the crosshairs of shareholder derivative action alleging breach of fiduciary duty and/or regulatory enforcement actions.”

What is the scope of this problem?

It’s rapidly increasing as cars add more features that rely upon input from sensors used in everything from tire pressure monitors and lane departure warning systems to Bluetooth-enabled infotainment features and insurance company dongles. Today’s well-equipped cars already contain hundreds of sensors, and their electronic systems trust the input from these devices. Tomorrow’s self-driving cars will rely on even more sensors to make decisions.

A Gartner study says that by 2020 there will be 250 million connected vehicles on the road. That is a potential cost of billions of dollars for the automakers and their suppliers should they be hacked.

What’s the best way to enhance a vehicle’s cyber security?

One way is to start from scratch, but this is very costly and not very practical. TowerSec recommends a review of existing architectures so it can suggest improvements. This is incremental and not nearly as expensive, but it needs support at all levels within the company to be successful. The ultimate goal is to integrate testing by the carmakers with the activities of their tier one suppliers. This means designing and building security measures into systems and then testing the outcome. Fortunately, the auto industry is very good about testing and validation.

What’s wrong with testing for “holes” in a vehicle’s electronic network?

You simply cannot plug all the holes open to a hacker. It is like trying to plug all the holes in a fishnet. And the failure to find a hole doesn’t verify the system is secure. It tells you only that the testers who tried were unable to break in. In recently publicized vehicle hacks by “white hat” cyber security experts, it took months of effort—and physical contact with a vehicle—to find a way in. But they did get in.

How does TowerSec approach the threat?

TowerSec believes the answer is a robust intrusion detection system that detects and stops the attack before it completes. Our ECUShield software does just that.

TowerSec’s embedded software uses proprietary algorithms that watch over the vehicle’s networks. They can detect rogue messages on the network, kill them and invalidate future rogue messages. The software “learns” the intended behavior of the vehicle and builds an ability to defend the system if it detects messages that would go beyond those parameters. It can be configured to detect and report anomalies and, if prevention is turned on, automatically take steps to counteract a threat.

ECUShield even protects vehicles against hacking from a remote location. Once integrated into a vehicle’s ECU or telematics control unit, ECUShield provides continuous monitoring and prevents malicious communication from reaching mission critical systems inside the vehicle that could put lives and personal data at risk. In short, it turns any ECU into an Intrusion Detection and Prevention (IDS/IPS) system and any gateway ECU into a smart firewall.

ECUShield is flexible and can quickly be integrated into all vehicles, both new and used, with no redesign. Our TCUShield does the same on fleets.

Are there future cyber issues to consider?

We believe autonomous vehicles, vehicle-to-vehicle and vehicle-to-infrastructure communications will attract many more hackers, because the reward—capturing personal information about drivers, for example—is greater. There’s also a huge potential for damage. For example, a connected car that has been hacked could signal cars behind it there is no traffic jam ahead when in fact there is. This could cause collision problems.

A hacked car could cause other vehicles around it to ignore a traffic light. A compromised vehicle also can become a “Trojan car” by providing hackers with an access point and conduit to other more lucrative networks such as financial networks, where they can mine personal information.

Click HERE to learn more about TowerSec or visit http://tower-sec.com.