QAC Automotive and Robotics (QAaR) Quality Assurance
FOCUSED ON THE FUTURE
Welcome to the eighth edition of the QAaR newsletter. In this edition, we’ll be sharing a bit of the state-of-the-art of automotive cybersecurity. We want to present some more details about the challenges and threats that a cybersecurity attack might present to the automotive domain and how quality assurance is crucial to address those issues.
Keeping you informed
Our automotive and robotics quality assurance workstreams
Automotive cybersecurity: the future of autonomous vehicles
The current advancement in Connected Autonomous Vehicles (CAVs) made the safety and security of these vehicles a key factor for manufacturers as any malfunction or attack could lead to severe consequences for the driver, passengers, or others outside of the vehicle. There are several types of cyber attacks frequently performed to automotive vehicles, which can be classified according to their types and entry points. Thus, in this newsletter, we will talk about some of the attack types and targeted attack entry points we have in CAVs.
Entry Point Levels of cyber attacks in automotive domain
Cybersecurity for Automotive is related to the protection of its electronic systems, communication networks, algorithms, software, hardware, and data. So, it’s pretty much everything in the car and the objective is to guard against malicious attacks, unauthorized access, and any unwanted manipulation. There are different entry points for attackers in CAVs which can be classified in 6 levels numbering these levels from 0 to 5.
- Level 0: Sensor interaction and driver interaction
- Level 1: Controls
- Level 2: Interfaces
- Level 3: Applications
- Level 4: Communication channels
- Level 5: Cloack and dagger
Level 1: It looks at controls such as those in drive control, process control, safety controls, etc. for this level, Door control, light control, climate control, Anti-lock Braking System (ABS), Supplemental Restraint System (SRS), and Emergency Brake Assist (EBA) are some example of potential entry points.
Level 2: It looks at interfaces such as the infotainment system which communicates with levels 0-1). They could be third-party applications such as Apple’s Carplay and Android auto are the main entry points. The infotainment system could also provide direct access to CAN bus which makes it vulnerable to attacks.
Level 3: It assesses applications on both mobile and infotainment system interfaces. Some potential entry points we can mention are peripherals and connected devices such as rear-seat entertainment (open up android hacks for instance).
Level 4: Technologies that leverage communication channels such as those found in wireless entry points belong to this level. Attackers in this level look at onboard Wifi within the car, GPS, LIDAR, RADAR, and other network communication capacities as the entry points.
Every mentioned level as the potential entry point is subjected to different types of attacks such as Physical, Network, Sensors, Software attacks, etc. In this newsletter, we only cover the first two types which are physical and network attacks.
Hackers use the vulnerabilities exist in some versions of Android devices, to launch undetectable attacks. Passwords and pins, and all permissions could be captured to leave behind almost no traceable attack.
Physical attacks usually include hardware modification, node replication, physical damage, and side channels attacks. Hardware hacking and modification involves attacking the physical infrastructure of a computer and occurs at the lowest level of the vehicle. Hardware hacking may be the result of replacing, removing, or replicating components of hardware systems within a car. Replication of the physical hardware itself is called node replication. It occurs when an attacker can harm the functionality of a network or communication device by injecting a clone, or replica into the environment. This type of attack may be done via a network where a car is considered a node. Attackers could damage vehicle components or even the vehicle itself in a physical damage attack scenario. Damaging headlights, locks, components that may be responsible for the power windows in a vehicle are just a few to mention here. Finally, there is one type of attack which is based on the information gained from the implementation of a computer system. A vehicle may be sold to a third party (such as registered dealer), so data may be wiped or left on components of the car, which could serve as potential information disclosure vulnerabilities, privacy, and sensitive user data.
Spoofing is defined as an email sent from a false sender address that asks the recipient to provide sensitive data. One of the most common attacks is the replacement of an authorized ECU program with unauthorized and malicious programs, connecting to the CAN bus using an unauthorized device. A malicious invasion may cause the Denial of Service (DoS) attack and create messages with ID 0, which are of the highest priority, which causes the CAN bus to become unusable.
Currently, we are working with the Ontario Tech University to list out all security concerns and are collaborating with them to choose specific types of attacks to focus on and build a comprehensive cybersecurity testing framework for CAVs. More information will be provided in the next newsletters.