Last month, we completed our first consortium agreed specification for the Secure-CAV security systems demonstrator. I wanted to share some of the background to what this is and why it’s a fundamentally important part of the Secure-CAV project.
Modern vehicles and particularly CAVs (connected and autonomous vehicles) mean vehicles will inevitably have increasingly complex designs and feature-sets. CAVs are increasingly designed around a network of ECUs – computers handling key functions and features from driving and powertrain control, to system-connectivity, sensing and body modules. Such ECUs are interconnected through various onboard networks, including typically a data bus known as the Controller Area Network (CAN).
More about the CAN bus and vehicle connectivity can be found in a blog by James Tyrrell from Copper Horse. Such modern vehicles are therefore an example of a Cyber-Physical System (CPS) which make them vulnerable to cyber-attacks.
A rapidly evolving threat landscape in cybersecurity risks means that traditional methods of engineering security and safety systems for vehicles are likely to prove to be inadequate and the risks will only increase as threats continue to evolve.
The Secure-CAV consortium was funded by InnovateUK and set up to develop cybersecurity solutions to bridge this gap between the technology roadmap, and the inevitable progress of hacking and risks to automotive security, which ultimately means passenger safety.
How do you tackle a ‘potential’ and ‘evolving’ threat that can’t always be clearly defined today? Well, our approach, as part of the Secure-CAV consortium, along with UltraSoC, Copper Horse and University of Southampton, has been to design and develop an in-depth evaluation program to address the connectivity jungle and complexity of design challenges
In short, this program has been specified to allow us to build a validation platform – a ‘demonstrator’ replicating and simulating a full-scale functional automotive architecture which will fully represent the connectivity options (e.g. wireless, 5G) that will link CAVs to the external environment.
The demonstrator comprises simulators to generate data, communication and architectures, supported by a dedicated configuration platform for test control. The validation platform must be capable of demonstrating and testing the core technology: the efficacy of UltraSoC’s embedded analytics IP delivering in-life monitoring capabilities to the CAV system; and an FPGA based multicore platform for the parallel data processing and analysis functions.
As the Secure-CAV demonstrator replaces the on-board vehicle network for the purposes of validation, it is essential in:
- Assessing the resilience (of components, subsystems and the whole system) to commodity and bespoke multi-vector cyber attacks
- Tracing and auditing low-level behaviours for evidence-driven assessment;
- Localising design and implementation vulnerabilities at chip, firmware and software levels; and
- Collecting data for industry use and wider experiment-led collaborations with academic and developer communities.
We are excited by the progress already made and look forward to sharing more information and results as the program continues.