So, when researchers at the Chinese firm Tencent revealed they could burrow through the Wi-Fi connection of a Tesla S, all the way to its driving systems and then remotely activate the vehicle's brakes, they exposed not one but a chain of security issues. Security vulnerabilities can be introduced throughout the design lifecycle starting at the architectural level, where fundamental flaws in the security architecture, such as storing implicitly trusted boot code in unprotected writable SPI Flash can open systems to attack.
A flawed microarchitectural design decision can also open hardware to vulnerabilities (ex. Meltdown and Foreshadow). Vulnerabilities can also be introduced during RTL design, such as unintentional backdoors in test and debug circuitry, as well as errors in configuration and usage of hardware by low-level firmware and software.
Commonly employed security verification techniques, which include manual design and code review, formal verification, and simulation-based functional verification are important as part of a larger verification strategy but do not provide a unified scalable methodology which can be applied during all stages of the pre-silicon design lifecycle.
Automotive security development lifecycle
The trend of rooting security into hardware is growing rapidly. In a 2015 survey from the Global Semiconductor Alliance (GSA) and McKinsey, semiconductor executives listed security as the top priority for the Internet of Things (IoT) with a large emphasis on automotive. This same survey also listed endpoints and chips some of the most vulnerable attack points in a modern car.
Functional safety has long been a primary deign concern for OEMs and their suppliers. However, now with the connected and autonomous vehicles, cybersecurity poses additional design challenges. The auto industry’s upcoming standard ISO/SAE 21434 is intended to drive security activities and process at all phases of the vehicle life cycle. The goal is to keep people and information safe. This new standard will be based, in part, on the existing Auto-ISAC (Automotive Information Sharing and Analysis Center) best practice guide.