As the connectivity of vehicles and the amount of online data connections between cars and an IT backend increases, the number of attack vectors and vulnerabilities to cyber attacks also is rising, explained Werner Köstler, responsible for interior development strategies at Continental. Whereas in the past - in the case of the non-connected car - physical access or at least a spatial proximity of a few meters was required to manipulate a vehicle's electronics, in the case of the connected car anyone who has found a weak point can access the car and disrupt its functions - with potentially devastating consequences for its safety. And there are many entry roads for possible cyber attacks - they range from the numerous telematics functions to automated communication with other vehicles and the infrastructure (V2X) to the WiFi hotspots with which more and more vehicles are equipped. Plus, while in a conventional car a hacker could only attack a single vehicle at a time, in a multiple-networked car it is possible to copy and paste an attack option once found and spread it to many vehicles simultaneously, possibly to an entire fleet.
Continental, its software subsidiary Elektrobit (EB) and Israeli cyber security expert Argus, which was acquired some time ago, are working together to develop a comprehensive range of vehicle security products to prevent such dark scenarios from happening. This comprises several components. It starts with consulting OEMs and tier ones on the development of a secure electronics architecture for their vehicles. The second pillar of this strategy is the development of hardware and software components for vehicles by EB. Examples are the Autosar basic software or specific solutions such as secure bootloaders for vehicle-internal ECUs. These components also include authenticated identification, secure updates via the air interface and corresponding real-time diagnostics for the car.