[In-depth analysis] Challenges and thoughts on information security of Internet of Vehicles

On June 21-22, 2017, the 2017 China Safety Industry Summit and the First Traffic Safety Industry Forum, jointly hosted by the China Safety Industry Association, TIAA In-Vehicle Information Service Industry Application Alliance and Cheyun.com, was held in Beijing. Professor Huang Yongfeng from the Department of Electronic Engineering and the National Laboratory for Information Science and Technology of Tsinghua University shared his views on "challenges and thoughts" on the information security of Internet of Vehicles. Let's learn more about the relevant content with the editor of Automotive Electronics.

The following is the transcript of the speech:

Huang Yongfeng: Hello, everyone. I work on Internet security. Last year, the Ministry of Education and China Mobile established a joint laboratory for Internet of Vehicles, and I was responsible for the research on Internet of Vehicles information security in the laboratory. During the nearly one-year research process, I encountered some problems in the research on Internet of Vehicles information security, which I named challenges; and there were some unclear issues, which I named thinking. So the title of my speech today is "Challenges and Thinking on Internet of Vehicles Information Security".

Challenges of Internet of Vehicles Information Security

First, let me introduce the challenges of Internet of Vehicles information security. This morning, many experts have introduced some issues of Internet of Vehicles information security from different angles and levels. I hope to introduce the biggest challenge of Internet of Vehicles information security this time, which I think is the issue of data security. So in this report, I will focus on my superficial thoughts on Internet of Vehicles data security.

What is the Internet of Vehicles? I have also looked up some information, and it seems that there is no unified concept at present. When applying for the joint laboratory last year, the definition of the Internet of Vehicles was: using Internet of Things technology to obtain vehicle operating status information, driver behavior information and surrounding road information.

So the first level: the Internet of Vehicles is the collection of information; second, it uses the mobile Internet to achieve information exchange and coordination between cars, cars and people, and cars and roads, so it is to achieve information exchange and coordination; third, the main function of the Internet of Vehicles is to use big data intelligent analysis technology to achieve data processing and decision-making, which is the basic definition of the Internet of Vehicles. The fundamental goal of the Internet of Vehicles is to achieve efficient perception, intelligent analysis and safe sharing of data between cars, roads and people.

The above is the connotation of the concept of Internet of Vehicles. The following is an analysis of the extension of the concept of Internet of Vehicles. We have a good metaphor for smart cars. What is a smart car? It is a "computer" with four wheels. Therefore, we can call the Internet of Vehicles: a high-speed mobile information system. Why should we understand this concept in this way? The Internet of Vehicles is a complex information system that uses Internet technology to sense, communicate and coordinate roadside facility information for smart cars, and mine big data to provide intelligent decision-making. Moreover, this information system runs on high-speed roads, so I understand it as a high-speed mobile interconnected information system. In addition to some key technologies in various disciplines such as vehicles and machinery, the entire Internet of Vehicles also has four major technologies closely related to our information discipline. The first is information security, the second is big data artificial intelligence, the third is Internet of Things technology, and the fourth is mobile Internet technology. Because of this, when we established the joint laboratory last year, in addition to teachers from the Department of Automobile and Department of Mechanical Engineering, many information discipline research teams also joined the Internet of Vehicles Laboratory.

Challenges of Internet of Vehicles Information Security

I won't go into detail about the development trend of the Internet of Vehicles. In recent years, the demand for the Internet of Vehicles has grown from the status in 2015 to the forecast in 2020, which shows that the Internet of Vehicles industry will develop tremendously. As a discipline construction, universities and research institutes are also conducting research related to the Internet of Vehicles. As such a high-speed and complex information system, its security issues have also received great attention in recent years.

This is a review of some of the information security-related incidents that have been publicly reported internationally about smart cars or the Internet of Vehicles from 2013 to 2016. From this, we can see that the outbreak and harm of these security incidents are far less than current Internet security incidents. Why do Internet of Vehicles also have highly harmful information security incidents? We analyze it from three aspects.

First, the Internet of Vehicles mainly connects smart cars, which have a large number of on-board computers. According to some reports, as a smart car, it has no less than 100 on-board smart devices, the entire program code is no less than 50 million lines, and the entire smart driving code will have more than 200 million lines.

Second, if the Internet of Vehicles is to be connected, there must first be an in-vehicle network, and it must be connected to other related devices or the Internet through various wireless methods, so there are security issues related to wireless access to the Internet.

Third, once connected to the Internet, the original security issues of the Internet can be derived to these Internet of Vehicles systems. Moreover, the harm of Internet security issues in high-speed mobile information systems will be further expanded. As mentioned earlier, the third goal of the Internet of Vehicles is to rely on the collection of big data, use artificial intelligence and big data mining technology, and make decisions to proxy some functions of mechanical control. However, relying on software and computers to replace human control of mechanization will increase the risk itself.

By analyzing the characteristics of the Internet of Vehicles and comparing it with the information security of the Internet, we can summarize the security issues of the Internet of Vehicles into the following three aspects:

First, the high dynamics of the Internet of Vehicles will make attacks more difficult to detect and discover. For cars, the topology of their wireless organizations is highly dynamic; for the Internet, many devices are stationary and fixed in position. Even the mobile Internet moves much slower than cars, and the speed of cars is often higher than that of general mobile Internet, so its topology changes faster.

Second, when the car is connected to the Internet, a digital certificate will be issued, and the frequency of digital accuracy will be faster, so it will also be more dynamic.

The third is that wireless transmission efficiency is correlated with operating speed. Under high-speed mobile behavior modes, efficiency will also be affected by high dynamics.

The Internet of Vehicles (IoV) has become a more important target for various attacks due to its own characteristics. First, the economic value and added value of the vehicle itself are more important than general Internet-connected devices; second, the social impact and degree of harm caused by vehicles are greater than those caused by the Internet; third, the openness of IoV makes it more vulnerable to attacks than the Internet.

The openness of the Internet of Vehicles is reflected in the following aspects: (1) It uses wireless access channels. In a wireless highly dynamic channel environment, the possibility of being attacked is greater. (2) After the Internet of Vehicles is connected, data sharing is required, so its data openness will be greater; (3) Its services will also be more open to users. Because of these characteristics, we believe that the security risks of the Internet of Vehicles will be greater than those of our mature Internet.

Types of Internet of Vehicles Information Security Attacks

Next, we will analyze the types of attacks on the information security of the Internet of Vehicles. We will classify them from two perspectives. First, in terms of the attack method, it exists in the attack mode of smart terminals. For example, the Connected Drive module of BMW cars has been exposed to two risks, and the latest research results also show that this module has six vulnerabilities. The second is the Internet attack, such as 360 cracking BYD Auto Cloud Service. The third is the wireless access attack method. As I just said, as long as there is wireless, the possibility of attack will be greater. The fourth situation is a direct security attack, which directly attacks certain control systems of the car through the interface of the car itself. For example, the two attack incidents currently reported by JEEP are cases of direct attacks through the car interface.

If we analyze from the attacker's perspective, there are generally four types of attackers:

Driver attacker. A typical scenario is that once a car is connected to the Internet, if it wants to monopolize certain roads and other resources, the driver may send out some false information. For example, if there is no traffic jam, if I post a message on the Fourth Ring Road that "the Fourth Ring Road is very crowded", I can occupy the Fourth Ring Road resources. This is one scenario;

The second situation is pranksters, some so-called amateur hackers, who may exploit certain vulnerabilities of the car or use the monitoring mode of wireless access to attack the car's vulnerabilities in order to achieve their own goals;

The third situation is that some of the authority units and management departments of the Internet of Vehicles may attack some data themselves. For example, if the traffic department wants to change the information of a traffic accident or the insurance department wants to change some internal data to obtain certain benefits, it may also become an attacker;

The fourth situation is more harmful, that is, some malicious attackers. If they want to create some terrorist acts, they can use the harmfulness of the Internet of Vehicles to cause social impact, and these people may become attackers of the Internet of Vehicles.

In addition, we divide the entire information security of the Internet of Vehicles into four levels:

The first is system security. Whether it is the vehicle terminal or the vehicle host, there are hardware and software system security issues. In view of these security issues, we currently use traditional information security methods, which may use identity authentication, access control, security auditing, preemptive prevention, and malicious code detection.

The second is application security. Some application systems of vehicle terminals also have vulnerabilities. As long as there is code, there are vulnerabilities. The security measures used are similar to those of our host system.

Third, network security issues exist wherever there is a connection to the Internet, and the security issues of the Internet itself will be further magnified in the context of the Internet of Vehicles, with its degree of harm and security risks.

We believe that in addition to these three security risks, once a car is connected to the Internet, the biggest problem it faces is data security, based on the three aspects of data collection, intelligent analysis, and decision control. If data interoperability and data sharing are to be achieved, especially if these decision controls are to be achieved, how to ensure data security is the most challenging issue for the entire Internet of Vehicles. Of course, in addition to traditional solutions such as identity authentication and access control, there are two typical issues with data security: how to verify the reliability of data and how to protect the privacy of data.

Why is data security the most typical and biggest problem in the Internet of Vehicles? There are some traditional solutions for the system security and application security of information systems, which can be solved to some extent. For example, through the trusted execution environment TEE, with the support of relevant reliable operating systems and secure hardware, I can solve the security issues of the host system and terminals. Correspondingly, there is no mature solution for data security at present, so the following focuses on some of our thoughts on data security in the Internet of Vehicles.

Cloud computing + blockchain Internet of Vehicles data security model

The data security of the Internet of Vehicles is mainly reflected in five aspects.

The first is the access control and authentication of Internet of Vehicles data, the second is some trust issues in the process of sharing Internet of Vehicles data, the third is the security protection issues in Internet of Vehicles sharing, the fourth is the data storage security protection issues that will arise when the data of car manufacturers are aggregated into a data center, and the fifth is the privacy leakage issues in the collection of vehicle data. The security of these data issues ultimately comes down to two core issues, one is privacy and the other is reliability. Moreover, for the Internet of Vehicles itself, its data security issues can be attributed to a fundamental problem: the contradiction between data privacy protection and data reliability.

First of all, the privacy of the Internet of Vehicles is more prominent than that of the mobile Internet. It is easy to track the whereabouts, location, and user ID of the car using some relevant information of the car. How to protect the privacy of users is a primary issue in the security of the Internet of Vehicles. However, once privacy protection is formed, while anonymity and related methods protect privacy, it will also bring another problem, that is, the reliability of data. Once a user protects privacy or anonymity, he may publish false information without knowing his true identity. Once false information is published, it will bring great hidden dangers to the security of the entire Internet of Vehicles. Therefore, how to solve the problem of privacy and data reliability is the biggest contradiction in the data security of the entire Internet of Vehicles.

At present, there are various models and methods for the security protection of Internet of Vehicles data. Based on our research in the past two years, we have proposed a basic model for the security protection of Internet of Vehicles data. This model integrates the blockchain technology and cloud computing technology that everyone has heard of now to build an Internet of Vehicles model.

The basic idea is to put some functions and data of the entire Internet of Vehicles that are closely related to security on the blockchain, and put some relatively less important traditional data on cloud computing, and use the large amount of storage resources of cloud computing to protect these data. Secondly, some important and complex calculations are completed through cloud computing. In this way, the data of the Internet of Vehicles is securely protected by the two core technologies of blockchain and cloud computing, and then through a fusion mechanism.

First of all, why do we use cloud computing technology? Due to time constraints, I will not go into details, because now many models of the Internet of Vehicles use cloud computing, using cloud computing's storage and high computing efficiency to solve some problems in the Internet of Vehicles.

Let's focus on why we should use blockchain technology. Blockchain is a term that everyone has often heard in various occasions over the past year. The characteristics of blockchain are reflected in three aspects: First, its underlying P2P network plus encryption and hash technology can solve problems such as data immutability and data deletion. Second, it produces electronic transaction applications such as Bitcoin, which has the online transaction characteristics of electronic currency. Third, it can turn some contract problems in life into codes to form smart contracts, which can realize the automatic execution of contracts in transactions. Based on these three characteristics, we can solve some problems that cannot be solved by cloud computing alone through blockchain in the advantages of the Internet of Vehicles.

The first case is for information that cannot be tampered with in the Internet of Vehicles, such as on-site information of traffic accidents and certain violation information. Once this information is presented in the blockchain, it will solidify the evidence, which is the immutability of the blockchain.

The second is anonymous information. As mentioned earlier, when the Internet of Vehicles registers for the network, it must be anonymous to protect its privacy. However, in the anonymous case, when it comes to information tracing and source tracing, its real identity must be found. At this time, the blockchain's source tracing mechanism can be used to turn its anonymous identity into a real identity.

The third is that it has the functions of currency transactions and smart contracts. After the development of the Internet of Vehicles, many transactions such as insurance contracts, car shops, etc. will be realized through the smart contracts and electronic currency mechanisms of the Internet of Vehicles, thereby achieving the convenience of transactions.

Of course, when the Internet of Vehicles is implemented using blockchain technology, there are also some unsolvable challenges, such as limited resources, transmission delays, etc. These problems will be implemented through corresponding cloud computing mechanisms.

This is a preliminary proposal for a layered architecture of the Internet of Vehicles that integrates cloud computing and blockchain. It is divided into three levels. The top level is the physical layer, which is what we call the Internet of Vehicles connected to vehicles, roads, and service providers. Then, with the support of the two platforms of cloud computing and blockchain, some traditional and emerging Internet of Vehicles businesses are completed.

The integration mechanism can basically solve two major problems of the Internet of Vehicles: one is the access control problem. We just said that the biggest problem of the Internet of Vehicles is data security. With the integration of blockchain and cloud computing, the hierarchical control of data can be achieved. Through application levels and application scenarios, different access control mechanisms of blockchain and cloud computing can be used to implement different levels of access control methods.

The second is to use the integration of cloud computing and blockchain to classify and store data. In other words, some data that cannot be tampered with and needs to be solidified, such as traffic accidents, can be placed on the blockchain; some large amounts of original data and archived data can be placed in cloud computing, and the original data in cloud computing can be gradually abstracted into some meda data, and these meta data and other important source data can also be placed on the blockchain. In this way, under the entire integrated system, the classified management of data can be achieved for the entire Internet of Vehicles.

OK, this is my basic report, thank you everyone!

The above is an introduction to the challenges and thoughts on information security in the Internet of Vehicles in automotive electronics - [In-depth Analysis]. If you want to know more related information, please pay more attention to eeworld. eeworld Electronic Engineering will provide you with more complete, detailed and updated information.