Your regular update for technical and industry information
Your regular update for technical and industry information
Auto=mobile! It has been true for some time now that the car is a complex computer on four wheels. And just as we protect the computers on our desks and in our pockets from hacker attacks, we need to secure our cars. From the second half of 2024, no new cars can even be sold without sufficient protection.
This year marks nine years since the first publicised hacking of a car's electronic systems. Fortunately, it was a controlled experiment, with two hackers taking complete control of a car driven by a journalist. They were in control of engine operation, functioning of the brakes and even cornering. They could literally push the car off the road remotely. Because they were white hats, or ethical (= good) hackers, they wrote an extensive report on the weakness, which forced the car manufacturer to recall over a million cars and make significant changes to their infotainment system, through which the car's electronics were successfully penetrated.
The overall number of attacks on cars by hackers has been on the rise for a long time, but until recently manufacturers tended to address protection of their cars on a case-by-case, and mainly a voluntary basis. However, the situation is gradually changing and car manufacturers must now come to terms with tightening legislation in this matter. In early 2021 the UN working group adopted Regulation No. 155, which stipulates that from July 2024 all new cars sold in the EU (and not just new models as was the case as of mid-2022) must be protected against cyber-attack. Cyber security has been officially added to concepts such as active and passive security.
The regulation is part of mandatory requirements of the European Union, and cars sold on the EU, and therefore also the Czech, market must be approved on the basis of tests conducted in specialised laboratories. Only a few laboratories in the world can currently provide car approval in terms of protection against cyber-attack. One of them is the high-tech TÜV SÜD Czech workplace in Bezděčín near Mladá Boleslav.
If a car manufacturer were to launch a car on the market without an exhaustive risk analysis and approval, not only would they expose themselves to a potentially large fine.
"Inadequately secured cars are at risk of a whole range of attacks. Hackers can take control of a car, or in the case of company cars, they can block an entire fleet of cars and demand a ransom, as happens in the case of attacks on the computer networks of large companies or government institutions. The attacks can also be more subtle, e.g., theft of sensitive data: car geolocation, telephone contacts or messages and other important data," Vladislav Kocián, head of the laboratory at TÜV SÜD Czech, lists possible scenarios.
Recalls are very painful for manufacturers in such cases.
Today's cars have tens to hundreds of control units in them. They are getting smarter and their computing power is sky-rocketing. The more they resemble a computer, the more they take over its weaknesses. When connected to the Internet, users secure their consumer electronics with antivirus software or a firewall, because these are effective shields that save us a lot of worry. In addition, the operating systems of our computers and mobile phones are regularly updated and monitored. Thanks to approval, we will soon see similarly robust protection for cars. "In practice, both the protection of individual components and the fact that the car as a whole is not attacked through them must be ensured. Documentation confirming that the proper technologies and procedures were chosen during development is absolutely essential. We also check the security level of cryptography and the entire architecture of the car," explains Vladislav Kocián.
Special attention is paid to active elements that can interfere directly with the steering. An increased level of security is required here. Also important are the so-called attack vectors, i.e., the paths through which hackers find their way into car systems. The Upstream Security agency publishes an annual report on the most common ways of attacking unsecured cars. Their analysis of 1,173 cases reveals the most sensitive parts of contemporary cars.
"It is obvious that insufficiently encrypted communication between the car and its control units, or even remote servers, is the most frequently exploited weakness. This is followed by the protocol through which the car and its electronic key communicate, followed by the bus controlling the control units themselves, but also the on-board infotainment, which we often connect to the outside world via mobile networks or Wi-Fi. Or we connect it to a mobile phone full of applications, thereby exposing the car to other potential attacks from the outside," Vladislav Kocián summarises the conclusions of regularly published security analyses.
It follows from the above that testing is a very complex process that requires the full cooperation of car manufacturers and other companies in the production chain. Everything is consistently logged and the test procedures take place under agreed conditions and with the full knowledge of both parties, so that, for example, there are no false alarms on control servers, etc.
As part of the approval process itself, which takes months, whereas only the minimum testing takes about four weeks, the architecture of the delivered car is analysed, followed by simulated attacks that test all weaknesses, before the laboratory results are carefully evaluated. "Our specialists must not only understand the software architecture and possible risks, but also have a deep knowledge of cars and their development, so that they can anticipate potential weaknesses and focus on them," Vladislav Kocián explains the demands placed on the team working in the TÜV SÜD Czech laboratory. At the same time he adds that active tests and their evaluation are only the tip of the iceberg: "Due to the complexity of modern cars, it is not possible to only inspect the finished product today; that would be extremely complicated both financially and time-wise. Even during the development of a car, individual components must be continuously checked. Our mission is to prepare companies so that their products can be a problem-free part of the entire car. The whole process of preparing a car for approval, from the first consultations to the final tests, takes up to two years."
Simulated attacks are a key part of active trials. The trials are carried out by the car manufacturer itself during car development, who is heavily invested in the car passing the test and being approved. These are exact and repeatable procedures, the purpose of which is to verify the elimination or mitigation of potential risks. The already mentioned Regulation No. 155 specifically lists 70 bottlenecks as examples, but it is only a framework, because changes are happening constantly and quickly in this area. Test engineers at the TÜV SÜD Czech laboratory must keep up with hackers and continuously educate themselves in the specific areas. During the tests, they are the ones who try to break the car protection posing as ethical hackers.
"Car manufacturers obtain the approval, which is valid at the time of market launch, but subsequently they themselves have to monitor the security situation and, in the event of an attack on their cars by hackers, they are obliged to intervene. Similar to the case of a security hole in the operating systems of mobile phones, they can offer a software update via a wireless update, make more fundamental changes during regular service visits or as part of a recall. At the same time they must draw up reports on security incidents, which are submitted to TÜV SÜD Czech once a year. It will then decide whether the approval is still valid or whether retesting is needed," Jan Hnilica, head of the Integrated Testing Department at TÜV SÜD Czech, describes further details of the new regulation.
Cyber security is a big topic in many fields, because it tries to respond to rapid social changes, which unfortunately also include new ways of stealing physical property or sensitive data. "We must constantly familiarise ourselves with new technologies, risks and threats. It is not enough for us to only know the formal requirements of the legislation. We always want to be a step ahead and not only develop in automotive, but in cyber security across disciplines. This is where our main know-how lies," Vladislav Kocián explains the daily work of the cyber security laboratory at TÜV SÜD Czech.
Get an overview of the current status and developments in highly automated driving legislation
Read More
Towards a probabilistic SOTIF analysis as basis for road release
Read More
Site Selector
Global
Americas
Asia
Europe
Middle East and Africa