Can we trust our cars?: Page 6 of 7

January 21, 2019 //By Balázs Simacsek, NXP Semiconductors
Can we trust our cars?
When we talk about automotive security, most people think about protecting cars from thieves. But with the emergence of automated driving, fast expanding connectivity options and ever-increasing complexity, vehicles are vulnerable to new kinds of cyberattacks. In this new environment vehicles need more protection than ever before.

NXP’s S32 Processing Platform offers one of the strongest security solutions available today based on the 4+1 Automotive Security Framework. The 4-layer cybersecurity solution offers a secure interface to the outside world for M2M (Machine-to-Machine) communication, secure gateway for domain isolation, secure network for messaging both internally and externally, and secure processing on ECUs. Together with secure car access systems, it enables defense-in-depth protection across the vehicle.


Figure 5: Multi-layer security framework

Security by design is critical, which is why all products developed as part of the S32 platform offer a complete range of security capabilities, implemented in a dedicated security sub-system called HSE (Hardware Security Engine): secure boot, symmetric and asymmetric cryptographic services (encryption, decryption, signing and verification), hashing, high-quality random number generation, key management services, side channel protection and fault resistance. Hardware acceleration is in place to fulfill the real-time requirements of the safety-critical automotive systems.

To serve a wide range of applications (body, comfort, powertrain, vehicle dynamics, safety, driver assistance and driver replacement, gateways, domain controllers, etc.) while ensuring that the products are easy-to-use, easy-to-reuse and easy-to-integrate, security services across the complete S32 portfolio can be accessed through a compatible Security API. All products are AUTOSAR-compliant and fully meet the functional goals and objectives of the ‘SHE’ and ‘EVITA Full’ specifications.

Because any solutions coming to the market today must offer a way to keep security solutions up-do-date over the extended lifetime of a vehicle, it is important that offline and over-the-air firmware and software updates are supported through secure (encrypted and authenticated) channels. Updateable, upgradeable and therefore future-proof security must be available across all domains to support the vehicles from design to end-of-life.

What can car owners do to reduce the risk of being hacked?

The industry is working hard to design and maintain security systems in cars in a way that owners won’t have to do more than follow good security practices, such using strong passwords and reporting suspicious malfunctions they observe.

Cars and their security systems are very complex with multiple access points. They require deep security expertise to decide the best way to protect sensitive data and ensure the safe and secure operation of the vehicle.

The automotive industry must provide sufficient security solutions to current and future car owners. Governments can also play a role, for example, by defining a legal framework for independent evaluation of the security capabilities of our vehicles.

Car owners can and should demand proven high-security solutions, together with comfort and safety. Increased consumer awareness and demand helps accelerate the required steps, so security implementations can fulfill the fast-increasing security requirements of assisted or automated driving in highly connected vehicles.

Design category: 

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.