The automotive industry is rapidly evolving, with an increasing focus on integrating advanced technologies for enhanced connectivity and functionality. However, with this progress comes the pressing need to ensure the cybersecurity of these systems. In this blog, we will explore the concept of hardware-based cybersecurity, particularly through the lens of embedded analytics in connected vehicles.

Understanding Embedded Analytics

Embedded analytics refers to a set of intellectual property (IP) designed for hardware functional monitoring based Intrusion Prevention Systems (IPS). These systems are not limited to security and safety; they extend across various markets, including artificial intelligence (AI), data centers, automotive applications, 5G networks, and storage solutions. The common characteristics among these markets include complex designs that necessitate hardware and software optimization, as well as the need for robust debug functionalities.

For automotive applications, the focus is primarily on security. As cars become more connected, the potential for cybersecurity threats increases significantly. Regulations like ISO 21434, which addresses cybersecurity in the automotive industry, ISO 26262 for functional safety, and UN ECE guidelines for software updates, are crucial in establishing a framework for secure vehicle design.

The Threat Landscape in the Automotive Industry

When it comes to automotive cybersecurity, understanding the different types of threats is vital. There are three main categories:

Control Systems Attacks: These attacks require proximity to the vehicle and typically affect individual vehicles rather than fleets.
Sensor Attacks: These can significantly impact vehicle functionality by targeting various sensors within the vehicle.
V2X Communication Attacks: The most severe type of attack, capable of affecting entire fleets of vehicles remotely. A 2022 survey revealed that 49% of all attacks on automotive vehicles fall into this category.
Given the interconnected nature of modern vehicles, V2X communication attacks pose a substantial risk. They can compromise not just individual vehicles but entire fleets, making them a top priority for cybersecurity measures.

How Embedded Analytics Works

The embedded analytics systems employ a combination of passive and reactive components. Passive components, like the bus monitor and status monitor, observe the AXI bus traffic to filter and capture data. This captured data is then processed by an analytics engine equipped with algorithms that can identify potential attacks.

Reactive components, such as Sentry IPS, take immediate action by monitoring and blocking malicious attacks. For instance, if a malicious firmware is detected attempting to access the infotainment system, the system can be configured to block such frames from entering the CAN bus. This non-intrusive approach ensures that the vehicle’s core functionalities remain unaffected while maintaining a high level of security.

Real-World Attack Examples

To illustrate the effectiveness of embedded analytics, let’s examine two potential attack scenarios:

1. Mobile Network Attack
In this scenario, a man-in-the-middle attack attempts to exploit the infotainment system using malicious firmware. The bus monitor is configured to detect any out-of-bounds data. Upon identifying such data, the analytics engine flags it as an attack and prevents it from entering the CAN bus. This proactive approach not only stops the attack but also raises awareness about emerging threats.

2. Insecure Telematics
In this case, a compromised telematics unit tries to send harmful instructions to the vehicle, such as opening the car door while in motion. The analytics engine leverages vehicle speed data to determine that such an action would be harmful and blocks it from execution. This capability to assess the context of actions enhances the overall security of the vehicle.

Case Study: The Secure Cab Project

To showcase the practical application of these security measures, the Secure Cab project was developed in collaboration with Copper Horse and Coventry University. This project involved simulating a vehicle environment to generate CAN frames, connecting them to a physical CAN bus, and integrating a modeled ECU with embedded analytics IP. The architecture also includes cloud connectivity, although detection and prevention occur at the chip level, ensuring rapid response times measured in microseconds.

The project not only validates the effectiveness of embedded analytics but also demonstrates that data collected can be stored in the cloud for analysis and updates, facilitating ongoing improvements to the security framework.

Silicon Life Management and Fleet Health Monitoring

Data collected through these embedded systems plays a crucial role in silicon life management and fleet health monitoring. For example, by analysing data from a fleet of 200 vehicles, the system can identify anomalies or assess the impact of software updates. If one vehicle shows significantly different data, it can be flagged for further investigation, potentially indicating an attack or malfunction.

Similarly, post-software updates, the system can evaluate the overall health of the fleet, ensuring that the updates enhance performance without introducing new vulnerabilities.

The Role of the IoT Security Foundation

The IoT Security Foundation (IoTSF) is dedicated to making it safe to connect in the era of IoT. As a not-for-profit industry association, it aims to promote best practices and provide guidance on securing connected devices, including automobiles. They encourage industry stakeholders to adopt security frameworks that align with emerging regulations and standards.

Conclusion

As the automotive industry continues to embrace connectivity, the need for robust cybersecurity measures becomes paramount. Hardware-based solutions like embedded analytics are essential for detecting and preventing cyber threats in real-time. By leveraging these technologies, manufacturers can enhance vehicle security, protect user data, and ensure the safety of passengers.

The IoT Security Foundation (IoTSF) is a not-for-profit industry association with a mission to ‘make it safe to connect’ in the era of IoT.

Sign up to our newsletter: https://mailchi.mp/iotsecurityfoundat…

** For more content and up-to-date news on all things IoT security click here: https://iotsecurityfoundation.org

*** For upcoming Events and Webinars see here: https://iotsecurityfoundation.org/eve...