Automotive Industry Data Protection

Automotive

As the auto industry evolves, so too does the need for hardened security solutions.

Related Case Studies

While innovations in speed, safety, and comfort have defined the automobile industry in the past, automakers of the future will be defined by smart technology and autonomous capabilities. The Futurex Hardened Enterprise Security platform secures the critical operating data of automobiles and helps protect the physical safety of those behind the wheel.

Modern vehicles contain hundreds of different electrical control units, including software based communication technology. The technology which allows for interconnectivity and autonomy requires unique protection. The automobile and computer technology industry are colliding, making vehicles subject to the same threats as computers. If information such as traffic and weather patterns can be shared with a vehicle, so too can malicious software with the potential to invade privacy, cripple safety systems, and effect a vehicle’s drivability.

Futurex Solutions

Object Signing and Mutual Authentication

Futurex’s object signing ensures the authorized transmission of data between two endpoints (the car manufacturer sending out updates and the vehicles on the roads). It allows auto manufacturers to quickly and efficiently send secure firmware and software updates to vehicles both in production and existing in the market. An outside source, attempting to import, load, or alter manufacturer software while in transit or otherwise would be denied. The vehicle actively rejects changes that are not from the same, authorized, parent source.

Object signing can also be used for parts verification. Car batteries for example, one of many components at risk of being counterfeited, can be digitally signed on the manufacturing floor. Other components, such as control modules and smart keys, can also be protected with digital signatures. These signatures cannot be replicated, protecting the brand and consumers from dangerous counterfeits.

Multi-Factor Authentication

A vehicle does not inherently know it's owner, it responds to the physical key. Multi-factor authentication adds an additional protective layer when verifying end-users and, once implemented, gives smart vehicles the capacity to reject commands from fraudulent, inauthentic key holders.

There are three ways of identifying users: with something users know (such as a password or PIN), with something users have (such as a smart card or token), or through something users are (such as biometrics: retina scanning, voice recognition, fingerprint scanning, and so on). Multi-factor authentication adds an extra layer of security when verifying an owners’ identity by incorporating two of these categories. Futurex solutions provide the foundation of the Public Key Infrastructure necessary to identify end-users in this unique way.

Secure Communication: V2I, V2V, and V2D

Current Advanced Driver Assistance Systems and upcoming vehicles, with SAE levels 3 and above, require data sharing to function properly.

Vehicle-to-Infrastructure (V2I) communication gathers necessary global or local information, such as traffic or road conditions, to intelligently and efficiently lead a driver to a predetermined location. This information is gathered remotely, typically through a Wi-Fi connection, and from a substantial distance. With secured V2I communication, malicious individuals seeking to engage in passive eavesdropping and active interfering are directly denied.

Meanwhile, Vehicle-to-Vehicle (V2V) communication occurs when vehicles are in close range and are able to establish an ad-hoc network. They can then share speed, position, and directional data, necessary for autonomous driving. Open networks as such these require encryption so that malicious software cannot be shared or unknowingly applied to among drivers.

Vehicle-to-Device (V2D) communication describes the connection between unsecured mobile devices and vehicles for driver functionality and pedestrian safety. With V2D in place, drivers can remotely access their vehicles from smart phones, using certificate-based mutual authentication.

Embeddable, Form-Factor Hardware Security Modules

Futurex offers small, form factor hardware security module for general purpose endpoint security. The ESM1000 is designed for widespread environments and can be embedded into vehicles directly on the production line. This tamper-resistant device prevents unauthorized access to the core functionality and driving capabilities of the vehicle it is embedded in.

With an embedded cryptographic module inside deployed vehicles, your organization can leverage advanced key lifecycle management for over-the-air key rotation. With effective key management in place, your organization is secured and able to produce revenue-generating services such as tracking vehicle rentals and facilitating remote purchase upgrades.