Intelligent Connected Vehicle Cybercurity Architecture
Jin Shang, Jingbo Ni, Martin Luu
2019-10-25
Agenda
❑ICV Cybercurity:Background
❑ICV Cybercurity Analysis:Methodology, Core Asts and Functional Safety ❑ICV Cybercurity Structure
❑ICV Application Layer Security
❑ICV Cybercurity Evaluation
❑Future
ICV Cybercurity Background Platform Technologies Self-Driving Network Security Big Data and AI ❑Cybercurity Definition
❖Measures taken to protect computer systems and computer network
听诊器的使用方法against unauthorized access to data or data communication
channels. ❑Cybercurity is one of the Key Requirements for
Intelligent Connected Vehicles
❖ICV heavily rely on computers and communication between
them
Vehicle E/E Units and the Vehicle Internal Network
Infotainment/navigation system
Telematics unit (Tbox) Autonomous driving unit
❖ICV need curity protection
➢Ever growing software size and complexity in computing nodes such as
MCU/ECU, domain controller, vehicle central computer, TBOX, IVI
➢Internal communication networks: CAN, LIN, 802.11p etc.
➢External connectivity: Cloud rvices (TSP, OTA),Mobile apps,
Bluetooth, WiFi, RF
❖ICV Cybercurity threats:
➢Wide range of attack vectors expod by software and hardware
interfaces. Security by obscurity can no longer work
➢Vulnerabilities to exploit in computing nodes such MCU/ECU, Domain
Controller, Central Computer bring on by OTA
➢Unauthorized network access: Vehicle Internal Network is more difficult
to lock down like Enterpri Private Network
➢Broad attack surface introduced by cloud rvices such as in-vehicle
internet connectivities, Cloud Control, Maps, Ur and mobile apps
❑Cybercurity is a Critical and Integral Part of ICV
❖Cybers ecurity Should Be Integrated and built-in to Vehicle E/E Units over the Whole Network Topology
❖A Cybercurity Framework should be consistently ud Vehicle Platform
❖Cybercurity is Esntial to Big Data Economy, including Ride Sharing, Cloud Monitoring and Control etc.
❖As a function of E/E Units Cybercurity implementations must meet functional safety standard. However Cybercurity, the curity of vehicle data and data
廉政教育片communications, though contributing and critical to, is different from functional
safety and SOTIF(Safety of the Intended Functionality, ISO/PAS 21448)
山东中考时间个人租房合同范本免费下载
❖Example: IDS in Vehicle CAN Network Gateway:
❖ A function in itlf: detecting intrusions to the internal CAN network
❖Must not violate the safety standard t forth for the Gateway Unit in performing its intended function —e.g., the IDS function cannot disrupt CAN network communications with or without
detection of intrusions.
❖However, the intended function is for protecting the communications over the CAN network (i.e.歌颂党的诗歌
all messages transmitted in the network are from trusted and authenticated sources, unaltered,
关于台风的作文behaving in predefined manner).
❖Helps to enhance the vehicle safety in a limited area but vehicle safety has much broader range of components and functions in vehicles, in which there are tremendous many other sources of
failures unrelated to data or data communication curity (ine overheating, electronic or
mechanical failures etc).
❑Challenges:
❖Lack of connsus: The needs and requirements for basic ICV cybercurity not industry-wide agreed和服图片
五一高速免费❖ICV development bottleneck: computing power with acceptable performance-cost ratio;
high speed low latency network etc.
❖Slow adaptation and/or sharing of mature technologies in IT cybercurity to ICV cybercurity
❖Auto industry lacks in-depth cybercurity experience and practice while IT industry lacks vehicle safety awareness
❖Lack of urgency
❑ICV Cybercurity is esntial and critical. It’s also important for the public safety(data leaks, malware/ransomware takeover vehicles etc.)
❑ICV Cybercurity is an interction where interests and technologies of cross industries and experti meet.
