Security Considerations for Connected Autonomous Vehicles Research Engineer, Southwest Research Institute Harold (Abe) Garza
Security Considerations for Connected Autonomous Vehicles
Research Engineer, Southwest Research Institute
Harold (Abe) Garza
Goals of this presentation
• Explain the current state of non-autonomous vehicle security,
connected vehicle security, autonomous vehicle security
• Discuss Connected Autonomous Vehicle (CAV) security
• Explain the need for a defense-in-depth mindset
Intro
• Connected Autonomous Vehicles (CAVs) = Modern Vehicles + V2X +
Autonomous Vehicles
• CAVs are beginning to enter the roadways, and vulnerabilities are
already being discovered in themo Will get to these later…
• Look to non-autonomous vehicles to understand the impacts
cybersecurity vulnerabilities have hado 1.4 million recalls in U.S. due to cybersecurity vulnerabilities in 2015
Non-Autonomous Vehicle (i.e. What I Drive) Technology - The “Problems”
• CAN: The backbone of modern vehicle communicationo Used for real-time communication between vehicle-critical electronics
o Designed with responsiveness and reliability in mind
o Wasn’t created with security in mind
• Infotainment Unit: Pandora’s Box for modern vehicleso Added useful features: Satellite radio, GPS/Maps, Cellular connectivity, Wi-Fi for passengers, Display
vehicle statistics, etc.
o This has created a bridge between the Internet and an insecure network
Internet Infotainment CAN
Engine
Brake
Transmission
Connected Vehicles (V2X) - The “Problems”
Connected Vehicles (V2X) - The “Problems”
• How do vehicles talk to its surrounding environment?o Modern vehicles use cellular (2G/3G/4G/LTE)
o Several wireless technologies are under development
• Digital Short Range Communication (DSRC)
• 5G
o Next generation of connectivity will have many safety-critical features
o More connectivity = more attack vectors
• Software Over-The-Air (SOTA) Updates
Autonomous Vehicles - The “Problems”
• Still under development, but several partial-automation technologies
are in vehicles on the roads right now
• Several sensors used by AVso LiDAR
o RADAR
o Cameras
o Ultrasonic
o GPS
• Software/algorithms behind these sensors
• Again, more technologies = more attack vectors
Non-autonomous Vehicles -Solutions
• Isolation (e.g. Gateways)
Infotainment CAN
Engine
Brake
Transmission
Connected Vehicles (V2X) - Solutions• Write standards with security in mind
• Validation
• Isolation (e.g. Gateways)
• (Strong) Encryptiono Don’t use static/non-unique keys! Use Diffie-Hellman or implement Public
Key Infrastructure (PKI)
o Use end-to-end encryption
SOTA Firmware
Server
Vehicle Transceiver
Internal Vehicle
NetworkECU
Infrastructure Transceiver
Encrypt the following data with
ECU public key: 0x123456789A
Encrypted Payload: 0xFA5625871F368BF1B184EA8E432C80E0
Decrypt firmware with ECU private key to
arrive at:0x123456789A
Autonomous Vehicles - Solutions
• Secure the sensorso From internal threats
o From external threats
• Looking aheado The algorithms behind these sensors must also be secured
Connected Autonomous Vehicles (CAVs)
• Combine all of these technologies and you get the picture of what a
CAV might look likeo CAVs will naturally inherit all of the risks and vulnerabilities from enabling technologies
o One compromised/malicious CAV in a sea of other connected vehicles/CAVs…
• These risks and vulnerabilities must be analyzed and mitigated in order
to secure the future of transportationo This is where defense-in-depth comes into play
Defense in depth: approach or mindset?
• Defense in depth should be a mindset, not just an approach
• Defense in depth means that every layer/interface/vehicle is analyzed for its risk and vulnerabilities, and then mitigate those risks
• As usual, don’t just implement security - test it
SOTA Firmware
Server
Vehicle Wireless
Transceiver
Internal Vehicle
Network(s)
ECU
Infrastructure Transceiver
AV Sensors
Conclusion
• Defense in depth mindsetso From the perspective of automotive manufacturers
o From the perspective of transportation management
• Think like an adversary