Designing Cost-Effective Ethernet Automotive E/E Architecture Against Security Threats 2017 IEEE-SA Ethernet & IP @ Automotive Technology Day
Designing Cost-Effective Ethernet Automotive E/E Architecture Against
Security Threats
2017 IEEE-SA Ethernet & IP @ Automotive Technology Day
2
l Connected vehicle attack surfacesl High level security needsl Hardware security protectionl Ecosystem managementl Network Partitioning for securityl Hardware-secured TLSl Ethernet switching requirementsl Example of secure Ethernet IVN
Agenda
3
Cars Are Already Connected
More than 20% of vehicles sold worldwide in 2015
included embedded connectivity solutions
More than 50% of vehicles sold worldwide in 2015 to be
connected (either embedded, tethered or smartphone integration)
Every new car to be connected in multiple ways
by 2025
The new question: • Will these cars be connected with a foundation of
security in mind?
4
High Visibility Hacks Influencing Market Trend
• Resulting in new regulations and OEM cybersecurity specs
5
l Increasing remote attack interfacesl On-board diagnostic portl Telematics
l Wi-Fi® hotspot & long-range wireless connectivityl 3G, 4G, LTE
l Bluetooth ® connections (smartphones)l Passive entry / keyless systems
l Infotainmentl Storage media (CD, USB, SD card)
l Attack scenariosl Safety critical (Brakes, engine control…)l Obstructive (Instrument reading, lights, infotainment…)
• No security on CAN2.0 & limited bandwidth to implement• Ethernet VLANs for traffic separation not security
Attack Surface Keeps Growing
6
High-Level Security Needs
l Ease of integration into existing architecture & Engine
Control Units (ECUs)
l Scalable across platform models
l Flexible migration to next-generation architecture
l Common methodology across all types of In-Vehicle
Networking (IVN)
l Intrusion detection and OTA updates
• Cost effective total solution!!
7
Attributes of Automotive Hardware Security Devices
l Secure Key Storagel Trusted Ethernet nodes with secure boot & firmware updatel TLS key protectionl CAN communication keys & certificates storagel CAN communication session key(s) storage
l Ease of Integrationl Less code = lower costl Minimal code updates on node microcontroller (MCU)
l Node Authentication & Key Agreementl ECU authentication & key agreement schemel Encrypted and authenticated command sessions
l Hardware Crypto Acceleratorsl Symmetric and asymmetric algorithmsl High quality random number generatorsl HMAC & CMAC for serial communication protection
l Automotive Grade-1High-security storage
8
Unprotected Hardware AttackMicroprobe to See Internal Device Nodes and Extract Keys
• Software can NOT protect private keys!
9
How Keys are Protected Matters!
l Strong Multi-Level HW Securityl Starts with active shieldl Plus a multitude of environmental tampersl Protection modesl Ability to erase keys
l Designed to Defend Againstl Microprobe attacksl Timing attacksl Emissions analysis attacksl Fault , invalid command attacksl Power cycling, clock glitches
HW Crypto Devices
StandardDevices
10
Security Considerations at every Node in the Vehicle
• SAE J3061 Consider risks associated with each vehicle system
11
Ecosystem Management
l Protect your brand
l OEM’s can manage approved suppliers for each node
l Only approved safety critical nodes operate in the vehicle
l X.509 certificates can help in authentication genuine components
12
Digital Certificates
l The x.509 Digital Certificate is a unique verifiable form of identity for the node
l It comprises three main components:l The device public keyl A signature to enable verification of
the authenticityl Data capturing any attributes the
owner intends as part of the identityl Certificates are standards
driven forms of identity for the Internet
Static Data (SN, model number, etc.)
Dynamic Data (Date, time, etc.)
Device Public Key
Signature
KPUB_DEVICE
13
Creating a Certificate (Provisioning)
Device Static & Dynamic Data
KPUB_DEVICE
Has
hSIGN
KPUB_OWNER
KPRI_OWNERKPUB_DEVICE
KPRIV_DEVICE
Certificate
HW Security DeviceMCHP or OEM
1. Create a unique key pair for each participant
2. MCHP or OEM creates device certificate
3. O
wne
r em
beds
cer
tific
ate
into
dev
ice
Signature
• Remember: private keys, no matter which, must remain secret!
14
Physicalprotection/Tamper-proof
MULTI-PORT ETHERNET
SWITCH
APPLICATION SOFTWARE
CPU
VLAN PTP
Monolithic Approach to Securing Ethernet
KEY STORAGE DEBUG, TEST, SCAN
Secure Coding
ACL DPI
Ingress Policing Secure BootAuthentication
EncryptionDownload / OTA
ü ComplexX Flexible
X Scalable
X Common methodology
X Existing architecture
? Cost effective
? Secure
à Impractical àPartition network
15
Partitioning Network for Security
l Separate common network security from data traffic processing
Common Network Functions
• Physical defence mechanisms• Secure boot & download• Authentication• Key management• Ecosystem and certificate chain
management
Network Specific Processing
• Virtual LANs• Access control• Deep packet inspection• Ingress / egress policing• Intrusion detection / protection
• Optimizes security performance, flexibility and cost• Any ECU, any architecture, any configuration, any bus
16
Scalable Security for IVN
Processor or Microcontroller
Secure boot & HDCP
MOST
Processor or Microcontroller
Secure Boot & Ethernet TLS
Ethernet
CAN Bus
Processor or Microcontroller
Secure Boot, CAN Security, Ethernet TLS
Ethernet
CAN Bus
Processor or Microcontroller
Secure Boot, Upgradable to CAN security
Processor or Microcontroller
Secure Boot, CAN Security
CAN Bus
Security IC
• Addresses large number of ECU architectures• Secure Boot at each node
17
Software-Only TLSAuthentication
Main Software
Stack
or
Device main MCU
AuthenticationRequest
Cry
pto
API
Cipher Suite SW Module &
KEYS
TLS = Transport Layer Security
l Performs cryptographic functions in software in the device MCUl Requires more code spacel Requires more processing
loadl Houses keys in software
and unsecured memoryl Small nodes with low-end
processors are too slow
• Software-only TLS is vulnerable!
18
Hardware Secured TLSAuthentication
Main Software
Stack
or
Device main MCU
AuthenticationRequest
Mic
roch
ip H
W-T
LS A
PI
Secu
rity
IC
• Authentication• Key agreement• Key storage
l Hardware-TLS offloads cryptographic functions from the device MCUl Access via HW-TLS API
l Security IC handles all computation
l Minimal code space & computational load
l Keys are generated & protected in secure hardware
• Keys are secure!
19
Exploiting Automotive Ethernet Network Characteristics
l Fixed star / hybrid network topologyl Typically maximum eight network ports on ECUl Applications, traffic flows are known and pre-determinedl Network configuration is static (MAC, IP addresses)l Broadcast, multicast and unicast trafficl Limited use of protocols
l TCP/UDP, DoIP, PTP, SOME/IP ….
• Well-defined and bounded network• Exploit to deploy intrusion detection / protection• LEARN à MODEL à ANALYSE à ACT
20
Ethernet Switch Security Requirements
l Requires hardware features to support intrusion detection / protection
l Prevent typical attacks; spoofing, flooding, misuse / failuresl Dynamically update to adapt to changing network behavior
l 802.1Q VLANl AVB (time synchronized)l 802.1Qci Ingress policing and filtering (per stream per port)l Extensive network statistics gathering (metadata)l TCAM-based layer 2,3,4 deep packet inspection
l Forward, drop, mirrorl Time stampl Countl Modify packetl Rate limit
l 802.1x Port and MAC authenticationl Enhanced diagnostics (harness defect detection)l Seamless redundancy
21
Example Secure Ethernet IVN
AMP
Display
Head Unit
Antenna
Sensor Fusion
CA
M
Lida
r
CA
M
Rad
ar
Gateway
OBD
Door
Lights
Fan
CAN
Ethernet
?
?
Flexible, Scalable Cost-effective & Secure!
Add tiny Security companion IC
= Secure Link
Infotainment
Telematics
ADAS Body
22
Come and visit us at Booth #2 J
l Ethernet Gateway Security Demonstratorl Ethernet AVB Streaming Demonstrator
Thank You!