The new generation of cars driven by innovations with electronics, software systems and connectivity are highly vulnerable to cyber attacks and hacking. Hence the vehicle manufacturers must design and deploy software and hardware that meet all the critical safety and security standards to prevent such attacks.

At the recently-held ETAuto Connected Vehicle Virtual Summit, industry experts deliberated upon the challenges that stem from the evolving hardware and software architecture of cars and how it is impacting their overall functional safety and security.

With every advancement in the in-vehicle electronics, automakers have to grapple with challenges like Bluetooth hacking, fiddling with the keys and other open interfaces through which a hacker can gain access to the vehicle.

According to Omkar Panse, AVP and head of digital connected solutions, KPIT, the combination of connectivity and autonomy will have a positive impact on the overall automotive safety with systems getting smarter and more intuitive for handling.

“However, for that, you have to adhere to functional safety norms, see how you write the software, validate the software and ensure that there are no uncovered paths in software. Then only it can be termed reliable. It will also eventually help in optimising the cost profile of everything,” he said.

According to T N Umamaheshwaran, head - digital product development systems and strategic business planning, Tata Motors, “Security for on-board electronics is the weakest and the company is working with its partners and equipment suppliers to enforce the layer one of in-vehicle electronics security.”

Increasing ECU vulnerability

One of the significant outcomes of the enhanced connectivity has been the consolidation of the ECUs (Electronic Control Units), which is a major concern for functional safety and reliability. Sensors and algorithms are essential aspects of any sub-system provider.

Raghvendra Bhat, technical consultant, Ansys, said, “Connected vehicles are going to have a much larger amount of electronics and software in them opening up a bigger canvas for hacking and exploiting the vulnerabilities. They must be dealt with systematically.”

One of the ways to check larger damage if someone tries to attack through open channels could be to separate the critical functionalities of the vehicle so that they don’t have any connectivity with the rest of the network used for infotainment, he said.

On the other hand, Tata Motors is working on virtual sensors to reduce the complexity of in-vehicle electronics, Umamaheshwaran said. “We are working on eradicating sensors totally and creating virtual sensors where there is no need to keep sensors for everything. We can derive data from the already known data,” he said.

Security challenges in architecture design

A modern car consists of various components from different suppliers which are integrated into one system. Integrating all these components into a secure architecture is almost as impossible as controlling the security of the external network environment.

Pointing out one of the major limitations, Panse said, “A lot of hardware in today’s cars is legacy hardware that may not be able to support some of the modern security requirements like hardware security modules or support for advanced cryptographic algorithms.”

Some of the fundamental design changes inside the car are required to be able to support cryptographic standards, hardware standards, security modules and functionality like a secured booth.

However, Panse doesn’t see fundamental infrastructure changes in the on-board system. “There is a bit of change required from the architecture perspective that needs to happen from the ground up. The security infrastructure modules in terms of algorithms, cryptographic processes, hardware security modules, all that infrastructure need to come inside the car”, he said.

About the vulnerabilities that arise in the external environment (V2X communication), Khushwant Rana, head - cybersecurity solutions -mobility, ETAS Automotive India Private Limited, said, “External environment is more dependent on how security is implemented at the enterprise level. The driver in the vehicle, OEMs and Tier-1s cannot control the external network environment.”

“Anything which goes through a cloud backend makes several transitions from wireless to fibre optic, fibre optic to again wireless. You can’t have a coherent security measure across all of the suppliers of information exchange. That’s where the role of security by design comes into play,” he said.

The best way to deal effectively with it is to come up with preventive measures in case of attacks. For instance, KPIT follows a TRA (Threat Risk Assessment) module where the potential attack surfaces are analysed. Based on that it builds a threat model and against the threat model security model is built, Panse said.

Different standards of security

Safety practices are becoming more regulated as the automotive industry is required to adopt a standardised set of procedures for designing and testing products.

For instance, the connected vehicle platform of Tata Motors is on a public cloud, certified by the ISO 27001 standard, which sets out the specification for an information security management system (ISMS).

Meanwhile, ISO 26262 is a functional safety standard certification, essential for the development of automotive systems-on-chip (SoCs) used in autonomous driving and advanced driver assistance systems (ADAS) applications. All automotive manufacturers worldwide adhere to it.

“There is another standard in the pipeline, ISO 21434,” Bhat said. It focuses on the cybersecurity risk in road vehicle electronic systems.

This standard will cover all stages of a vehicle’s lifecycle — from design to decommissioning by the application of cybersecurity engineering. This will apply to all electronic systems, components, and software in the vehicle, and any external connectivity.