Cyber security of automated vehicles

Similar documents
Trusted Platform Modules Automotive applications and differentiation from HSM

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

Securing IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region

Cyber security mechanisms for connected vehicles

Connecting Securely to the Cloud

Market Trends and Challenges in Vehicle Security

How Microcontrollers help GPUs in Autonomous Drive

Secure automotive on-board networks

Introducing Hardware Security Modules to Embedded Systems

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

CardOS Secure Elements for Smart Home Applications

MASP Chapter on Safety and Security

Turbocharging Connectivity Beyond Cellular

Security in NFC Readers

Automotive Security An Overview of Standardization in AUTOSAR

Securing IoT devices with Hardware Secure Element. Fabrice Gendreau EMEA Secure MCUs Marketing & Application Manager

Cybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute

Automotive Anomaly Monitors and Threat Analysis in the Cloud

Spotlight on IoT Security. Choose the right security for the Internet of Things.

A Developer's Guide to Security on Cortex-M based MCUs

WHAT FUTURE FOR CONTACTLESS CARD SECURITY?

PKI Credentialing Handbook

COOPERATIVE ITS SECURITY STANDARDIZATION AND ACTIVITIES ON EUROPEAN C ITS TRUST MODEL AND POLICY

MIGRATING TO CAN FD. Tony Adamson. Marketing Director CAN / LIN / FlexRay

Accelerating the implementation of trusted computing

Creating the Complete Trusted Computing Ecosystem:

Scalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018

SECURITY OF CPS: SECURE EMBEDDED SYSTEMS AS A BASIS

Countermeasures against Cyber-attacks

To realize Connected Vehicle Society. Yosuke NISHIMURO Ministry of Internal Affairs and Communications (MIC), Japan

Secure Ethernet Communication for Autonomous Driving. Jared Combs June 2016

Automotive Cyber Security

TomTom Innovation. Hans Aerts VP Software Development Business Unit Automotive November 2015

The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.

ARM processors driving automotive innovation

Security in sensors, an important requirement for embedded systems

MAXIMIZE YOUR IOT INVESTMENT WITH SCALABLE SOLUTIONS FROM AWS AND NXP

Keep your fingers off my keys today & tomorrow

Conquering Complexity: Addressing Security Challenges of the Connected Vehicle

Renesas Synergy MCUs Build a Foundation for Groundbreaking Integrated Embedded Platform Development

Development Progress and OEM Perspective of C-V2X in China

CSI: VIDEO SURVEILLANCE CONVERTING THE JUGGERNAUT

SECURITY CRYPTOGRAPHY Cryptography Overview Brochure. Cryptography Overview

10 th AUTOSAR Open Conference

Windows IoT Security. Jackie Chang Sr. Program Manager

M2MD Communications Gateway: fast, secure, efficient

Study on data encryption technology in network information security. Jianliang Meng, Tao Wu a

Provisioning secure Identity for Microcontroller based IoT Devices

Atmel Trusted Platform Module June, 2014

IDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller

T he key to building a presence in a new market

Automotive Gateway: A Key Component to Securing the Connected Car

Car2Car Forum Operational Security

Security and Privacy in Car2Car Adhoc Networks

Development of Intrusion Detection System for vehicle CAN bus cyber security

Autorama, Connecting Your Car to

Arccore AB 2017, all rights reserved. Accelerating innovation

A Perspective on V2X in the United States

KPIT S Connected Vehicle Practice

Utimaco HSM Introduction JIPDEC Seminar June 2017

IOT FLAGSHIP PROJECT. Dr. Mario Drobics, AIT

Windows 10 IoT Core Azure Connectivity and Security

Introduction to Internet of Things Prof. Sudip Misra Department of Computer Science & Engineering Indian Institute of Technology, Kharagpur

White Paper. Connected Car Brings Intelligence to Transportation

Application Strategic Focus

5G promotes the intelligence connected vehicles. Dr. Menghua Tao Senior Solution Manager China Unicom

iotrust Security Solutions

Advanced IP solutions enabling the autonomous driving revolution

$263 WHITE PAPER. Flexible Key Provisioning with SRAM PUF. Securing Billions of IoT Devices Requires a New Key Provisioning Method that Scales

BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module

QUANTUM SAFE PKI TRANSITIONS

Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications

SIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC

10 th AUTOSAR Open Conference

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC

M2MD Communications Gateway: fast, secure and efficient

Designing a software framework for automated driving. Dr.-Ing. Sebastian Ohl, 2017 October 12 th

Innovation policy for Industry 4.0

Authentication with Privacy for Connected Cars - A research perspective -

PENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017

Roger C. Lanctot Director, Automotive Connected Mobility

Security of vehicular communications. Vehicular communication (VC) systems

Functional Safety Architectural Challenges for Autonomous Drive

Architecture concepts in Body Control Modules

Scalable Security solutions to enable Cyber Security and to manage Digital Identities

Taking the Right Turn with Safe and Modular Solutions for the Automotive Industry

Automotive Security: Challenges and Solutions

How Security Mechanisms Can Protect Cars Against Hackers. Christoph Dietachmayr, CIS Solution Manager EB USA Techday, Dec.

Future Implications for the Vehicle When Considering the Internet of Things (IoT)

Azure Sphere Transformation. Patrick Ward, Principal Solutions Specialist

POST-QUANTUM CRYPTOGRAPHY VIENNA CYBER SECURITY WEEK DR. DANIEL SLAMANIG

Cypress PSoC 6 Microcontrollers

Industrial IoT Security Attacks & Countermeasures

Resilient IoT Security: The end of flat security models

Build a Driver Information System with IoT Technology

Autonomous Driving needs Safety & Security. Embedded World 2018 Dr. Ciwan Gouma

Enabling Smart Lighting for Smart Cities. How Cheen Ng 18 August 2017

Security issues related to the future Networked Car

TIOVX TI s OpenVX Implementation

Transcription:

Cyber security of automated vehicles B. Steurich Infineon Technologies Conference Sep. 2017, Berlin

Building blocks of automated driving: Cooperation of multiple system and disciplines Data Processing and Decision Making Software Decision Making HMI Sensing Vehicle Sensors Radar, Ultrasonic, Camera, Lidar, GPS, Maps Fusion Sensor Data Central Computing Connectivity DSRC, Wi-Fi Cellular Suspension Transmission Vehicle Dynamics and Control Braking Steering Engine 2

IT security is built on three cornerstones Confidentiality Protection of transferred data Integrity Accuracy & authenticity of data Availability Reliable access to communication channels 3

Automotive security needs more Overall automotive security goals Enable functional safety Protect business & IP Meet customers quality expectation Fulfill privacy & regulation requirements Secret keys are the basic prerequisite of any secured vehicle operation 4

Secret keys must be protected Key integrity is essential for system security Hardware trust anchors Compromised keys = no security Revocation of keys is expensive and takes time Key handling must be secured through the whole lifecycle Provide protected execution environments & tamper resistance for high-security demands Key storage & related crypto operation Key management and deployment in insecure environment 5

Standard microchips can be attacked by various means Logical attack e.g. protocol fuzzing Observative attack e.g. power analysis Manipulative attack e.g. probing Semi-invasive attack e.g. laser fault injection 6

Features of trust anchors for automotive security Integrated on MCU (HSM) Onboard security Protected com. & debug interfaces High-speed / real-time critical tasks Discrete Security Controller CAR2CAR CAR2INFRASTRUCTURE CAR2CLOUD Protected external communication Certified hardware security Protecting critical keys & certificates 7

Hardware security module (HSM) and Trusted platform module (TPM) - Overview HSM - Integrated on MCU Integrated security hardware incl. Protected key & program storage, internal firewall, debug protection, crypto accelerators (AES-128/ECC256/SHA-2), AIS31 compliant True Random Number Generator (TRNG) for key generation, 32bit CPU High performance, real-time capable Full Automotive temperature range and quality (AEC Q-100 Grade 0+, DFR), AUTOSAR compliant AURIX TM e.g. TC23x Eth CAN Flash HSM Flash TPM Discrete security hardware EAL 4+ high security certified hardware & software (high tamper resistance) Ca. 100 standardized crypto functions Supports multiple crypto schemes (incl. AES-256/ECC512/RSA2028) Host Processor e.g. Linux-Based MPU or AURIX TM MCU Flash SPI TPM Firmware Basic SW Flash AEC-Q100 Grade 2 compatible AIS31 compliant (TRNG) for key generation 8

A selection of security use cases in conjunction with automated vehicles We propose three use case classes (AURIX TM & TPM): AURIX HSM (only) Real time bulk encryption/decryption (secure boot, firewall, secure onboard communication, on-thefly integrity verification ) Symmetric key and password generation COMBINED On board key generation & management SOTA Feature activation IDPS Data logging OPTIGA TM TPM (only) Central storage and processing of long-term keys and certificates. Digital access right supervision (privacy protection, diagnostics access, data recorder, functional upgrades/ releases) Measured Boot Remark: Some use cases can be implemented with both AURIX or TPM. The security architecture requirements of the OEM are decisive. There is a need to maximize security level and minimize overall cost 9

Connectivity and security in the context of automated driving Self-driving cars need to know their precise location and what s around them to maneuver safely. Sensors have their limits, and selfdriving cars need the ability to see around corners and into the distance in advance. Date integrity (accuracy & authenticity of data) must be ensured. V2X - 5GAA Configuration A Multiple use cases in parallel Real-time See-through scenarios Sensor sharing Intersection movement assist Real time situational awareness & high definition maps Cooperative lane change (automated driving merging assist) Vulnerable road user (incl. V2P)/ collision avoidance Queue warning incl. congestion Speed harmonization Road-side unit (RSU) assisted safety/ platooning Tele operated driving Not real-time Firmware & software update 10

5G V2X Timeline (5GAA Vision) Vehicles are getting prepared for heterogeneous com. configuration (incl. LTE/5G, BT and DSRC) Holistic security concept Access control to in-vehicle network (IVN) Secure on-board communication Data usage policies Anomaly detection and defense etc. Automotive Ethernet will be used as communication backbone (up to 20Gbit/s) Source: 5GAA & OEM discussion 11

Quantum computers food for thought Quantum Computers IBM's quantum cloud computer goes commercial http://www.nature.com/news/ibm-s-quantumcloud-computer-goes-commercial-1.21585 European Commission will launch 1 billion quantum technologies flagship https://ec.europa.eu/digital-singlemarket/en/news/european-commission-willlaunch-eu1-billion-quantum-technologies-flagship Powerful machine that can be used for crypto analysis and more Idea: Use quantum mechanical effects for computation Different from classical computers with quantum bits (qubits), quantum gates and some restrictions (no cloning, reversibility) Universal quantum computers expected in 15 20 years Goal to increase the number of stable qubits 2016: 5-qubit computer by IBM 2017: 17-qubit computer by IBM Possible other specialized application of quantum computers Optimization problems Quantum chemistry 12

The threat of quantum computers to cryptography Quantum cryptanalysis on an universal quantum computer Currently used asymmetric cryptosystems (RSA/ECC) breakable by using Shor's algorithm Classical world (currently): ECC-256 has 128-bit of security Quantum world (in 15-20 years): ECC-256 has almost 0-bit of security Bit-security level for symmetric cryptography is halved by Grover's algorithm Classical world (currently): AES-128 has 128-bit of security Quantum world (in 15-20 years): AES-128 has only 64-bit of security Quantum world (in 15-20 years) Heavily affected: RSA, ECDSA, ECDH Considered safe: AES-256, SHA512, SHA3-512 Affected: AES-128, 3DES 13

Post-quantum cryptography and quantum cryptography Post-Quantum Cryptography and Quantum Cryptography are not the same Post-Quantum Cryptography Conventional cryptography deployable without quantum computers (i.e. on a classical computer) Requires new mathematical hardness assumptions for public-key-crypto Mainly 5 families of crypto schemes being researched (widely vary in the key length and applicability) Quantum Cryptography Mainly Quantum Key Distribution (QKD) to secure communication using quantum mechanics Security relies on quantum mechanics not computational assumptions Physical requirements like fiberoptical cable between communication parties As the leading provider of security solutions, Infineon is actively pursuing intensive research on post-quantum cryptography www.infineon.com/post-quantum-crypto 14

Demonstrator of post-quantum cryptography Demonstrator of post-quantum cryptography on a smart card chip Setup a secured channel Infineon s contactless smart card (SLE 78) Infineon succeeded to implement a variant of New Hope on an Infineon contactless smart card microcontroller (SLE 78) This chip family is used in numerous high-security applications like electronic passports In smart cards, computing and memory resources are limited The New Hope key-exchange protects the communication between the smart card and the reader Required for electronic passports but also when smart card or secure element establishes a secure channel with the cloud (e.g. in case of IoT) 15

Summary Connected cars offer cost saving potentials, convenience gains and new business opportunities. Trust anchors are indispensable in the context. Infineon investigates solutions to provide security by a combination of AURIX and OPTIGA TPM as well as solutions to match future challenges of connectivity and crypto agility. Infineon s scalable portfolio of hardware trust anchors can achieve Digital Resilience and Survivability in a cost efficient manner through the supply chain 16

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback