hackers are the new highway threat

21
Hackers are the new highway threat The security challenge of auto infotainment connectivity

Upload: harman-innovation

Post on 10-Aug-2014

1.958 views

Category:

Automotive


26 download

DESCRIPTION

Read more at www.harmaninnovation.com HARMAN: Securing Connected Infotainment Systems Against Hackers Connected vehicles can offer a gateway for cyber criminals to hack into automotive systems. How can infotainment systems help automakers combat this threat?

TRANSCRIPT

Page 1: Hackers are the new highway threat

Hackers are the new highway threat

The security challenge of auto infotainment connectivity

Page 2: Hackers are the new highway threat

• Carhacking is a 21st century crime. Connected cars can offer a gateway for cyber criminals to hack into systems.

Page 3: Hackers are the new highway threat
Page 4: Hackers are the new highway threat

• How can next-generation infotainment systems be equipped to firewall vehicles against highway hackers?

Page 5: Hackers are the new highway threat

• Latest infotainment systems provide full internet connectivity with all the benefits of real-time updates and information…

• …but such access can also be an open door to malicious software.

Page 6: Hackers are the new highway threat

• Once on the system, a virus could disrupt the operation of the infotainment system, causing errors in music playback, navigation and potentially corrupt the multimedia display.

Page 7: Hackers are the new highway threat

• Equally intrusive, malware could lurk unnoticed on a system, and siphon any personal and private information that may be on the infotainment hub or contained on linked devices, back to another source.

Page 8: Hackers are the new highway threat

• And that’s just for starters.

Page 9: Hackers are the new highway threat

• By far a bigger concern is the potential for malware to migrate via the infotainment system to other in-car networks such as the controller-area-network bus (CAN bus).

• This links infotainment to the vehicle's critical systems.

• By connecting a laptop to a car's on-board diagnostic port and hacking the vital systems, attackers could – in theory – seize control of the engine and brakes.

Page 10: Hackers are the new highway threat

• It is the internet connection that provides the gateway for hackers.

• In addition to LTE connections, there are also threats posed from smartphone Bluetooth, WiFi, and NFC connectivity as well as the increasing trend of BYOD (Bring Your Own Device) consumer electronics integration.

Page 11: Hackers are the new highway threat

• All modern vehicles contain multiple electronic control units (ECUs) and independent systems, integrated networks such as CAN bus and Ethernet networks that are used to link the operation of various components.

• The infotainment system is on one hand linked with these systems to access information from the speed sensor or other safety-critical ECUs and on the other hand connected to the internet, from where attacks could come from.

Page 12: Hackers are the new highway threat

• How a hybrid architecture can resolve the automotive security challenge

Page 13: Hackers are the new highway threat

• The security architecture of the infotainment system has to be even more robust than that of the typical mobile device. It must protect the vehicle and the occupants from all kinds of threats such as malware, denial of service, and other malicious behavior.

Page 14: Hackers are the new highway threat

• The only viable approach is to firewall the car functions from the infotainment side of the system by hardware and software security mechanisms to act as a barrier between malware and an infotainment system.

• This includes secure boot, data encryption, network securities and a protocol to isolate 'crashed' or 'compromised' parts of an infotainment system from other connected components and networks but also more importantly an infotainment system with two separate domains.

Page 15: Hackers are the new highway threat
Page 16: Hackers are the new highway threat

• The next-generation scalable infotainment system architecture from HARMAN uses multi-core processors with a type 1 hyper-visor to implement segregated domains with separate operating systems.

Page 17: Hackers are the new highway threat

• The application domain, running e.g. Linux with HTML5 as the application environment, offers a first line of defense with the proven security techniques used by mobile devices, such as secure boot, data encryption, and network securities.

• These security technologies already offer a strong defense against cyber attack. The vehicle domain, which runs the critical car functions, is completely isolated from the application domain through the hyper-visor.

Page 18: Hackers are the new highway threat

• Both domains can run the same operating system, e.g. Linux, or different systems, e.g. QNX in the vehicle domain, and Linux in the application domain. The split-level architecture ensures the vehicle domain remains separate: in the event malicious code penetrates the application domain, it is firewalled from affecting the critical vehicle functions – these remain free from threat.

Page 19: Hackers are the new highway threat

• 4G architectures also have a role to play in care security. Running the infotainment system via cloud makes it possible to bypass local software, and provides access to powerful, robust and secure servers for both processing and security.

• The server streams the required infotainment functions to the vehicle, significantly lowering the risk of malicious software being downloaded into in-car systems.

Page 20: Hackers are the new highway threat

• By combining these techniques in its unique, industry-first split-domain architecture, HARMAN offers a strong firewall between the two domains and makes the system extremely robust and resistant to hacking threats. Given the topicality of connected cars, automakers and drivers will seek ways to keep their vehicles secure to new threats.

Page 21: Hackers are the new highway threat

• Developments such as HARMAN’s hybrid architecture point the way forward to meet these increased security requirements.