The connected car: security in embedded systems

Author : Bryce Johnstone, Automotive Segment Marketing Manager at Imagination Technologies

25 September 2017

Credit: Shutterstock
Credit: Shutterstock

The world around us is increasingly connected. Just as we have become used to connectivity across all our media devices, including phones, tablets and TVs, another step change is about to occur: everything from smart fridges to washing machines and lights will become internet-connected.

Our cars will be hyper-connected environments too, with data streaming to and from their systems – delivering entertainment, road information, telematics and self-driving functions. This article discusses the implications of the connected car.

While the benefits of improved connectivity are clear, it also opens up a sea of opportunities for digital invaders, malicious hackers and other ‘bad guys’ to try to access the systems (whether for fun or for profit). In this article, we discuss the need to protect the myriad of embedded systems (such as those in cars) from these attacks. We will explore how Imagination’s approach to security means its customers will be well prepared to meet these challenges head-on, enabling them to reap the benefits of the broader Internet of Things (IoT) landscape – rather than suffer its pitfalls.

The future of the connected car

The car is rapidly becoming a large element of the IoT, connected by a variety of means to the outside world through an increasing number of wireless technologies. This connectedness enables new services to be delivered to the car, as well as new data to be extracted from sensors and sent to the cloud for data analytics. It also enables extended communications and infotainment capabilities.

Let’s look at how the connected car is evolving.

In terms of autonomous driving, key communications will be centred on Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I), telematics and LTE/5G.

V2V communications is currently based on Wi-Fi (802.11p) and has just been launched in the Cadillac CTS. V2V enables cars to effectively ‘talk’ to each other and send instantaneous messages of speed, position and braking status. This can allow, for example, a ‘round the corner’ view to extend the view of the driver. It can also be used to negotiate and warn cars across junctions; for example, roundabouts and four-way stops could be rendered a thing of the past, as cars negotiate with each other to cross such junctions.

With V2I, vehicles will be communicating with fixed infrastructure, such as smart highways or smart city access points. Petrol stations with such infrastructure will be able to authenticate cars and approve the relevant transactions – without drivers having to even take their cards out of their wallets. Traffic lights will, over an extended time, be phased out in place of roadside antennas/access points which would act as the virtual traffic light controller – allowing cars to negotiate across a junction. Real-time maps can be uploaded, providing instant traffic updates and road condition changes.

Inside the car, there are multiple wireless interfaces connected to the vehicle’s main gateway. There are various Wi-Fi and Bluetooth connections, for anything from the in-car network to wireless speakers or headphones. Internet-connected cars are increasingly using a variety of 3G and 4G, and in the future will use 5G technologies. So there is a proliferation of wireless connections, all of which are potentially hackable, therefore leading straight into the cars’ main control gateways. This allows a hacker to potentially interrupt the transmission, disconnect features or control the steering, putting the vehicle’s occupants in potentially mortal danger.

Diagram 1. Infotainment / In-Car Hub
Diagram 1. Infotainment / In-Car Hub

Another issue relates to potential malicious access to the occupant’s personal details held within the car, such as their home address, credit card numbers, contacts, insurance and car details – all of which could be used to defraud the driver.

Within several years, the amount of data that will be produced per car, per day will likely exceed 4 gigabytes. Not all of this data will be delivered over the air, back to the cloud; instead, useful extractable crowd-sourced data on the road state, car speed, weather conditions and driver ability will form the basis of a range of services that can be delivered back to all drivers. This is currently based on 3G, moving to LTE, but by 2020 will increasingly be delivered over 5G – where the promises of ‘always on, always connected’, massive bandwidth and low latency will come into play.

Looking at the car within its connected environment, we can see that there are many technologies (such as RF, 3G, 802.11x, 4G, 5G and Bluetooth) that present opportunities for hackers to exploit. 

Securing the connected car

Many cars today lack security infrastructure, or are relying on software which was added as an afterthought. A standard, well-connected car can be purchased off the forecourt and then burglarised using basic tools available online.

Recently, there was a hacking demonstration at an industry conference: within minutes, the hacker was able to disconnect key safety features, such as automatic emergency braking, through the car infotainment system. And a recent WIRED magazine article highlighted a situation in which two university professors took control of a Jeep from a hotel room, several miles from the bewildered WIRED journalists driving in the car.

The car industry has realised the potential enormity of the problem posed by hackers, such as their taking over a car or stealing vital personal information. As a result, experts are now pouring much-needed resources into securing their various platforms. There is a liability issue here, and this could end up as a problem for car manufacturers.

Increasingly, security in cars will be provided in a multi-layer approach, similar to that used in smartphones. Smartphones have been subjected to numerous hacks over the years; however, manufacturers of these devices have learnt from these attacks, and implemented fixes and patches, meaning the devices are now fairly secure. Smartphones are now even a trusted platform for financial transactions.

Diagram 2. Multi-domain separation
Diagram 2. Multi-domain separation

At Imagination Technologies, we are delivering our OmniShield technology, which provides a foundational layer of protection for the vehicle. Based on hardware virtualisation, it enables car manufacturers to develop solutions; these ensure the isolation of each operating system, or sensitive application, based on a multi-domain approach (see Diagram 2).

With security by separation, the tier 1 supplier or automotive OEM can offer different services or applications, running on its own OS, in a container/domain that is isolated from the other domains on the device.

In a traditional binary-based security architecture, if you are running several critical and non-critical functions, you might split them between secure and non-secure areas. Unfortunately, if something failed in the secure area, there is a possibility that everything else could go down with it. With OmniShield there is a double layer of memory management that eliminates potential corruption or access of the ‘wrong’ memory space, since each process is running in its own separate space.

Imagination’s MIPS CPUs and PowerVR GPUs support up to 255 completely independent containers (OS plus application), managed by a secure hypervisor. This architecture enables the creation of a highly secure environment that can’t be compromised by hacks in other parts of the car.

In addition, from an automotive car manufacturer (OEM) perspective, real-time ‘over the air’ updates can be performed,  and services can be updated, added or removed, without impact to any other active services. The car operator, whether it is the OEM or a car-share company, is given control of what applications they can enable on the car gateway, and is assured of flexibility and trust via a hardware-backed, trusted system. This can give confidence to high-end financial, retail and banking institutions to allow their transactions to go through such a platform.

Securing the connected car of the future

The increased wireless ‘connectedness’ of the car is a double-edged sword for car manufacturers. It opens up a new set of Application Programming Interfaces (APIs) to allow new products and services to be built and delivered – but at the same time makes it easier for hackers to gain access to the system.

Security will be an ongoing challenge for the automotive industry due to the lead times of introducing new technologies. The industry generally agrees that a multi-layered approach to security is required to deal with this challenge and reduce the risk of compromise – in keeping with what the smartphone market has been able to achieve over the last decade.

Contact Details and Archive...

Print this page | E-mail this page