Protecting Connected Vehicles through Open Innovation Eldad Raziel Alliance (Renault-Nissan-Mitsubishi) Innovation Lab Tel-Aviv
he connected car revolution has greatly accelerated in the past year and is expected to boost by end of 2023, with some 100 million vehicles on the road. As OEMs are adapting massive digitalization and connectivity the vehicle architecture has become far more complex and consequently, the attack surface has significantly expanded. Protecting against cyber threats has become mandatory to ensure the safety of cars, drivers and passengers, as well as to enable the adaption of new automotive technologies. This is a one of the focus areas of the Alliance Innovation Lab in Tel Aviv.
Connected Cars – The Core of the New Smart Mobility A Connected Vehicle is basically connected to a network, that enables services such as: Vehicle tracking, Vehicle Diagnostic and Predictive Maintenance, Data-driven services like adapted insurances to the drivers’ behavior, online services or offers and incentives to the passengers through the infotainment unit, fleets management tools, and all sorts of data monetization possibilities from cars. In the future, at its highest level of connectivity, applications in the car could include a virtual companion or even chauffeur based on cognitive AI, with a high degree of personalized riding experience for all passengers in the car. Connectivity and communication between the car and its environment (V2X), is also an important enabler for autonomous driving. This connectivity is supplied through 24 | Telematics Wire | November 2020
the TCU (Telematic Unit) or In-Vehicle Applications. The TCU “listens” to the bus in order to extract relevant data out of it, mainly data that had been configured before. As the TCU is an embedded part in the on-board architecture it has the capability to transfer the information from the vehicle outside (to the Cloud) and from outside to the vehicle. Vehicles can be connected using Aftermarket tools (OBD-II, GPS Tracker for Fleet Management, etc.) or Original set-up from the vehicle OEM (Software or Hardware). The components used in connected vehicles are: TCU, Infotainment Unit, Driver Assistant Unit, and V2X, while the connected vehicle interfaces (Entrypoints) would be Bluetooth, Wi-fi, Cellular network, GPS, OBD-II, 1/2 dindash, Sensors (such as TPSM), Lidar and Camera, Keyless entry.
Remote Attacks vs Physical Attacks The connected vehicle exposed the OEMs to a wider scope of new entry points for the attacker to manipulate. Remote attacks seem to have higher stake than the physical attacks, since in a physical attack the attacker would need a physical access, which reduces the risk. We already saw remote manipulations (For example: Jeep Cherokee) that can cause a real impact on the vehicle, driver, etc.
CAN bus protocol – Secure or Unsecure? CAN bus is based on a broadcast protocol divided into 2 wires – CAN-H and CAN-L, where information can be transmitted and received from ECUs connected to the network. In the CAN network we can find ECUs,