During last week’s Cybersecurity Innovation Group virtual meetup, UltraSoC’s Chief Strategy Officer Aileen Ryan presented an update on the Secure-CAV initiative.
The Secure-CAV consortium was set up to drive the development of cybersecurity solutions for connected and autonomous vehicles (CAVs).
In ISO 26262, the risks are scaled according to Automotive Safety Integrity Levels (ASIL) – a scale of how likely it is that a risk could cause injuries or even be life threatening.
Similarly, in ISO 21434, the cybersecurity risks of systems within CAVs are scaled according to Cybersecurity Assurance Levels (CALs) from a scale of CAL1 to CAL4, where a CAL4 requires more significant security mechanisms to prevent potential catastrophe.
Using these ASIL and CAL rankings, the Secure-CAV team has been evaluating and modeling priority use cases to identify where a security risk has the greatest potential to have an impact on safety.
Although the Secure-CAV team has evaluated a broad range of risks and their impacts, Aileen’s presentation for the meetup highlighted six key areas:
- Vehicle remote take over
- Attacks on on-board diagnostics (OBD II) ports through custom written software
- Mobile network-based attacks on insecure connected vehicle platforms
- Insecure Telematics Control Unit (TCU) exploitation
- Mileage tampering
- Engine tuning invalidating vehicle warranty
The team has categorized each of these in terms of the potential threat, its impact, and the actor (who is likely to exploit it).
To see Aileen presenting this update, with more details on why these priority use cases are significant, click here to view the recording of the virtual cybersecurity meetup.
You will also be able to listen to Copper Horse discussing its insights into COVID-19 cyber-attacks; and Professor Mark Beach from the University of Bristol presenting the SWAN project’s perspective on wireless security risks and steps the industry is taking.
Look out for more news about our security use cases soon: including a chance to provide your thoughts and opinions on which of these areas present the most significant risks to the automotive industry.