[Synopsys IP Resources] Automotive cybersecurity starts with chips and IP

arui1999

[Synopsys IP Resources] Automotive cybersecurity starts with chips and IP [Copy link]

The automotive industry is undergoing a major transformation. With increased connectivity and support for more features, cars are becoming increasingly complex and valuable, providing a better user experience. At the same time, cars are collecting and transmitting more sensitive data, making them an attractive target for attack. Cybercrime activity in the automotive industry is growing rapidly. How bad? According to the AV-TEST Institute, the number of malicious programs targeting cars has increased from approximately 65 million in 2011 to approximately 1.1 billion by the end of 2020. A 2019 cybersecurity study by Upstream Security reported that the number of car hacking attacks has increased 94% year-on-year since 2016.

Cybersecurity is a critical and pressing need that OEMs must address. It is important that OEMs implement this from early in the design cycle. While the automotive industry is not yet regulated to the same degree as other industries, the industry landscape is changing rapidly with an increase in regulations, standards, and guidelines, such as:

• The WP.29 regulations published by UNECE (United Nations Economic Commission for Europe) specify cybersecurity management systems for new vehicles. These regulations require OEMs to manage cyber risks, protect vehicles by design, detect and respond to security incidents, and provide secure over-the-air software updates.
• ISO/SAE 21434 is a new standard scheduled for publication in 2021 that specifies process requirements for cybersecurity risk management of road vehicle systems. The processes covered include the entire life cycle from concept, development, production, operation and maintenance to retirement.
• SAE J3101 specifies hardware protection safety requirements for ground vehicle applications. SAE J3101 outlines the safety functions, corresponding use cases, and applications that need to be supported to meet vehicle safety requirements.
• The NHSTA (National Highway Traffic Safety Administration) Cybersecurity Best Practices Report recommends a multi-layered approach to automotive cybersecurity. NHSTA focuses on vehicle entry points that may be vulnerable to cyberattacks, such as wired and wireless connections designed for human or machine interfaces.

Automotive safety is critical and must be addressed starting with the system-on-chip (SoCs) and implemented in a holistic manner in conjunction with functional safety. In addition to the systematic and random failures covered by the ISO 26262 functional safety standard, secure automotive systems must also be able to handle malicious attacks that may occur unexpectedly. Designing security into automotive SoCs from the hardware level using secure and reliable hardware security module (HSM) IP with root of trust helps ensure that connected cars operate as expected, prevent random and systematic failures, and are able to withstand malicious attacks.

Click to learn more about the article >>