All the knowledge you want to know about automobile information security is here!

With the rapid development of the Internet of Vehicles, the increasing intelligence and networking of automobiles, automobile information security is facing new challenges. If cars are not better protected, they may be attacked more maliciously. Therefore, it is particularly important to build a more solid in-vehicle information security protection.

So, what threats and challenges does automobile information security face? What security protection technologies can improve automobile anti-attack capabilities? This article will give you a comprehensive understanding of smart car information security.

In addition, the in-vehicle application solution based on Hangxin's automotive-grade security chip and general MCU will strengthen the car's security line in all directions and safeguard the information security of the Internet of Vehicles.

Automotive Safety Overview

01. Passive safety

Measures taken to protect vehicle and personal safety when an accident occurs, such as installing seat belts, airbags, bumpers, etc.

02. Active safety

Enable the car to take proactive measures to avoid accidents, such as collision warning and electronic stability system.

03. Functional Safety

When any random failure, system failure or common cause failure will not lead to failure of normal functional operation. Specific measures include software and hardware redundancy, error detection, etc.

04. Information Security

Due to the networking of automobiles, external threats can directly exploit the software and hardware vulnerabilities of the in-vehicle network to launch attacks, which can lead to the leakage of sensitive data in the vehicle, or cause functional safety failures and ultimately lead to serious road traffic accidents.

Information security threats faced

Next, we will focus on the information security threats faced in automotive application scenarios, which are divided into four major modules:

• Security threats at the vehicle terminal node layer

• Network transmission security threats

•Cloud platform security threats

• External interconnected ecological security threats

01

Security threats at the vehicle terminal node layer

• Endpoint layer security threats

• In-vehicle network transmission security threats

• Security threats to vehicle terminal architecture

Endpoint layer security threats

01. T-BOX security threats

T-BOX (Telematics BOX, referred to as T-BOX) plays the role of "modem" inside the car, realizes the communication between the in-car network and the inter-car network, and is responsible for sending data to the cloud server. T-BOX is an indispensable part of realizing intelligent traffic management, intelligent dynamic information services and intelligent vehicle control. To a certain extent, the network security coefficient of T-BOX determines the safety of car driving and the entire intelligent transportation network, and is one of the core technologies for the development of the Internet of Vehicles.

Under normal conditions, car message commands are generated inside the T-BOX, and the commands are encrypted at the transmission level, so the specific information content cannot be directly seen. However, malicious attackers can easily obtain the encryption method and key by analyzing the internal code of the firmware, and crack the message session content. In this way, the protocol transmission data can be tampered, and user commands can be modified or forged commands can be sent to the CAN controller to achieve local control and remote control of the vehicle.

02. IVI Security Threats

In-Vehicle Infotainment (IVI) is an in-vehicle comprehensive infotainment system that uses a dedicated in-vehicle central processor, based on the body bus system and Internet services.

Attackers can either gain access to the target system during a special period of software upgrades, or "disassemble" the IVI from the target vehicle, decompose the IVI unit connection, and obtain the internal source code by reverse analyzing the circuits and interfaces.

The remote control 0day vulnerability exposed in BMW's in-car entertainment system ConnectedDrive in 2016 included a session vulnerability. Malicious attackers can use this session vulnerability to bypass VIN (Vehicle Identification Number) session verification to obtain another user's VIN, and then use the VIN to access and edit other users' car settings.

03. Terminal upgrade security threats

Smart connected cars need to enhance their security capabilities through OTA upgrades. However, the OTA upgrade process also faces various threat risks, including:

(1) During the upgrade process, the upgrade package control system is tampered with, or the upgrade package is analyzed and security vulnerabilities are discovered;

(2) During the transmission process, the upgrade package was hijacked and a man-in-the-middle attack was carried out;

(3) During the generation process, the cloud server was attacked and OTA became the source of malware.

In addition, the OTA upgrade package also has the potential risks of privilege escalation control system and ROOT device.

Therefore, the vehicle terminal should have the ability to self-check the update request and should be able to declare its identity and authority in a timely manner, that is, to authenticate the legitimacy of the device. At the same time, the upgrade operation should be able to correctly verify the server identity and identify counterfeit servers. During the transmission process of the upgrade package, measures such as message signing and encryption should be used to prevent tampering and counterfeiting. If the upgrade fails, the system should be able to automatically roll back to restore to the state before the upgrade.

04. In-vehicle OS security threats

In-vehicle computer systems often use embedded Linux, QNX, Android, etc. as operating systems. Since the operating system code is huge and has security vulnerabilities of varying degrees, the security vulnerability of the operating system itself will directly lead to the risk of malicious intrusion and control of the security smart terminals of the business application system.

Some common applications such as Web Server programs, FTP service programs, E-mail service programs, browsers and Office software have their own security vulnerabilities and potential safety hazards caused by improper configuration, which will lead to a decline in the overall security of the vehicle network.

Smart terminals also have the risk of being invaded and controlled. Once malicious code is implanted in a smart terminal, when the user uses the smart terminal to interconnect with the vehicle system, the malicious software in the smart terminal will take advantage of possible security vulnerabilities in the vehicle computer system to implant, attack or spread malicious code, thereby causing the vehicle computer system to malfunction or even take over control of the vehicle.

05. Access risk: On-board diagnostics (OBD) interface attack

The OBD interface is the only interface for the car ECU to interact with the outside world. It can read the information of the car ECU, the current status of the car, the car's fault code, and test the car's preset actions, such as window lifting, engine shutdown, etc. In addition to the above basic diagnostic functions, it may also have complex special functions such as power refresh and odometer modification.

As a node on the bus, the OBD interface can not only monitor messages on the bus, but also forge messages (such as sensor messages) to deceive the ECU, thereby changing the behavior of the car. By implanting malicious hardware with wireless transceiver functions in the car's OBD interface, attackers can remotely send malicious ECU control instructions to the hardware, forcing the engine of the vehicle to shut down at high speed, maliciously turning the steering wheel, etc.

06. Security threats of wireless sensors in vehicles

To ensure convenience and safety, intelligent connected cars use a large number of sensor network communication devices. However, sensors also have potential threats such as eavesdropping, interruption, and injection of communication information. Even interference with sensor communication devices can cause unmanned vehicles to deviate from their lane or make emergency stops, which are dangerous actions.

For example, hackers can crack the car's keyless entry (PKE) system by looking for patterns in wireless transmitter signals and exploiting security vulnerabilities, ultimately opening the door without authorization. In 2016, hackers broke into the PKE system of the Tesla Model S by "recording and replaying" the PKE wireless signal.

Smart connected cars also use sensors to detect other vehicles and hazards. They rely primarily on detection capabilities such as radar, lidar, ultrasonic sensors, and vision sensors. These sensors can get stuck, interfering with safety responses such as automatic braking or tricking into presenting objects that aren't there, which can cause the vehicle to steer or brake unnecessarily. A team of researchers from the University of South Carolina, Zhejiang University, and Qihoo 360 first demonstrated these attacks on a Tesla Model S while it was stationary. In 2019, Tencent Keen Security Lab misled another Model S while it was moving.

In-vehicle network transmission security threats

The relatively closed network environment inside the car seems safe, but there are many security gaps that can be attacked, such as tire pressure monitoring systems, Wi-Fi, Bluetooth and other short-range communication devices. If only simple verification security measures are used, it cannot resist attackers' targeted sensor information collection, attack message construction, message protocol analysis and message replay attacks.