I was recently made aware of an article where some security researchers attempted to attack and exploit security vulnerabilities in vehicles through the use of tools and applications designed to access and utilize information on the vehicle network. What struck me as interesting about this article is that there seems to be no end to the level of creativity someone will apply to misusing a system. Moreover, it was also apparent that controlling access to the vehicle network makes it more difficult to exploit.
This is really no surprise to the security world. Access control and authentication are indeed solid pillars of any good security implementation. Failures in access control and authentication arguably account for the vast majority of security failures globally. I would go so far as to say, from my personal observation, that we can probably manage at least 80% of security issues through such measures.
So why is this potentially problematic in the automotive industry? Simply put, it is because of legacy technologies combined with challenges in cooperative collaboration.
Vehicle networks have evolved over the last several decades from simple communications within a vehicle using a technology known as CAN Bus (Control Area Network). This is an effective and robust technology that has been battle tested for years and allows for rapid and reliable communication between devices found in a vehicle. The problem with CAN Bus, however, is that it was not designed with secure communications in mind, and attempts to add secure certificate-based authentication to CAN Bus devices have not been very successful.
This has not deterred the technology industry, where manufacturers of microcontrollers used in vehicles have risen to the challenge and created various secure and robust solutions that can augment or entirely replace the traditional CAN Bus. Where the challenge manifests itself is in getting the entire automotive industry to agree on an interoperable and ubiquitous solution. CAN Bus just works, and everyone who makes parts that communicate in a vehicle network knows how it works and how to keep making it work. We as consumers of vehicles demand reliability, so automotive manufacturers are loathe to mess with their winning formula.
Yet we are talking about being inside the vehicle network. What has happened in the last decade or so is connecting the vehicle internal network with the outside world. This has allowed a world of digital diseases to work their way into the vehicle, and as vehicles continue to connect to the outside world, it will only become more challenging to keep things secure. This is, however, where we can easily apply tried and true secure certificate-based authentication methods, based on PKI, and limit access to vehicle networks.
The challenge here, however, is that unlike the well-established methods that are deployed in enterprise and global networks, there are currently no consistent and standardized methods the automotive industry has agreed upon for how such systems are to be implemented and managed. This means that if an automotive manufacturer implements trusted authentication in their global vehicle network, there is a high likelihood that anything outside of the control of the vehicle manufacturer will be unable to communicate with their vehicles.
This becomes a major issue for car repair facilities, who rely on diagnostic equipment that must communicate with the vehicle to facilitate proper repairs. In essence it means that every repair facility would need diagnostic equipment specific to each manufacturer, and that is only if the manufacturer is cooperative. While the automotive community has engaged with the diagnostic community in forging some secure certificate-based authentication standards, there is still no finalized and global agreement about how this will be implemented or managed.
DigiCert is fully committed to working with the automotive industry to help standardize and implement trusted authentication. While changing the way such a large industry does things is always challenging, the effort to build a secure digital world is a commitment worth pursuing.