Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Securing Connected Cars: How to Create a Cost-Effective, Secure In-Vehicle Network Backbone

The U.S. Department of Transportation recently announced that the latest round of autonomous driving regulations will be released this summer. Dubbed AV 3.0, the new policy will set federal guidelines for how autonomous and assisted driving solutions need to work on public roads.

The U.S. Department of Transportation recently announced that the latest round of autonomous driving regulations will be released this summer. Dubbed AV 3.0, the new policy will set federal guidelines for how autonomous and assisted driving solutions need to work on public roads. A big part of making autonomous driving accessible will be the ability for car makers and suppliers to secure the networks that power these increasingly sophisticated vehicles. In fact, that’s what cars today have become: highly-sophisticated mobile computer networks that just happen to travel at highway speeds.

Computing power and interconnectivity are increasingly critical to car design as advanced driver assistance and infotainment systems become standard in virtually every make and model. Disparate systems need to talk to each other in real time to apply brakes, adjust steering or alert the driver of another vehicle, pedestrian or obstruction in the roadway. These connections need to be lightning fast—driver and passenger safety depends on it.

A few years ago, the industry made a conscious decision to move away from traditional vehicle harness wiring toward automotive ethernet and WIFI. And, now, as 5G moves from the vaporware stage to actual, real-world deployments, the new high-bandwidth, low-latency wireless standard is expected to be a key technology that will enable autonomous driving, facilitating in vehicle networking as well as vehicle-to-vehicle (V2V) and vehicle to infrastructure (V2I) connectivity.

New Protocols Increase Security Concerns

As new networking protocols are developed, car makers, suppliers and consumers are wondering how secure these connections will be. If hackers can take down a 5G network that was being demonstrated at the Winter Olympics—there’s no reason to think that autonomous vehicles are not at risk.

Connected cars need a single, central network backbone that connects disparate systems in real time and enables the kind of high-bandwidth, low-latency capabilities that assisted and autonomous driving requires. Everything from radar and video systems to braking and steering assistance need to be connected and synchronized across digital cockpits, mobile devices and, eventually, a central command and control center. Most importantly, this network backbone needs to be highly secure—able to adapt in real time to the most sophisticated security threats.

The Need for Testing

We have said it before, and will say it again. Testing is critical to achieving reliability and availability of any network. Car makers and autonomous vehicle suppliers need to constantly probe their own networks and systems for both persistent threats and vulnerabilities. Catching attackers already in the network and preventing them from worming their way into critical systems is the only way to prevent catastrophic events. In addition, testing needs to extend beyond just critical systems. Non-essential systems—such as infotainment systems, connected mobile devices and WiFi—may become soft targets that hackers exploit more easily before moving onto their real objective. A comprehensive testing strategy both during the research and development phase as well as after a product has gone to market can stop these threats before they become major security hassles.

Advertisement. Scroll to continue reading.

A Call for Interoperability

Autonomous vehicles are not the brainchild of a single manufacturer. Thousands of parts are brought together in a highly-complex manufacturing process, and each component and its connection to the greater network backbone represents a separate security risk. Car makers and parts manufacturers need to ensure interoperability between different components, ensuring that the connection between them is reliable, safe and secure.

The Visibility Requirement

Finally, visibility into the performance of autonomous vehicle components and automotive networks is crucial to ensuring security. Slow compute times, variable connection speeds and unpredicted behaviors can be signs of a security breach. It is critical that stake holders—whether they be manufacturers, service providers, repair professionals, fleet managers or operators themselves—have access to performance and availability data in real time with the ability to analyze key metrics and conduct reliable post-event analysis.

Cars are increasingly relying on robust digital networks to connect disparate systems for assisted and autonomous driving as well as other infotainment features. These mobile computer networks need to be highly secure to prevent someone or something taking control or disabling our vehicles. Securing 5G will be especially critical as the new wireless standard takes over automotive ethernet connections. It’s important that car makers and autonomous driving solution developers use rigorous testing, ensure their products seamlessly interoperate with each other and operators have complete visibility into performance and availability metrics. The consequences could be deadly.

Written By

Marie Hattar is chief marketing officer (CMO) at Keysight Technologies. She has more than 20 years of marketing leadership experience spanning the security, routing, switching, telecom and mobility markets. Before becoming Keysight’s CMO, Marie was CMO at Ixia and at Check Point Software Technologies. Prior to that, she was Vice President at Cisco where she led the company’s enterprise networking and security portfolio and helped drive the company’s leadership in networking. Marie also worked at Nortel Networks, Alteon WebSystems, and Shasta Networks in senior marketing and CTO positions. Marie received a master’s degree in Business Administration in Marketing from York University and a Bachelor’s degree in Electrical Engineering from the University of Toronto.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.