While becoming increasingly connected, cars are also getting more vulnerable to remote hacking – there’s no compromising on automotive cybersecurity. One of the scariest scenarios is that attacks will affect not only private cars but also entire fleets of vehicles. This is something that Elon Musk, CEO of Tesla and SpaceX, has addressed at the National Governors Association’s (NGA) last year’s summer meeting as well as at DEFCON 18, a hacker convention in August, where he also shared Tesla’s plans to open-source their vehicle security software for free.
Great Q&A @defcon last night. Thanks for helping make Tesla & SpaceX more secure! Planning to open-source Tesla vehicle security software for free use by other car makers. Extremely important to a safe self-driving future for all.
— Elon Musk (@elonmusk) August 11, 2018
We at Link Motion are prepared to protect vehicles against fleet-wide cyber-attacks and appreciate Tesla for their plans to contribute to a safer self-driving future. Let’s dig a little deeper into these topics.
The worst-case scenarios for fleet-wide hacks
Essentially, the biggest problem with exploits targeting vehicles are the ones that can first be developed on a single vehicle, then scaled up to be easily deployed across either a whole vehicle model / series or even a wider set of a vehicle manufacturers models.
A couple of the most worrisome scenarios include:
- Wide-scale ransomware attacks, such as seen on the NHS and GPs in the UK targeting hospitals. This level of attack would most likely be by individual hackers for monetary gain.
- Mass espionage to collect all or part of the Privately Identifiable Information (PII) accessible through the car. Example would be to have full information of the whereabouts of all car owners for a prolonged period or access their call logs to identify who they have been in contact with. This level of attack would likely be performed by organizations or hostile countries as a part of wider espionage work.
- Large-scale denial-of-service attacks on a car manufacturer’s vehicles, causing permanent damage to the company public image, as well as directly impacting their bottom line through forced recalls. This level of attack could just as well be done by malicious individual hackers as unscrupulous organizations.
- Localized denial-of-service attacks on a specific brand of vehicles as part of a terrorist attack to completely stall traffic in a specific area. Due to its nature, this level of attack would likely be performed by either malicious organizations or hostile countries.
Protecting connected vehicles is ultimately an architectural problem
The root cause of the issue lies in what we are trying to accomplish with connected vehicles. On the one hand, we have the desire to provide end-users with an enhanced vehicular experience, where they can get more out of the time they spend f.ex. commuting to work. To achieve this, we are introducing high levels of connectivity to vehicles. On the other, recent terrorist attacks should by now have proved the destructive potential vehicles have in the hands of malicious actors, while we have a constantly increasing risk from cyber-attacks on key infrastructure.
The problem of trying to console these two sides rests quite solely on how we integrate the connected features to vehicles. While legislation and standardization on many related areas is finally underway (see f.ex. ISO 27034, NHTSA best practices. SpyCAR Act draft, General Data Protection Regulation – GDPR, Personal Information Protection and Electronic Documents Act – PIPEDA), a lot of the responsibility still lies on the shoulders of the connected device manufacturers and the Architecture that they come up with, to protect both their product and the vehicle as a whole.
One of the truths in security work is that there are no impenetrable defenses or shortcuts. As such, security needs to concentrate on forcing attackers into convoluted long attack paths and breaking through multiple state-of-the-art lines of defense on different levels – an approach also known as defense in depth. The final intent then is to make the attacker’s pathway to achieving their goal so arduous that the whole course of action becomes unprofitable.
Tesla’s promise to open source their technology is extremely commendable
In many regards, Tesla has been one of the foremost high-profile companies spearheading the charge towards better understanding of the importance of software as a part of vehicle cyber-security.
As such, their promise to offer their state-of-the-art security software as Open Source is both extremely commendable, as well as consistent with their general approach. It also highlights an important factor of software security – attempting to protect your software by obscuring access to it is not an efficient defense, but rather means your defenses are in fact largely untested when deployed to a product.
Instead, the most important part of modern SW security is acting together with security experts in an open manner and listening to their input on your product. In fact, publicizing their software as Open Source will not only benefit the general field by setting a higher standard for others to follow and use, but also have return for investment to Tesla by helping them better secure their own products through increased feedback on possible security issues.
Link Motion’s security solution for protecting car fleets
Link Motion products are designed from the start as a seamless whole, combining security hand-in-hand in the full system design – with both hardware and software being designed to work together. We follow modern security approaches such as defense in depth, as well as collaborate with security experts (our Architecture has already been developed in collaboration with Irdeto) to provide the best possible products for our clients.
For clients interested in state-of-the-art cybersecurity protection we offer options for full transparency on how security is taken into account in the development process, performing system penetration testing by external parties, as well as protecting vehicle fleets from scaling hacks through device-specific hardware-based encryption.
If you would like to find out more, please contact us.
|Antti Korventausta, Lead System Architect at Link Motion, initially hails from a background of research, computational sciences and quantum mechanics (M.Sc.) at Tampere University of Technology. Since then, he has continued on a path of unflinchingly staring into the abyss of complex challenges on offer in embedded software projects. With him, he brings an analytical mind with a scientific bent towards security, problem dissection and controlled work patterns.|