In previous blogs, consortium members Coventry University (Institute for Future Transport and Cities), and James Tyrrell from cybersecurity specialists Copper Horse, have detailed the structures in place to narrow down potential weak points in the vehicle’s systems, and to ‘stress’ test the approach we take. In line with the objectives of the project, our aim at Siemens Digital Industries Software is identifying and putting in place an embedded infrastructure (Tessent Embedded Analytics – a combination of embedded hardware and software interfaces) capable of tackling cybersecurity hacking threats to driver or vehicle safety.
As part of the team’s approach, Siemens’ Lee Harrison also talked about the importance of a Defense in Depth strategy which is key to how we approach the question of tackling cybersecurity threats. One of the main challenges of a long-term strategy for securing future connected and autonomous vehicles, is that we have to accept that we won’t always know the direction, the target, the source, the nature of the attacks – all of these things and more will change over time. Whatever technology we put in place has to be both aware of changes in the threat landscape, and capable of identifying when they constitute a threat, and tackling them. But what does that mean in reality when developing a system?
At this stage of the project, I thought it would be a good opportunity to discuss the embedded hardware and software platform Siemens has built for Secure-CAV project.
The core of our technology is built around an existing FPGA prototyping platform. It has been customised for specific application in the Secure-CAV environment, specifically with two CAN-HG enhanced CAN controllers, with the optional interface to connect an additional external CAN bus. CAN-HG is an evolution of the 30 year old CAN standard, with Higher speed and improved security (Guarded bus).
The Tessent Embedded Analytics platform (from Siemens) supports heterogeneous architectures: that is, multiple processors, from different vendors. In the case of the Secure-CAV Embedded Analytics platform, there are four Arm Cortex-A53 processors and two Arm Cortex-R5 hard cores in the processor subsystem. Additionally, there are three soft RISC-V Rocket cores, one managing the analytics and two system CPUs. It is the task of the Embedded Analytics hardware monitors within the FPGA to observe system behavior in real time.
The software on top of the hardware subsystem is key to accessing and interpreting the data and to configuring the embedded hardware as well as enabling target applications to be run on the platform. There is an interactive Python command line frontend, built on top of standard Embedded Analytics software tools; also a C/C++ target library, containing building blocks for putting together applications that run on target CPUs. An analytics application built on the Tessent Embedded SDK runs on a supervisory CPU in an SoC, to setup, configure and process the output of the Embedded Analytics.
In the second part of our Secure-CAV cybersecurity technology overview, we will share with you how the core platform works: the steps it takes in detecting and defending against potential threats.