Automotive Security: Challenges and Solutions

Similar documents
What s New in AUTOSAR?

Adaptive AUTOSAR Extending the Scope of AUTOSAR-based Embedded Software

Adaptive AUTOSAR Extending the Scope of AUTOSAR-based Embedded Software

Introducing Hardware Security Modules to Embedded Systems

Cyber security mechanisms for connected vehicles

How Security Mechanisms Can Protect Cars Against Hackers. Christoph Dietachmayr, CIS Solution Manager EB USA Techday, Dec.

A Safe Basis. Safety Functions Status and Challenge V

Efficient testing of ECUs despite Security

Automotive Cybersecurity: A steep learning curve

Software Architecture for Secure ECUs. Rudolf Grave EB TechDay-June 2015

Automotive Security An Overview of Standardization in AUTOSAR

Adaptive AUTOSAR: Infrastructure Software for Advanced Driver Assistance. Chris Thibeault June 7, 2016

OFF-ROAD VEHICLE DIAGNOSTICS WITH AUTOSAR. Jigar Patel Namdeo Dhawle July 18, 2018

10 th AUTOSAR Open Conference

AUTOSAR Software Design with PREEvision

Trusted Platform Modules Automotive applications and differentiation from HSM

ECU development with AUTOSAR An introduction for AUTOSAR beginners

STMicroelectronics Automotive MCU Technical Day 意法半导体汽车微控制器技术日 2017 年 ST 汽车 MCU 技术日 2017 年 6 月 6 日, 上海 2017 年 6 月 8 日, 深圳 2017 年 6 月 13 日, 北京

KSAR Support. for. ST s SPC5 32-bit Automotive MCUs

AUTOSAR Overview and Classic Platform

Secure Ethernet Communication for Autonomous Driving. Jared Combs June 2016

Adaptive AUTOSAR. Ready for Next Generation ECUs V

10 th AUTOSAR Open Conference

Agenda. > AUTOSAR Overview. AUTOSAR Solution. AUTOSAR on the way

Webinar LIN Embedded Software

Welcome to the Webinar Embedded Software for J1939

vflash Vector Webinar V

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

AUTOSAR Method. Webinar

Embedded Software for J1939

Functional Safety and Cyber-Security Experiences and Trends

SW-Update. Thomas Fleischmann June 5 th 2015

Scalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018

Secure Product Design Lifecycle for Connected Vehicles

Market Trends and Challenges in Vehicle Security

The Adaptive Platform for Future Use Cases

Fending Off Cyber Attacks Hardening ECUs by Fuzz Testing

PENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017

Connecting Securely to the Cloud

Automotive Anomaly Monitors and Threat Analysis in the Cloud

Diagnostic Trends 2017 An Overview

Virtualization of Heterogeneous Electronic Control Units Testing and Validating Car2X Communication

OTA and Remote Diagnostics

MICROSAR. Product Information

Flash Bootloader. Product Information

Cyber security of automated vehicles

PREEvision Technical Article

Architecture concepts in Body Control Modules

Interaction between AUTOSAR and non-autosar Systems on top of a Hypervisor

Current status and Future of AUTOSAR. Markus Bechter 7 th AUTOSAR Open Conference Oct. 22 nd -23 rd 2014, Detroit

IS CAR HACKING OVER? AUTOSAR SECURE ONBOARD COMMUNICATION

Functional Safety and Cyber Security Experiences and Trends

ISO meets AUTOSAR - First Lessons Learned Dr. Günther Heling

The CANoe.Ethernet Solution

10 th AUTOSAR Open Conference

Diagnostic Use Cases V

Model Based Development and Code Generation for Automotive Embedded Systems. April 26, 2017 Dr. Gergely Pintér, Dr. Máté Kovács thyssenkrupp Steering

STMicroelectronics Automotive MCU Technical Day

RTA-BSW v2.1.1 User Guide

Security+ SY0-501 Study Guide Table of Contents

Securing the future of mobility

AUTOSAR design flow. Yoon-Jin Kim Application Engineer. July mentor.com/automotive

Windows IoT Security. Jackie Chang Sr. Program Manager

New Approaches to Connected Device Security

10 th AUTOSAR Open Conference

Software Architecture. Definition of Software Architecture. The importance of software architecture. Contents of a good architectural model

CompTIA Security+ Study Guide (SY0-501)

TRESCCA Trustworthy Embedded Systems for Secure Cloud Computing

CAN FD - Flexible Tools for Flexible Data Rates

EB TechPaper. Combining the strengths of Elektrobit's SecOC with Argus IDPS. elektrobit.com

Cyber Security and Vehicle Diagnostics. Mark Zachos DG Technologies

TechPaper. Over-the-air updates what advantages does the AUTOSAR Adaptive Platform offer?

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)

Ethernet Design Challenges The requirements and use of Ethernet with AUTOSAR

Software integration challenge multi-core experience from real world projects

Overview of Security Support in Vector Tools

Implementation of Automotive Unified Diagnostic Services Based on AUTOSAR. Yue-yin XIE, Chao ZHOU and Feng LUO

MIGRATING TO CAN FD. Tony Adamson. Marketing Director CAN / LIN / FlexRay

Diagnostics is evolving

تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم

AUTOSAR System and Software Design with PREEvision

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

CSI: VIDEO SURVEILLANCE CONVERTING THE JUGGERNAUT

Techday Mobile Electronics Open, connected, scalable With BODAS into the digital future

Secure automotive on-board networks

AUTOSAR I ntegration for the MOST Network

Automotive Security: Challenges, Standards and Solutions. Alexander Much 12 October 2017

Indigo. Vector Diagnostic Tester V / 6

13W-AutoSPIN Automotive Cybersecurity

IC32E - Pre-Instructional Survey

AUTOSAR proofs to be THE automotive software platform for intelligent mobility

Security analysis and assessment of threats in European signalling systems?

CYBERSECURITY AND SERVICE STATIONS

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

Arccore AB 2017, all rights reserved. Accelerating innovation

Handling Challenges of Multi-Core Technology in Automotive Software Engineering

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

AUTOSAR Diagnostic Extract


Securing IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region

Transcription:

Automotive Security: Challenges and Solutions 8 th Vector Congress 30 th November 2016 V2.01.00 2016-11-22

Agenda Introduction Services Embedded Security Mechanisms Tools Summary 2

Introduction Vehicle is becoming a Part of the Internet of Things OEM Suppliers ITS Operator OBD DSRC 4G LTE Public Clouds Service Provider 3

Introduction Threats and Challenges OEM Suppliers ITS Operator Challenges Increasing attack surface Need to protect features and business models OBD DSRC Legacy technologies not designed with security in mind Meaningful transfer of IT security technologies required 4G LTE Limited ressources for security mechanisms / performance constraints Lack of automotive specific standards / guidance Effects on many process areas Public Clouds Service Provider 4

Introduction Building Blocks of a Security Solution Services Embedded Software Tools 5

Services Security does not Start or End with Cryptography Asset Definition Threat and Risk Assessment Security Validation Derivation of Security Goals Penetration Testing Fuzz Testing Security Architecture Design & Analysis Functional Security Testing Security Concept Design & Analysis Secure Implementation of Nominal Function and Security Mechanisms Incident Management & Response 6

Services Typical Customer Needs Asset Definition Threat and Risk Assessment Derivation of Security Goals Security Architecture Design & Analysis Security Concept Design & Analysis Functional Security Testing Security Validation Penetration Testing Fuzz Testing Security Studies > Examining customer defined security concepts > Proof of concept implementation of security mechanisms > Performance analysis Vehicle Security Architecture Implementation > Development of vehicle security architectures for series > Implementation based on established standards and customer specific extensions > Integration support Secure Implementation of Nominal Function and Security Mechanisms Incident Management & Response 7

Embedded Security Mechanisms Building Blocks of a Security Solution Services Embedded Software Tools 8

Embedded Security Mechanisms Layered Security Concept (Logical View) Associated Security Concepts Secure External Communication Secure communication to services outside the vehicle, e.g. via TLS Secure Gateways Firewalls / access control Key infrastructure / vehicle PKI Synchronized secure time Intrusion detection mechanisms Secure In-Vehicle Communication Secure Platform Authenticity of messages Integrity and freshness of messages Confidentiality of messages Key storage Crypto library HW trust anchor (e.g. SHE, HSM, TPM,..) Secure boot and secure update 9

Embedded Security Mechanisms MICROSAR 4.3 Security Modules and available Extensions FVM OS SYS DIAG MEM CSM CRYIF CRYDRV(SW) AMD MCAL CRYDRV (HW) Application RTE COM IO SECOC CAN LIN FR ETH V2G 1 TLS 1 XML Sec 1 AVB 1 EXT LIBS Crypto Service Manager (CSM) Complex Driver Secure onboard Communication (SecOC) Crypto Interface (CRYIF) Crypto Driver HW (CRYDRV(HW)) Crypto Driver SW (CRYDRV(SW)) Freshness Value Manager (FVM) Transport Layer Security (TLS) XML Security (XML Sec) Microcontroller Hardware Trust Anchor (HTA ) 1 Extensions for AUTOSAR Vector Standard Software 10

Embedded Security Mechanisms Cryptographic Functions with and without HW-Support Crypto Service Manager CSM > SWC use CSM through RTE > BSW/CDD use CSM by inclusion FVM > Asynchronous Application operation possible > Callback indicates application RTE SWC/Application FBL Application OS SYS DIAG Crypto MEM Interface COM CRYIF IO LIBS > Provides SECOC standard FWM 1 interfaces IDSM 1 for specific CAL CSM SYS CSM (CPL) HIS Security Module cryptographic functions CRYIF CAN LIN FR ETH V2G 1 Complex Runtime Protection Driver CRYIF CRYDRV(SW) CANFW 1 TLS ETHFW 1 1 TLS XML Sec 1 Update Authorization Crypto Driver CRYDRV CANIDS1 ETHIDS 1 XML Sec > AMD Implementation of cryptographic functions CRYDRV COM SCANTSYN 1 Secure Update Manager SETHTSYN > CRYDRV (SW): Usage of SW-libraries 1 AVB 1 (SW-LIB) > CRYDRV (HW): Usage of resources and MCAL CRYDRV (HW) CDD MCAL capabilities of HW-Trust Anchors (SHE, HSM, EXT TPM, ) CRYDRV (HW) Microcontroller Sec. Bootmanager HTA (HSM) RTE Microcontroller Hardware Trust Anchor (HTA ) 1 Extensions for AUTOSAR Vector Standard Software 11

Embedded Security Mechanisms Future Security Modules (not defined by AUTOSAR) KeyM 1 OS SYS DIAG MEM POLM 1 SLOG 1 KSM 1 AMD MCAL Application RTE COM IO FWM 1 IDSM 1 CAN LIN FR ETH V2G 1 CANFW 1 ETHFW 1 CANIDS 1 ETHIDS 1 AVB 1 EXT Key Manager (KeyM) Key Store Manager (KSM) Security Audit Log (SLOG) Policy Manager (POLM) LIBS Firewall Manager (FWM) > CAN Firewall (CANFW) Complex Driver > Ethernet Firewall (ETHFW) Intrusion Detection System Manager (IDSM) > CAN Intrusion Detection System (CANIDS) > Ethernet Intrusion Detection System (ETHIDS) Microcontroller Hardware Trust Anchor (HTA ) 1 Extensions for AUTOSAR 12 Future Security Modules

Embedded Security Mechanisms MICROSAR Firewall Generic Firewall Manager (FWM): Manages state of individual bus firewalls (e.g. ETHFW). Manage security policy securely stored in HTA (SHE, HSM, ). SWC/Application Role management of security policy (e.g. factory, customer). RTE Distribution of security policy to individual bus firewalls. Update of security policy via DCM. Ethernet Firewall (ETHFW): Stateful packet filtering firewall (inspect IP/TCP/UDP packets). Own TCP/IP stack for extracting packet header information, no code shared with module TCP/IP. SYS COMM DIAG DCM SLOG COM FWM CAN COM PDUR ETH SOAD Applied security policy requested from FWM on startup of ECU. CANFW TCPIP ETHFW Local storage of security policy for fast access (read-only). Logging of non-policy-conform packets in tamper proof SLOG CANIF ETHIF MCAL CRYDRV (HW) CAN Firewall (CANFW): Filtering out CAN frames whose arrival not predicted by DBC. HTA Microcontroller Logging of e.g. CAN frame periodicity deviations in tamper proof SLOG. 13

Embedded Security Mechanisms Building Blocks of a Security Solution Services Embedded Software Tools 14

Tools Challenges for Testing Increasing integration of security mechanisms in current and new architectures New challenges for automotive testing Testing of security Testing despite security Tool solutions are currently in piloting phase 15

Tools Testing of Security Device under Test Monitoring Data Fuzzed Messages CANoe Test framework.net Signal database [.dbc] COMdbLib IronPython Bus System boofuzz config [Python] boofuzz Core [Python] Signal database [.dbc] Automotive Security Testing > Functional testing > Test of security related functions for correct behavior > Vulnerability scanning > Test for known security vulnerabilities > Fuzz testing > Try to find new vulnerabilities of an implementation by sending malformed input to target system > Good benefit-to-cost ratio. > Penetration testing > Highly individual & creative testing of the whole system (SW+HW) performed by a smart human tester > Based on many years of hacking experience 16

Tools Testing despite Security Crypto Material Security Sources Default Car2X OEM Backend Adapter Testing of nominal functions regardless of security mechanisms > Confidentiality > But I need to be able to read any message for debugging purposes > Authenticity/ Freshness Security Manager > But I need the system to accept data from my log file in order to replicate the problem! Vector Tools CANoe vflash Interface Bus System Device under Test Complexity drivers > Different types of cryptographic keys > Security protocols > Different security architectures > Different processes / backends 17

Summary Key Points Security is required to enable new features and protect business models The number of security mechanisms in current and future vehicle architecture grows Security has to be considered throughout development & testing, production and after sales Standard SW components are a foundation but customer specific extensions are needed Tools can simplify testing of security and testing despite security Services Embedded Software Tools 18

For more information about Vector and our products please visit www.vector.com Author: Dr. Eduard Metzker Vector Informatik GmbH 19 2015. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V2.01.00 2016-11-22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback