carputer

How To Implement a Connected Vehicle Gateway in a Secure and Cost-efficient Manner?

Chrysler announced a recall for 1.4 million vehicles 2 years ago after Miller and Valasek demonstrated to WIRED that they could remotely hijack a Jeep’s digital systems over the Internet. Chrysler attack is just one of many examples on car hacking we have seen so far. Back in 2014 the share of connected cars was just about 13% of new vehicles and by 2020 the same number has been forecasted to reach 75% (BI Intelligence 2014). If this problem is not tackled, what might happen in few years?

The number of applications and features utilizing connectivity is ever growing. Remote vehicle control (even moving the vehicle remotely) and remote diagnostic data collection are becoming mainstream features and a growing number of connected features require more and more extensive access to the vehicle network. Connecting the vehicle network to Internet is the highest cyber security risk in a modern vehicle. Furthermore, it is very critical from safety point of view – in worst case hackers could get control over not just one but an entire fleet of vehicles.

In this post we introduce the architectural components of a safe and secure connected vehicle gateway implementation.

SOFTWARE IS THE KEY

Software can be used in conjunction with the system design to implement a secure connected gateway. There are a number of technologies that can be used to mitigate risks, and here are examples of a few that have been proven:

  • Risk analysis of the system to identify critical components and data flows
  • Architecture design that uses sand-boxing, attack surface minimization, and defense in depth
  • Cryptography throughout the chain that enforces validation

Link Motion software stack has been designed from day zero for secure connected cars. Our hardware has been designed to support secure software – not the other way around. Link Motion software platform uses selected hardware-level security technologies to further enhance the security of the platform.

Software-centric approach has also an advantage of increased flexibility with well-known development tools. This flexibility allows rapid innovation, vast pool of developers and easy integration of mainstream software components. Both flexibility and security need to be maintained in the platform – this is why software is the key of a secure connected gateway.

HOW TO IMPLEMENT THE SECURE CONNECTED GATEWAY?

The connected vehicle gateway can be implemented as a separate unit but making it as an extension of a cockpit solution is a more integrated approach with better cost-efficiency. The cockpit solution is the key system gathering information from the vehicle and presenting it to the user, and it could and should be extended to act as a gateway as well. Telematics features are a natural extension to the cockpit since the functions partially overlap already.

Motion T secure connected carputer allows implementation of the connected vehicle gateway as a separate unit or as a part of the cockpit solution (eCockpit). Cockpit solution allows for a higher integration level, whereas a separate unit gives more flexibility to position the unit freely in the car, for instance close to the antennas. Software platform is the same in both, and can be reused for both configurations.

 

Mikko Hurskainen is currently Technologist at Link Motion, focusing on technology development and forward looking projects. Mikko has extensive experience of embedded software development, he has been working on research, smart phone development and telecommunications. Prior joining to Link Motion he has been working at Nokia, Symbio, ST-Ericsson and start-ups. He holds M. Sc. from Tampere University of Technology.