Increasingly, today’s vehicles feature driver assistance technologies, such as forward collision warning, automatic emergency braking, and vehicle safety communications. In the future, the deployment of driver assistance technologies may result in avoiding crashes altogether, particularly crashes attributed to human drivers’ choices. These vehicles depend on connectivity and technology that runs on complex software which can have vulnerabilites which could be exploited by the hackers.
If a physical device is connected to the internet, it can be targeted with a cyber attack. Thus, with tens of millions of connected cars on the road today – and hundreds of millions of them expected to be by 2020 – threats to the safety and privacy of motorists, passengers, bystanders and private as well as corporate property already exist and are set to grow substantially. Looking forward, by 2020, virtually all manufactured vehicles will come with embedded, tethered or smartphone mirroring connectivity. Already in the first quarter of 2016, cars accounted for one-third of all new cellular devices. No longer a pipe dream of futurists, car connectivity has pervaded the automotive industry and recent whitehat hacks of both private cars and commercial vehicles prove the ever-present danger.
While connectivity can be (and already is being) used to make us safer, more productive and entertained while in transit, it creates an attack surface through which to access the vehicle’s delicate Controller Area Network (CAN) bus. Once inside, hackers may be able to send commands to the vehicle from a remote location in order to, inter alia, steal private and corporate data, track individual vehicles or entire fleets and hijack non-safety and safety-critical functions – imagine losing the ability to steer or brake while speeding down a highway!
Another vulnerable area is the trucks, In 2013, heavy duty trucks and commercial vehicles transported over $11.5 trillion of goods in the US alone. A pillar of the American and world economies, the trucking industry is powered by connectivity technologies that improve fleet efficiencies, streamline deliveries, reduce down time, fuel costs and more. These technologies also hold the promise of pushing profit margins through new innovative functions such as platooning, accident avoidance, preventative maintenance and lowering driver turnover rates. The common communication standard, J1939, in widespread use amongst trucks and many other commercial vehicles, makes it possible for cyber criminals to craft “one size fits all” attacks that are instantly scalable. This puts fleets responsible for trillions of dollars of goods at risk as the financial incentive is clear and developing attacks is actually easier than in consumer cars.
The benefits of truck connectivity are driven by the transfer of vast amounts of telematics data over the Internet through a component known as the telematics gateway unit (TGU). However, as the TGU communicates with the outside world, it exposes truckers and fleet operators to would be hackers. Researchers have even shown how to access and compromise personal and corporate information governing payroll, delivery schedules, the in-truck network and more. As thousands of these truck TGUs can be found and accessed without any authentication on the public Internet, the industry should move swiftly to retrofit aging fleets devoid of any security apparatus and to bake cyber security into the entire development cycle and lifespan of future truck lines.
Cybersecurity takes on an even more important role in case of vehicles as it may cause accidents, damage to vehicle and infrastucture and death or serious injuries to its occupants. Therefore vehicles systems and components that govern safety must be protected from harmful attacks, unauthorized access, damage, or anything else that might interfere with safety functions.
Due to the dynamic and developing threat environment, the stakeholders are taking a multitude of approaches. Original Equipment Manufacturers (OEMs), Tier 1s, regulatory bodies, insurance companies, technology companies, telecommunications providers and organizations affected by the new attack landscape are all working to strengthen the industry’s cybersecurity posture. These entities are collaborating in groups such as the newly formed Auto-ISAC, which recently published a best practices guideline for cyber security on wheels and amongst themselves to integrate cyber security into the entire vehicle lifecycle – from concept through production, servicing and decommission.
National governments have also taken note of the emerging public safety implications of vehicle connectivity. To ensure a comprehensive cybersecurity environment, United States Department of Transportation NHTSA has adopted a multi-faceted research approach that leverages the National Institute of Standards and Technology Cybersecurity Framework and encourages industry to adopt practices that improve the cybersecurity posture of their vehicles in the United States. NHTSA’s goal is to collaborate with the automotive industry to proactively address vehicle cybersecurity challenges, and to continuously seek methods to mitigate associated safety risks.
In the United Kingdom as well, lawmakers have published their Key Principles of Vehicle Cyber Security for Connected and Automated Vehicles while a recent European Commission proposal would see the EU Cybersecurity Agency (ENISA) create EU-wide certificates, similar to labels that are currently used for food safety, for trusted energy, transport and other networks, as well as new consumer devices, like connected cars. Additionally in the EU, the 15 Europe-based car, van, truck and bus manufacturers of the European Automobile Manufacturers Association published their Principles of Automobile Cyber Security which provides an overview of the policies they’ve adopted.
Over the past few years, relevant government agencies have also produced reports and guidelines such as the Cyber Security and Resilience of Smart Cars by ENISA and the Federal Guidance for improving Motor Vehicle Cybersecurity, NHTSA and Vehicle Cybersecurity and Automated Driving Systems (ADS): A Vision for Safety 2.0 by the US NHTSA.
NHTSA’s approach to Vehicle Cybersecurity
NHTSA promotes a multi-layered approach to cybersecurity by focusing on a vehicle’s entry points, both wireless and wired, which could be potentially vulnerable to a cyberattack. A layered approach to vehicle cybersecurity reduces the possibility of a successful vehicle cyber-attack, and mitigates the potential consequences of a successful intrusion. A comprehensive and systematic approach to developing layered cybersecurity protections for vehicles includes the following:
- A risk-based prioritized identification and protection process for safety-critical vehicle control systems;
- Timely detection and rapid response to potential vehicle cybersecurity incidents on America’s roads;
- Architectures, methods, and measures that design-in cyber resiliency and facilitate rapid recovery from incidents when they occur; and
Methods for effective intelligence and information sharing across the industry to facilitate quick adoption of industry-wide lessons learned. NHTSA encouraged the formation of Auto-ISAC, an industry environment emphasizing cybersecurity awareness and collaboration across the automotive industry.
NHTSA regularly collaborates with other government agencies, vehicle manufacturers, suppliers, and the public to further industry’s efforts in addressing vehicle cybersecurity challenges. The objective of this strategy is to promote the impact of the various safety applications employed in current vehicles, as well as those envisioned for future vehicles that may feature more advanced forms of automation and connectivity.
NHTSA’s approach to vehicle cybersecurity has the following goals:
- Expand and share the automotive cybersecurity knowledge base to better establish comprehensive research plans and develop enabling tools for applied research in this area;
- Support the automotive industry in implementing effective, industry-based best practices and voluntary standards for cybersecurity and participate in cybersecurity information-sharing forums;
- Foster the development of new system solutions for automotive cybersecurity; and
- Determine the feasibility of developing performance evaluation methods for automotive cybersecurity.
The need for powerful automotive cybersecurity corresponds with the rapid advances in vehicle technology. NHTSA’s ultimate goal is to save lives, prevent injuries, and reduce the economic costs of vehicle crashes. This goal is potentially achieved through the implementation of driver assistance technologies, and cybersecurity goes hand-in-hand with this process.
The field of vehicle cybersecurity is exploring many areas including
- Anomaly-based intrusion detection systems research: Researching metrics and objective test methods to assess effectiveness of such solutions.
- Cybersecurity of firmware updates: Researching cybersecurity of automotive electronics update mechanisms through physical and over-the-air means.
- Cybersecurity considerations for heavy vehicles: Researching similarities and differences between passenger cars and larger vehicles from a cybersecurity considerations standpoint.
- Research on reference parser development for V2V communication interfaces: Developing a formally verified and mathematically proven message parser for V2V communication interfaces.
- In-house cybersecurity research at the Vehicle Research and Test Center (VRTC) in East Liberty, Ohio: This research explores the cybersecurity risks of today’s vehicle electronic architectures and aims to establish principles and guidance that could improve the cybersecurity posture of passenger vehicles through applied research.
Military Vehicles Cyber Security
Military vehicles use the same software and electronic architectures as commercial vehicles, hecne they are also potentially vulnerable to hacking. In addition military vehicles will face increasngly sophiticated adversaries which have sophiticated weapons from cyber attacks to jamming as well as directed. To help it defend its fleet, the Army Tank Automotive Research, Development and Engineering Center is scouting for an intrusion defense system that can “protect against and mitigate cyber-attacks on military vehicles,” according to a recent request for information.
The US Army Tank Automotive Research, Development, and Engineering Center (TARDEC) Ground System Cyber Engineering (GSCE) is conducting a market survey to identify potential sources to provide technological solutions applicable to an Intrusion Defense System for use in military ground vehicles in an effort to protect against and mitigate cyber-attacks on military vehicles.The scope of the responses that TARDEC GSCE will be accepting can be as simple as an individual component that could be used in a vehicle’s existing bus network (e.g. CAN, 1553, etc.), or as complex as a system of components. Adaptation of existing technologies and systems used for other applications will be considered and is encouraged.Definition: Intrusion Defense System – An add-on technology or modification to the existing vehicle bus network that detects or defends against malicious or enemy cyber attacks on the vehicle. more
Cybersecurity technologies will likely fall into two camps, prevention and detection, according to Andre Weimerskirch, the vice president of cybersecurity and functional safety at Lear Corp. Prevention will include segregating the network, so if hackers make it onto one part of the system they won’t be able to travel to other parts of the vehicle. It will also include secure booting, which will prevent the system from booting up if manipulated software has been detected. Network communication also has to be protected, said Weimerskirch, who has also worked with University of Michigan’s MCity research facility for connected and autonomous vehicles.
Secured vehicles also need software to detect any malware that has gotten in. Typically, detection software reports to a cloud-based security operations center that runs analytics on collected data to identify cybersecurity issues. The onboard software, in combination with the cloud environment, makes up an intrusion detection system. Intrusion detection systems are out of the research phase and will likely be included in consumer automobiles as early as 2020, Weimerskirch estimated.
But there are some important differences between the consumer environment and the military battlefield, most notably the motivation behind the attack. Hackers targeting consumers are likely to have financial motives — a ransomware attack that disables a car until the hacker is paid, for example. In the military, the possibility of electronic vulnerabilities being exploited by nation states means “you need to have far higher standards when you build your security around military devices,” Weimerskirch said.
“It is an area of concern for our customers,” Bowers said, especially as the use of autonomous systems increases. “When you’re looking at an unmanned or an autonomous system, everything is software driven, so you have unique attack vectors,” he said. Those systems must be trusted and predictable, so cybersecurity will have to keep pace. “What’s new is coming up with a system that can respond to threats even while it’s on the battlefield,” Bowers said. “What we’re looking at is technologies that will allow the cybersecurity itself to become autonomous and be dynamic and on the network even while it’s deployed.”
Autonomous cybersecurity will be able to recognize new threats based on characteristics of existing threats and to analyze system behavior to recognize if something is wrong, he said. Part of this analysis will be handled by intrusion detection systems, but integrated system health monitoring will also scan for problems that are less obvious than a hack or intrusions, he said. Besides prevention and detection, autonomous vehicles must have the ability to be patched in fighting environments that have very little bandwidth. “You can’t have them all come back to base to update a new service patch every Tuesday like you do with your office computer,” Bowers said.
In 2018, the Automotive Information Sharing and Analysis Center inked a cooperative research and development agreement with the Department of Homeland Security to boost capacities for information sharing and analysis of vehicle cyber threats. Auto-ISAC said Thursday the partnership will look to provide vehicle cyber threat information access to the DHS National Cybersecurity and Communication Integration Center as well as clear ISAC personnel to see classified threat data.
“This relationship with the DHS provides our cybersecurity experts the opportunity to work with their counterparts in the federal government to increase information sharing and analysis,” said Jeff Massimila, chair at Auto-ISAC and vice president of vehicle safety and product cybersecurity at General Motors.
Private sector clients that enter a Cooperative Research and Development Agreement (CRADA) with DHS can participate in the Cyber Information Sharing and Collaboration Program, a public-private cyber information sharing and analytic collaboration initiative for cyber threats, incidents and weaknesses. CISCP partners voluntarily to send cyber threat indicators and information used to better understand incidents and potential network vulnerabilities. The CISCP program also supports analyst-to-analyst threat exchange and conducts training events where classified and unclassified briefings occur.
In 2010, Cybersecurity company Shift5 announced that it has reached a Cooperative Research and Development Agreement (CRADA) with the U.S. Army Combat Capabilities Development Command Ground Vehicle Systems Center (GVSC), the U.S. armed forces’ research and development facility for advanced technology in ground vehicle systems.
The CRADA is intended to foster cutting-edge development in cybersecurity and cyberdefense capability development, which is part of the center’s current technology priorities. Under the agreement, Shift5 will work with the GVSC to demonstrate increased security for Army vehicles against cyberattack and look for alternate ways to keep vehicle operating systems safe from cyberthreats.
The technology developed by Shift5, say company officials, will integrate, demonstrate, and validate cyber resiliency and be the path to cyber situational awareness prototype solutions to defend Army platforms from cyberattacks. Michael Weigand, cofounder and CEO of Shift5, said of the agreement: “The CRADA is a critical opportunity to extend Shift5’s commercial operational technology (OT) cybersecurity solutions to U.S. Army users. This will allow us to grow the capabilities and use cases for Shift5 and provide innovations that close cybe security shortfalls in operational technology.”