Bill Boldt
Business Development Manager: Security, BlackBerry
wboldt@blackberry.com
The evolution of the car into an electronic platform started with cockpit electronics and branched into safety and locomotion, giving rise to Electronic Control Units (ECUs). ECUs are little computers that intelligently control physical things like mirrors, lights, seats, AC, and other things in the body or cockpit; and made for better control of brakes, engine systems, airbags, and other things that make the car stop and go, steer, and become safer. Cars today can have well over 100 ECUs. And that can be challenge to make truly secure.
Fortunately, that is changing. Multi-core processor technologies are being harnessed to consolidate ECUs into a platform populated by powerful domain-controllers. A major benefit of domain controllers is that they lend themselves to being secured by modern cryptography because they can run algorithms faster and store crypto keys more securely. Also, fewer controllers means fewer points for attack. In a connected autonomous car safety comes from security, and security comes from cryptography. Because attacks can come from anywhere, at any time, and on any system, automotive security must be multi-layered, meaning everything has to have some sort of cryptography to protect from attackers. Security awareness should start right at the beginning of design with disciplines such as penetration testing of the software and security audits to find vulnerabilities. And, these should be applied inside and outside of the car.
Once you have a good start you need to ensure a good ending, which means security updates, and that typically means over the air. In between the beginning and the end there should be secure manufacturing and secure distribution of crypto keys and certificates. BlackBerry can help with all of that with security design and testing, QNX's microkernel based RTOS, and Certicom's technology for securing the supply chain and managing security certificates to gain BlackBerry level security, without your having to become a crypto expert.
By now you can see that by providing the first line of defense for personal safety, cryptography is becoming like the new seatbelt.
SECURING AUTOMOTIVE
When it comes to embedding security into the autonomous connected car of the future, it has to start with securing the supply chain. Security in and around a car has many requirements:
• Security assets (i.e. crypto keys, serial numbers, etc.) must be installed into the devices at manufacturing time
• Devices must be distributed to and be installed into vehicles in globally located factories
• Devices must be warehoused worldwide for subsequent repairs
• Secure devices must be updateable at dealers and repair shops
• Aftermarket suppliers must be able to sell and update secure devices
These requirements present a logistical tangle. Making a device such as a networked ECU on a CAN bus secure means that it will become one of a kind. This is the entire objective of
personalization. However, by definition that device cannot be used anywhere else. It becomes a unique stock keeping unit (SKU), which is averse to the purpose of flexible, just in time manufacturing flows. Security versus flexibility is a serious trade off that must be managed carefully. High profile automotive hacks have shown the world that automotive security is necessary, but it is difficult to apply especially because it makes manufacturing more difficult and costly. Because security must be injected in the factory and beyond, a secure manufacturing system must have global reach, be manageable on a distributed basis, be updatable by various entities, and remain secure for years. Secure manufacturing, including injection and updating of security assets, will touch factories, warehouses, distributors, dealers, repair shops, and aftermarket parts stores. In addition, security updates will often be over the air.
To maintain the maximum amount of flexibility, personalization and updating should be moved as close as possible to the very last minute. Each car maker will be faced with the same situation and will have to design and manage secure device manufacturing systems and security certificate management systems, that are global and long term in nature.
Fortunately, the tools to do that are available from Certicom; namely, the Managed PKI system and Asset Management System. The way in which these systems get deployed will have to be designed to the specific logistical and security needs of the manufacturer. Therefore, the overall manufacturing blueprint must be designed with best practices in mind, right from the start, and BlackBerry Professional Services and help with that. Also,
in-car and around the car security systems can be developed using Certicom’s cryptographic libraries and architectural consulting services.
Blackberry brings it all together to make the software defined car more secure...and that means safer.
Business Development Manager: Security, BlackBerry
wboldt@blackberry.com
The evolution of the car into an electronic platform started with cockpit electronics and branched into safety and locomotion, giving rise to Electronic Control Units (ECUs). ECUs are little computers that intelligently control physical things like mirrors, lights, seats, AC, and other things in the body or cockpit; and made for better control of brakes, engine systems, airbags, and other things that make the car stop and go, steer, and become safer. Cars today can have well over 100 ECUs. And that can be challenge to make truly secure.
Fortunately, that is changing. Multi-core processor technologies are being harnessed to consolidate ECUs into a platform populated by powerful domain-controllers. A major benefit of domain controllers is that they lend themselves to being secured by modern cryptography because they can run algorithms faster and store crypto keys more securely. Also, fewer controllers means fewer points for attack. In a connected autonomous car safety comes from security, and security comes from cryptography. Because attacks can come from anywhere, at any time, and on any system, automotive security must be multi-layered, meaning everything has to have some sort of cryptography to protect from attackers. Security awareness should start right at the beginning of design with disciplines such as penetration testing of the software and security audits to find vulnerabilities. And, these should be applied inside and outside of the car.
Once you have a good start you need to ensure a good ending, which means security updates, and that typically means over the air. In between the beginning and the end there should be secure manufacturing and secure distribution of crypto keys and certificates. BlackBerry can help with all of that with security design and testing, QNX's microkernel based RTOS, and Certicom's technology for securing the supply chain and managing security certificates to gain BlackBerry level security, without your having to become a crypto expert.
By now you can see that by providing the first line of defense for personal safety, cryptography is becoming like the new seatbelt.
SECURING AUTOMOTIVE
When it comes to embedding security into the autonomous connected car of the future, it has to start with securing the supply chain. Security in and around a car has many requirements:
• Security assets (i.e. crypto keys, serial numbers, etc.) must be installed into the devices at manufacturing time
• Devices must be distributed to and be installed into vehicles in globally located factories
• Devices must be warehoused worldwide for subsequent repairs
• Secure devices must be updateable at dealers and repair shops
• Aftermarket suppliers must be able to sell and update secure devices
These requirements present a logistical tangle. Making a device such as a networked ECU on a CAN bus secure means that it will become one of a kind. This is the entire objective of
personalization. However, by definition that device cannot be used anywhere else. It becomes a unique stock keeping unit (SKU), which is averse to the purpose of flexible, just in time manufacturing flows. Security versus flexibility is a serious trade off that must be managed carefully. High profile automotive hacks have shown the world that automotive security is necessary, but it is difficult to apply especially because it makes manufacturing more difficult and costly. Because security must be injected in the factory and beyond, a secure manufacturing system must have global reach, be manageable on a distributed basis, be updatable by various entities, and remain secure for years. Secure manufacturing, including injection and updating of security assets, will touch factories, warehouses, distributors, dealers, repair shops, and aftermarket parts stores. In addition, security updates will often be over the air.
To maintain the maximum amount of flexibility, personalization and updating should be moved as close as possible to the very last minute. Each car maker will be faced with the same situation and will have to design and manage secure device manufacturing systems and security certificate management systems, that are global and long term in nature.
Fortunately, the tools to do that are available from Certicom; namely, the Managed PKI system and Asset Management System. The way in which these systems get deployed will have to be designed to the specific logistical and security needs of the manufacturer. Therefore, the overall manufacturing blueprint must be designed with best practices in mind, right from the start, and BlackBerry Professional Services and help with that. Also,
in-car and around the car security systems can be developed using Certicom’s cryptographic libraries and architectural consulting services.
Blackberry brings it all together to make the software defined car more secure...and that means safer.