By Marjolaine Lombard, Cyber Security Marketing Consultant, ATOS.
From the theft of a connected car to a city held hostage: one giant leap for cybersecurity
In September 2018, researchers from KU Leuven University and Belgium succeeded in stealing a Tesla Model S in a few seconds.They were able to do it not by stealing the physical keys of the vehicle, but by cloning its key fob, a small and programmabletoken used to access a physical object. They then just had to duplicate the signal that was used to unlock the car and the deed was done.
Cyberattacks targeting connected cars such as Tesla are indeedimpressive. However, they are just the scratching the surface ofsecurity issues that threaten intelligent transportation systems(ITS). The Tesla stolen key fobs raised other issues. After discovering the hack, Tesla thanked the researchers and offered to patch its customers cars with a software update and an optional ‘PIN to Drive’ feature requiring the users to enter a PIN before being able to drive. These measures are here to prevent future cyberattacks of the same type, but what if the customer did not install the update? The same theft could happen again. Or, worse, what if the patch update was diverted from its main function if a hacker intercepted it?
ITS are meant to improve security and safety, as well asefficiency. To achieve these results, they rely on sensors, data collection, analysis, control and communication technologies.The more there are, the more potential vulnerabilities can be found, with potential of ITS significantly growing over theyears. Traffic monitoring, vehicle safety, transit signal priority,ramp metering… All these applications can enhance the daily life of citizens and prevent transportation accidents, but require a lot of data collection and transmission for further analysis andprovide potential cyberattack gateways for hackers. If hackers could take control of the traffic system of a city, they could cause major hazards and casualties.
Vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I), globally known as V2X, technologies security plays a major role in ITS. Connected vehicles communicate through wireless networks to share information with other vehicles and transportation infrastructures, with an on-board unit (V2X Gateway) inside the vehicle communicating information to its environment. According to the Connected Vehicle Reference Implementation Architecture (CVRIA), the security solutions must focus on 3 core elements: confidentiality, integrity and availability.
- Confidentiality: only authorized stakeholders should be allowed to access the content of the messages exchanged in a V2X environment.
- Integrity: to ensure the reliability of the messages exchanged, the security solutions must protect them frombeing altered by unauthorized stakeholders, otherwise ITSapplications could be threatened.
- Availability: operational systems and information must beprovided, even in risky situations, especially for criticalinformation.
Typically, distributed denial of service (DDoS) attacks can threaten the availability of an application by trying to exhaust its resources. Malwares can be used to hack electronic control units (ECU) firmwares in a car and block the use of the car until, for example, a ransom is paid. So, what can be done to securethe ITS?
First of all, communication must be protected to prevent attackers from manipulating data. Security solutions based on the secure storage and processing of cryptographic keys are used to provide integrity and authenticity of data required for the reliability of the messages exchanged in V2X. Moreover,encrypting those messages will ensure that only authorizedstakeholders could access the information. The monitoring of software running on application controllers also enhance the integrity of ITS. Dedicated secure elements can provide a highly secure answer to these challenges.
Data protection and privacy of ITS is also provided through V2X Public Key Infrastructure (V2X-PKI). V2X security canuse pseudonym digital signatures to keep the integrity of the messages shared, allowing automotive infrastructures andvehicles to trust each other. Certificates are issued by Enrolment and Authorization Authorities (EA & AA) and can then be trusted and verified at any time.
In Atos, we chose to secure the V2X environment with these solutions through our Horus Security Suite for ITS. We implemented security controllers as dedicated Secure Elements (V2X-HSM) therefore not affecting the complete board designand sustain the required automotive qualifications andrequested performance for automotive applications. Atos Secure Elements (V2X-HSM) rely on the well-known CardOS® which performs the cryptographic functionality over standard interfaces like SPI or I2C. CardOS is a multifunctional native operating system, which provides a high level of flexibility by adapting the file structure.
As modern vehicles use up to 120 ECUs to communicate in an ITS environment, it becomes critical to be able to generate cryptographic keys quickly and efficiently that will be used for signature creation, authentication, as well as message encryption and decryption. With CardOS for IoT, all these state- of-the-art cryptographic functionalities are provided. Coupled with our solution Horus PKI, it becomes easy to implement certificate lifecycle management and ensure data integrity.
ITS services will evolve quickly and exponentially in the years to come. From manufacturers, to end users, cities and applicationproviders, the entire ecosystem will have to adapt to new technologies that could have a huge impact on society if theyturn out to be defective. If we do not want the future to be madeup of stolen Teslas and cities held hostage, we need to carefullyconsider security by design!