There’s a strong argument for classifying modern vehicles as computers on wheels. Hidden under the bodywork, electronic control units (ECUs) perform a wide range of tasks from managing the engine to controlling cabin temperatures, as well as delivering a raft of safety features.
Piping the signals from ECU to ECU are various in-car networks augmented more recently by a fusion of sensors, including multiple cameras, short/medium/long-range radar and laser-based LiDAR units coupled with powerful processors (for a primer, see this blog post from project partner Copper Horse).
Operating correctly, these systems provide valuable driving assistance – anticipating dangers in the road and reducing the burden of navigation (all while delivering state-of-the-art infotainment to the vehicle’s occupants). But what happens when things go wrong or automotive networks come under attack from bad actors?
Securing future automobiles
Breaching a vehicle’s network – either physically or remotely – can expose ECUs to a number of attacks, allowing adversaries to potentially take control of the car and threaten the safety of occupants and bystanders. Other concerns include threats to data privacy and the potential for financial harm – for example, through fraudulent activity or by exposing the vehicle to theft.
You’ll find out more about how Secure-CAV provides advanced cybersecurity for connected and autonomous vehicles in upcoming blog posts.
Evaluating automotive threats
Currently, the Secure-CAV project team is prioritizing use cases – working with automotive suppliers to pinpoint areas where hardware solutions can deliver the biggest benefits to road users and car manufacturers.
To evaluate the threat landscape of each of these in more detail, we can lean on a number of modelling techniques. These include approaches that have been successful in boosting the security of software development, such as Microsoft’s STRIDE (a mnemonic for six major threat categories – Spoofing, Tampering, Repudiation, Information Loss, Denial of Service and Elevation of Privilege) framework.
Taking things a step further still, it’s possible to deploy automated solutions – many of which now come with automotive-specific templates and libraries – to hunt down vulnerabilities and generate a list of threats for risk analysis.
Preparing for this initial phase of the project, we found over a dozen threat modelling resources (some paid-for and some available for free) that could be of interest to design teams, including a number of off-the-shelf solutions.
As devices become more connected, we’re seeing a greater number of industries look to threat modelling tools and techniques as a way of integrating security more closely into product design. In the automotive sector, this includes car makers and their Tier 1 suppliers.