how security mechanisms can protect cars against hackers · how security mechanisms can protect...
TRANSCRIPT
How Security Mechanisms Can Protect Cars Against Hackers
Christoph Dietachmayr, CIS Solution Manager
EB USA Techday, Dec. 3rd 2015
How Security Mechanisms Can Protect Cars Against Hackers
Driver´s Fears Are Being Fueled by Recent News
© Elektrobit (EB) 2015 2
Connected Cars,
new opportunies
for hackers
IAA: New
Autonomous Driving
Concepts
How Security Mechanisms Can Protect Cars Against Hackers
Connected Car Offers New Business Models for Hackers?
© Elektrobit (EB) 2015 3
How Security Mechanisms Can Protect Cars Against Hackers
Autonomous Theft?
© Elektrobit (EB) 2015 4
How Security Mechanisms Can Protect Cars Against Hackers
Agenda
• Electronic Control Unit (ECU) Security
• On-board Network Security
• Excursion: Security Issues in a Safety Environment
• Vehicle Security
• The Connected Car
5
How Security Mechanisms Can Protect Cars Against Hackers
Agenda
• Electronic Control Unit (ECU) Security
• On-board Network Security
• Excursion: Security Issues in a Safety Environment
• Vehicle Security
• The Connected Car
6
How Security Mechanisms Can Protect Cars Against Hackers
ECU Security
© Elektrobit (EB) 2015 7
Secure update
Secure boot
Hardware security module
Software as a product
How Security Mechanisms Can Protect Cars Against Hackers
Secure ECU Software Architecture
© Elektrobit (EB) 2015
OS(opt.)
OS(opt.)
Bootloader /
Flasher
Bootloader /
Flasher
e.g. Ethernet, FlexRay, CAN, LIN
OSOS
RTERTE
Applications
AutoCoreAutoCore
HardwareHardware Security
Module (HSM)
CSM
CryHSM
Application Bootloader/Flasher
Authentication
SW signature
verification
SW as a
product
Secure Boot
EB SoftwareEB Software
Elektrobit‘s Security Solutions
Software and Hardware Security Modules
© Elektrobit (EB), 2015 9
CryShe
Application
AUTOSAR Csm
{
data = “42mil/h”;
key = 0x1234;
secure(data, key);
…
}
{
data = “42mil/h”;
key = 0x1234;
secure(data, key);
…
}
Software implementation
Implementation layer
Cry
Interface layer
Csm
Security Hardwareperipheral
Elektrobit‘s Security Solutions
Software and Hardware Security Modules
© Elektrobit (EB), 2015 10
Application
AUTOSAR Csm
{
data = “42mil/h”;
key = 0x1234;
secure(data, key);
…
}
{
data = “42mil/h”;
key = 0x1234;
secure(data, key);
…
}
Security Hardwareperipheral
Software implementation
Implementation layer
Cry
Interface layer
Csm HSM Core
CryHsm/ CryIf
HSM Com
SHE-Firmware
EB supports the algorithms you need!
How Security Mechanisms Can Protect Cars Against Hackers
Agenda
• Electronic Control Unit (ECU) Security
• On-board Network Security
• Excursion: Security Issues in a Safety Environment
• Vehicle Security
• The Connected Car
11
How Security Mechanisms Can Protect Cars Against Hackers
On-Board Network Security
© Elektrobit (EB) 2015 12
Theft protection
Anomaly detection
Intrusion detection
Secure communication
How Security Mechanisms Can Protect Cars Against Hackers
On-Board Network Security
© Elektrobit (EB) 2015 13
OS(opt.)
OS(opt.)
Bootloader /
Flasher
Bootloader /
Flasher
ECUECU
Ethernet, FlexRay, CAN, LIN
OSOS
RTERTE
Applications
AutoCoreAutoCore
HardwareHardware Security
Module (HSM)
Hardware Security
Module (HSM)
CSM
CryHSM
CSM
CryHSMSecOC
Application Bootloader/Flasher
AuthenticationAuthentication
SW signature
verification
SW signature
verification
Anti theft
SW as a
product
SW as a
productMilage prot.
Secure BootSecure Boot
Intrusion Det.
EB SoftwareEB Software
How Security Mechanisms Can Protect Cars Against Hackers
Agenda
• Electronic Control Unit (ECU) Security
• On-board Network Security
• Excursion: Security Issues in a Safety Environment
• Vehicle Security
• The Connected Car
14
How Security Mechanisms Can Protect Cars Against Hackers
• Security: Protection against
external access, e.g. hacks
• Safety: reliable execution
environment for ECUs.“knowing what the system does”
© Elektrobit (EB) 2015
Security protects Safety
There is no safety without security
and vice versa
How Security Mechanisms Can Protect Cars Against Hackers
Agenda
• Electronic Control Unit (ECU) Security
• On-board Network Security
• Excursion: Security Issues in a Safety Environment
• Vehicle Security
• The Connected Car
16
How Security Mechanisms Can Protect Cars Against Hackers
Vehicle Security: Various Access Points
© Elektrobit (EB) 2015 17
Internet connection
Bluetooth connection
Wireless key
Tire pressure monitor
Remote start
Remote HVAC
WiFi Hotspot
Car2Infrastructure
Car2Car
eCall
How Security Mechanisms Can Protect Cars Against Hackers
Current Vehicle Systems Architecture
© Elektrobit (EB) 2015 18
GatewayCAN CAN FlexRay … …
How Security Mechanisms Can Protect Cars Against Hackers
Future Vehicle Systems Architecture
© Elektrobit (EB) 2015 19
GatewayEthernet Ethernet Ethernet Ethernet Ethernet
Intrusion
detection
Anomaly
detection
How Security Mechanisms Can Protect Cars Against Hackers
Use Case: Smart Antenna
© Elektrobit (EB) 2015 20
How Security Mechanisms Can Protect Cars Against Hackers
Smart Antenna
© Elektrobit (EB) 2015 21
ECUECU
Ethernet, FlexRay, CAN
ASIL
SWCs
OSOS
Cloud
App
RTERTE
e.g. Linux
AS
SWCs
AS
SWCs
AutoCoreAutoCore
Cloud
App
Cloud
App
HypervisorHypervisor
Secure COM
Firewall
HardwareHardware Security
Module (HSM)
CSM
CryHSMSecOC
Fir
ew
all
Threat monitoring
Concentrate Wireless access
Secure Separation
Denial of Service prev.
EB SoftwareEB Software
How Security Mechanisms Can Protect Cars Against Hackers
Vehicle Security
© Elektrobit (EB) 2015 22
How Security Mechanisms Can Protect Cars Against Hackers
Agenda
• Electronic Control Unit (ECU) Security
• On-board Network Security
• Excursion: Security Issues in a Safety Environment
• Vehicle Security
• The Connected Car
23
How Security Mechanisms Can Protect Cars Against Hackers
The Connected Car
© Elektrobit (EB) 2015
How Security Mechanisms Can Protect Cars Against Hackers
The Connected Car
© Elektrobit (EB) 2015
How Security Mechanisms Can Protect Cars Against Hackers
The Connected Car
© Elektrobit (EB) 2015
How security mechanisms can protect cars against hackers
The Connected Car
© Elektrobit (EB) 2015
How Security Mechanisms Can Protect Cars Against Hackers
Over the Air Functionality
© Elektrobit (EB) 2015 28
Target
ECU
Target
ECU
Ethernet, FlexRay, CAN
HypervisorHypervisor
Secure COMSecure COM
Firewall
HardwareHardware Security
Module (HSM)
Hardware Security
Module (HSM)
Fir
ew
allSecure Backend
Channel
SW storageOver the Air:
• SW update agent
• Remote Diagnostics
agent
• …
EB SoftwareEB Software
Remote diagnostics
100% security is an illusion
Secure OTA update
Identity vs. privacy
EB Security Platform
EB Security Portfolio
Secure HW
•HSM firmware
•Future Security HW
•Security architecture
Security applications
•Unlock / Download
•SW as Product
•Secure Com …
Secure separation
•Hypervisor
•Virtualisation
Crypto
•Algorithms
•SHE drivers
•HSM drivers
Key management
•Sym/Asym
•Key Derivation
•Initial / Update
Secure Communication
•Firewall
•Intrusion-/Anomaly detectionOTA
•Secure Connection
•Update strategies
•Implementation
•Backend
Car2X
•Consulting
•Implementation
•Testing
Security Consulting
•Architecture
•Solutions
•How-To
Testing & Certification
•Functional
•Penetration Testing
•FIPS / Com. Criteria
© Elektrobit (EB), 2015 29
Summary
Summary
• Security is necessary on all levels
‒ In ECUs and between ECUs
‒ In the vehicle and between vehicles
‒ In the backend
• A big challenge, but you are not alone
‒ Existing and approved mechanisms available
‒ EB secures vehicles for more than 15 years
• Security needs constant care
‒ Monitoring on all levels
‒ Update over the air is key to keep cars secure
• Visit us at: https://www.elektrobit.com/security
© Elektrobit (EB) 2015 30