Page 25 - EE Times Europe Magazine – June 2024
P. 25
EE|Times EUROPE 25
OPINION | AUTONOMOUS VEHICLES | SECURITY
Are We Prepared for Imagine a scenario in which a hostile state
Cyberthreats in the New or a rogue hacker group gains access to the
control systems of connected vehicles. The
consequences could be catastrophic: wide-
Era of Transportation? spread accidents, traffic gridlock and even
deliberate targeting of individuals or critical
infrastructure.
By Hassan Triqui, Secure-IC THE CHALLENGES OF CONNECTED-
VEHICLE CYBERSECURITY
Ensuring vehicle cybersecurity is a multifac-
The automotive user experience has evolved dramatically, and eted challenge that encompasses aspects of
the trend is accelerating, driven by advances in vehicle connectiv- software development, cryptography, oper-
ity and autonomy. Connectivity makes it possible for the car to be ating systems and life-cycle management.
safer and more aware, thanks to vehicle-to-everything technologies. One significant hurdle lies in implementing
Autonomy enables the car to behave more intelligently, thanks to safe and secure coding practices tailored
advanced driver-assistance systems (ADAS). for automotive environments. Adherence to
The downside of these technology enhancements is the increased stringent standards helps to ensure that the
exposure to attacks. Connectivity can be leveraged as an attack software running in connected vehicles is
vector, and autonomy can drastically augment an attack’s impact. robust and resilient against potential attacks
In practice, the scary scenario is that of a remote attacker infecting a car through its wireless and exploits.
interface and taking control of the vehicle by abusing its ADAS capabilities. Integrating artificial intelligence into
Trust in hardware and software is key in the realm of connected vehicles. Security-by-design automotive systems complicates cybersecu-
principles must be ingrained into the very foundation of electronic control units (ECUs). Safety rity efforts. AI-driven functionalities, such
and security considerations are pivotal, with tailored security levels adapted to each ECU. This as autonomous driving and ADAS capa-
approach ensures that every component of the vehicle’s hardware contributes to its overall secu- bilities, introduce new attack vectors and
rity posture, laying a solid foundation for trustworthy automotive systems. complexities in securing connected vehicles.
Essential protections, including secure boot
mechanisms, communication protocols,
fault and intrusion-detection mechanisms
and memory protection, are paramount
to safeguarding AI-driven functions from
exploitation by malicious actors.
The adoption of post-quantum cryptogra-
phy will likewise be crucial for safeguarding
communications and data exchange within
vehicles in the near future. With the advent
of quantum computing, some of the tradi-
tional cryptographic algorithms will become
vulnerable to brute-force attacks, necessi-
tating the deployment of quantum-resistant
cryptographic algorithms to maintain
vehicle security.
Secure operating systems are required
that enable secure applications to run in an
isolated manner within software-defined
vehicles. By compartmentalizing critical
functions and services, these operating
systems mitigate the risk of unauthorized
access and tampering. Managing the security
life cycle of connected vehicles is also fun-
damental to ensure that security measures
are maintained from IC manufacturing to
decommissioning.
The commitment to cybersecurity doesn’t
end with the development and deployment
IMAGE: SECURE-IC of vehicles; it extends throughout their life
cycle. ISO/SAE 21434 and the European Cyber
Resilience Act underscore the importance of
life-cycle cybersecurity management. Such
approaches to cybersecurity ensure that
www.eetimes.eu | JUNE 2024
