The importance of the Security in the Automotive Sector

Automotive security is very important since most people use vehicles and understand the dangers of an attacker that can gain the control of the vehicle. This makes them prone not only to thefts but also to automated attacks that endanger passengers’ safety.  Due to the number of breaches that have occurred within the last few years, car-makers have started to take security into account in order to detect and mitigate possible vulnerabilities.

The examples of vehicle hacking are not confined to the U.S. vehicle fleet. In Europe, German Automotive Association (ADAC) found a flaw in BMW’s companion smartphone app for its ConnectedDrive platform that would enable hackers to modify the app to allow them to remotely unlock any BMW, MINI, or Rolls Royce models equipped with the technologies underpinning the OEM’s ConnectedDrive telematics platform. The need for security of hardware and software systems in cars is driven by the ever-increasing connectivity between the car and the external world, which includes not only telematics services and internet access, but also upcoming vehicle-to-vehicle or vehicle-to-infrastructure communication [1].

Since the number of wired and wireless attack surfaces has grown in modern vehicles, there are more opportunities than ever before for criminals to hack into vehicles. In many cases, researchers have performed the hacks reported on by the media, but there have also been a number of criminal hacks of vehicles, for example using various electronic means to bypass remote key-less entry systems and immobilizer systems in order to steal cars. Unfortunately for the automotive industry, the growing number of ECUs for different applications in vehicles — around 100 in a premium vehicle — and the number of outside devices and servers connecting to those vehicles, makes security a very complex issue to solve.

One of the biggest challenge is in balancing the cost of security versus the risk potential (and therefore financial risk) that the multitude of attack surfaces presents. The sheer number of attack surfaces, from wireless connections such as cellular, Bluetooth, Wi-Fi, and Dedicated Short-Range Communications (DSRC) to wired connections, such as SD cards and USB ports, has dramatically expanded within the last few years [2].

Securing attack surfaces is essential, for this reason, the TAPPS Project is developing scalable, cost-effective solution that enable the manufacturing of secure connected cars.

 

[1http://www.zdnet.com/article/bmw-patches-flaw-that-could-let-hackers-unlock-car-doors/

[2] Solutions and Services for the AUTOMOTIVE INDUSTRY TXT e-solutions S.p.A. 2015