cyber security for the connected car
TRANSCRIPT
![Page 1: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/1.jpg)
Cyber Security for the Connected Car
Bob Leigh, Director of Market Development, RTI
![Page 2: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/2.jpg)
RTI’s Experience• ~1000 Projects
– Automotive– Healthcare– Communications– Energy– Industrial– Defense
• 15+ Standards & Consortia Efforts– Interoperability– Multi-vendor ecosystems
![Page 3: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/3.jpg)
Industrial IoT Key System Characteristics
• Reliability• Scalability• Safety• Security• Resiliency
Large scale, heterogeneous, built with multi-vendor components, often broadly distributed and evolving
![Page 4: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/4.jpg)
It’s All About the Data
Data centricity enables interoperation, scale, integration
Unstructured filesDatabase
Data Centricity Data at Rest
Messaging middleware
DataBus
Data Centricity Data in Motion
![Page 5: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/5.jpg)
DDS Standards: Layered View
DDS v 1.4
RTPS v2.2DD
S-SE
CURI
TY
DDS-
RPC*
DDS-
XTYP
ES
Application
UDP TCP** DTLS** TLS**
DDS-C++ DDS-JAVA* DDS-IDL-C DDS-IDL-C#
SHARED- MEMORY**IP
DDS-
WEB
HTTP(s)
IDL
4.0
![Page 6: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/6.jpg)
Unit DataBusUnit DataBus
Sensor-to-Cloud
• Connect…– Fast– Seamless– QoS controlled– Secure– Data centric
• Multiple Platforms• Various Transports
In-Car Platform
V2V & V2X
Public Internet Cloud DataBus
Site DataBus
Fleet Management
Unit DataBus
Sense Act
Think HMI
Machine DataBus
Connext
![Page 7: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/7.jpg)
Connected Car: Security Challenges
• Sensor to Cloud Integration• Multiple Attack Surfaces
– Internet– Cloud– Other cars– In-car
• Connecting Autonomous Cars
![Page 8: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/8.jpg)
Cloud ServicesConnected, Autonomous Car
Sensing
Planning
Radar, LIDAR Vehicle Platform Navigation
Error Management
Visualization
Situation AnalysisSituation Awareness
Vision FusionCameras, LIDAR,
Radar …
Data Fusion
LoggingVehicle Control
Localization
DDS Bus
Traffic Maps
DDS Bus
![Page 9: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/9.jpg)
Three Security Boundaries
• Boundary security
• Transport-Level – Network (layer 3) security– Session (layer 4/5) security
• Fine-grained Data-Centric Security
Introducing: RTI Connext DDS Secure
![Page 10: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/10.jpg)
Threats
• Unauthorized Subscription
• Unauthorized Publication
• Tampering & Replay
AliceBob
EveTrudy
TrentMallory
Local machine is assumed to be trusted
![Page 11: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/11.jpg)
Practical Fine-Grain SecurityConnext™ DDS Secure• Per-Topic Security
– Control r,w access for each function– Ensures proper dataflow operation
• Complete Protection– Discovery authentication– Data-centric access control– Cryptography– Tagging & logging– Non-repudiation– Secure multicast– 100% standards compliant
• No code changes!• Plugin architecture for advanced uses
WatchdogSensor Planning Operator
State Alarms SetPoint
Topic Security model:• Sensor: State(w)• Watchdog: State(r); Alarms(w)• Planning: State(r), SetPoint(w)• Operator: *(r), Setpoint(w)
![Page 12: Cyber Security for the Connected Car](https://reader034.vdocuments.net/reader034/viewer/2022042723/5870be341a28ab0b4a8b6835/html5/thumbnails/12.jpg)
Summary• A connected car has multiple attack
surfaces, many exposed publicly• Risk, especially with self-driving cars, is high• The system needs reliable, flexible, real-
time, secure connectivity• Security should be part of the architecture
design, embedded in multiple system layers• Connext™ DDS Secure supports fine
grained security