Delivering an in-depth workshop at Self Driving Track Days in July, HORIBA MIRA have taken time out to write an article for us on cybersecurity. Madeline Cheah, Senior Cybersecurity Analyst will be delivering “Understanding Automotive Cybersecurity”
Cybersecurity is really about the absence of behaviour – that is to say – undesirable behaviour. It is compounded by the fact that it is hard to test for absence, and many of the vulnerabilities – whether that be design choices or implementation errors – are unintended. How would you test for an absence of unintended behaviour?
There is no such thing as perfect security. If we use the simple example of car theft – a criminal who really wanted to take a specific car would just pick it up and put it on a truck. Instead, the aim is to make a system infeasible to attack, in the hope that attackers will go elsewhere. And if every single system was infeasible to attack, then, in an ideal world, all would be protected.
However, this is not an ideal world, and what we have instead is a footrace between attacker and defender. This is exacerbated by the attacker-defender imbalance, whereby the attacker only has to find one vulnerability to exploit, but a defender has to protect as much of the system as possible. There is always a balance to be struck between what’s usable, what’s cost-effective, what’s reactive and what can be proactive.
There are several drivers in the automotive industry that have led to challenging issues in the cybersecurity arena.
Firstly, there is increased connectivity, both inside and outside the vehicle. Secondly, there is increased complexity, with the advent of many systems that have been introduced for reasons of safety, security or marketability. Finally, there is convergence of technologies, between those that were designed for vehicles (for example advanced driver assistance systems), and those that were integrated into vehicles (wireless Internet connectivity).
There are no “strong” or “weak” parts of a vehicle; even what might seem like a trivial attack can be chained with other attacks to make the end impact potentially devastating. Furthermore, with every feature that makes something more safe or convenient, there is potentially an equal amount of convenience for an attacker if sufficient defences are not in place.
Instead we talk about hardening the system, where we close as many security holes as feasibly possible. There are some fundamental principles we can follow as a guide. We can use defence in depth, where there are multiple layers of security, such that holes in one layer are covered by another layer. We can use the principle of least privilege, where by default, nothing is allowed, with the necessary functionality enabled one by one. We can ensure that security is in a system by design, rather than being retro-fitted, such that the holes don’t appear in the first place.
Currently, we can realistically draw a system boundary around the vehicle for the purposes of testing or analysis. However, the horizon is full of vehicles that are connected to each other, to the cloud, to infrastructure, to peripheral devices and wearables. The vehicle will not just be the end target, but the means to an end, whether that be for a backdoor into infrastructure, ram-raiding, terrorism, privacy violation, financial crime and all other criminal activities that now take place through more conventional computing methods.
Cybersecurity in many ways is a mind-set. Not everyone has to be aware of every technique or attack, but knowing when and where to involve a security engineer is crucial. Even if the actual product itself is purely mechanical, sooner or later, it will be attached to or integrated with an electronics system. Presumably, the use of computing and IT is used for designing the product, for protecting the intellectual property attached to a product and for data analytics. Away from automotive technology, cybersecurity awareness can take many forms in many disciplines. In design disciplines, we look at developing security that lay users can use to protect themselves. With psychology and linguistics, it could allow us to distinguish various types of threat actors. Understanding of the law could help with questions to do product liability.
About HORIBA MIRA
Here at HORIBA MIRA, we aim to be a trusted partner to manufacturers. That means working collaboratively with the project team every step of the way. Our cybersecurity related projects cover consultancy, concept development (security by design) and independent security assessment, whether at component, vehicle or lifecycle level.
We are also active in the research sphere, whether that be through collaborative projects funded by InnovateUK (such as 5Stars), through applied research internally, or through embedded PhD programmes in the business. HORIBA MIRA is also heavily involved with the development of international standards in the field, with our experts representing the UK in the development of ISO/SAE AW 21434 (Road Vehicles – Cybersecurity Engineering) and ISO26262 (Road Vehicles – Functional Safety).
Join HORIBA MIRA at Self Driving Track Days in Milton Keynes this July. Book your tickets to attend >>