Today’s automobiles are running literally tens of millions of lines of code in their systems, making them as vulnerable to cyber-attacks as laptops. With multiple means at their disposal, hackers can target an automotive component, an electronic control unit (ECU), or an ethernet network. Even worse, they can train their sights on an entire fleet of vehicles.
Automotive cybersecurity breaches can put not just personal information at risk, but the physical safety of occupants, pedestrians, and others as well. This puts the onus on automotive engineers to design and configure a vehicle’s systems in ways that best protect a vehicle from cyber intrusions. The ability to prevent, detect, and respond to security breaches is a complex challenge that engineers must address when designing components for electronic control units (ECUs), all the way through a car’s lifecycle.
General Motors takes what the company calls a “multilayered approach” to cybersecurity. It begins by ensuring security is designed into every product, from concept through production. The process continues with an agile development approach, followed by thorough testing in complex, real-world situations and continuous monitoring to minimize risk, the company said in a release.
“Collectively, we incorporate strong security measures into every phase of the vehicle lifecycle,” said GM Chairman and CEO Mary Barra, in remarks delivered at the RSA Conference in San Francisco in February.
The company’s approach also reflects the view that cybersecurity is an industry issue, with implications for all players involved. “We view cybersecurity not as an area we invest in for competitive advantage—we see it as a systemic concern for our industry,” Barra said. “The automotive industry is fiercely competitive, but cybersecurity is an area in which we must—and where we do—act as a united front to collaborate to share best practices.”
Barra went on to say that a critical cyber breach that affects any company in the automotive space also impacts “everyone in the space.” “It could severely undermine consumer confidence in mobility, and even delay the industry’s ability to share the benefits with customers, and society,” she said. “It’s why we are so focused on industry-wide cybersecurity collaboration and shared solutions.”
Last October, GM announced a new cooperative research and development agreement (CRADA) with the U.S. Army CCDC Ground Vehicle Systems Center (GVSC) aimed at strengthening GM’s and the Army’s automotive cybersecurity expertise over the next two years. The R&D agreement will have cybersecurity experts from GM and the Army sharing best practices, methodologies, tools, and approaches focused on conducting penetration testing and cybersecurity risk analysis. As cybersecurity processes are improved, both entities will seek to share what they’ve learned with the Society of Automotive Engineers (SAE) for the development of common standards, the release said.
An Open Source Platform to Protect Software Updates
Hackers have long been known to target software updates, a threat that has grown as more and more devices—including automobiles and medical equipment—have connected to the internet. That’s why a software framework that hardens a vehicle’s security during over-the-air (OTA) software updates is a crucial tool for automotive OEMs to have.
One such framework is Uptane, an open-source cybersecurity toolkit developed by Justin Cappos, a professor of computer science and engineering at New York University (NYU) Tandon School of Engineering, in conjunction with collaborators from industry, academia, and government. Cappos said in a release that Uptane is part of Linux’s expansion out to smaller devices—the electronic control units where Linux couldn’t run before because the ECUs’ flash memories were too small.
“Uptane helps Linux secure updates at places where Linux can’t run, since many ECUs, such as brake controllers, have tiny Flash memories,” Cappos said in the release.
Uptane is based on The Update Framework (TUF), an update security technology used by major providers of cloud-based services, such as Amazon, Microsoft, Google, Cloudflare, and Datadog, according to a release from NYU Tandon School of Engineering. It has been integrated into Automotive Grade Linux and is now helping to secure OTA updates for major automakers worldwide.
Open source designs assure automakers and consumers that their car’s systems have been publicly reviewed, edited, and audited. On the other hand, designs that aren’t open carry substantial risks while leaving major questions unanswered. The downside for automakers, Cappos said, is that they don’t get as comprehensive a review and assessment of their vehicle’s vulnerabilities as they would by inviting all security experts to fix their design before the rubber meets the road. Consumers, too, remain in the dark, knowing even less about the automobile they’re buying.
“I would love to see more designs in the automotive space be open,” Cappos told D2P in an interview. “I think efforts like Automotive Grade Linux, which, by the way, Uptane is a part of, are really key. I would love to see more of that happen because the rest of the tech community has realized for many years that you get such a big advantage out of at least having open designs and APIs, if not open implementations. So, ideally, the automotive industry learns from the tech community’s mistakes sooner rather than later.”