In 1921 the Allgemeine Automobil Zeitung stated: “The car is now complete. No further improvement is needed.” This statement is just as false today as it was back then. New technologies always entail certain risks – and especially the technical development of cars is moving along at rapid speed. Only last summer cyber attacks on Tesla and Jeep vehicles created a stir and showed that connected cars desperately require new security solutions.
The question that arises is: How can automotive manufacturers design connected cars to be secure? They need to rethink their data security processes. If not, future developments will be hindered by hackers, and customers might lose faith in existing solutions.
- Integrating security technology from the beginning: Car manufacturers need to occupy themselves with security questions intensively from the beginning of the development stage and then implement appropriate solutions into their vehicles. A lot of OEMs simply tend to update already existing models. This makes implementing a consistent security concept a difficult task. Ideally, manufacturers would first identify all interfaces and devices that have access to the internet. These could be Bluetooth connections, infotainment systems, USB ports or the driver’s smartphone. It is crucial that the makers separate the most important networks for steering from other systems, such as the infotainment center. The challenge is that numerous components come from automotive suppliers. They also increasingly need to look after the digital security of their products.
- Assessing risks beforehand: Manufacturers must be aware of all vulnerabilities their systems have. It’s only based in this type of risk analysis that developing a reliable security architecture for all connected devices is possible. Here, automotive producers can benefit from the knowledge of external agents: IT experts can deliberately target all weak points that might lead to attacks. Additionally, external partners create tests for the independent examination of individual components. They do so by impersonating hackers and working with their methods to hack hard- and software.
- Securing cars throughout their entire life cycle: Compared to other devices that are connected to the internet, cars have a considerably longer life span. While laptops and smartphones are often replaced after a few years, systems in connected cars need to endure 10 to 15 years of use. Furthermore, a lot of car owners tend to lend their car to others or sell it. Thus, it is necessary that manufacturers are able to install remote security apps, delete the data of the previous owner and unlock new applications. The communication channel for these updates needs special protection. Consequently, car manufacturers should exclusively use VPN connections when communicating with the cars – it’s just like remotely accessing a company’s network from a laptop. If every software update additionally receives a signature, third parties are unable to plant foreign codes.
Last but not least, customers expect viable security solutions for connected cars from manufacturers. According to a recent survey by the Fédération Internationale de l’Automobile (FIA) on the acceptance of connected cars in Europe, 56 percent of respondents await manufacturers to improve security in these vehicles.
Only when security concerns no longer dominate customer’s thoughts, will this type of car be successful commercially. The car will thus never be complete. Yet exactly this makes the field an exiting one to be in and leaves room for the developer’s creativity.
Within NTT we are taking security topics very seriously as well, NTTcom.Security is fully specialized on this topic. With our comprehensive experience we are supporting our clients in reducing upcoming threads and making their systems’ more secure.
Latest posts by Monika Sadowska (see all)
- Don’t let hackers take the wheel: security solution for connected cars - 17. February 2016
- Faster, higher, further, more connected: automotive trends - 18. January 2016
- What auto industry needs to learn from today’s cutting edge leaders. - 30. November 2015