Designing Cost-Effective Ethernet Automotive E/E Architecture Against

Security Threats

2017 IEEE-SA Ethernet & IP @ Automotive Technology Day

2

l Connected vehicle attack surfacesl High level security needsl Hardware security protectionl Ecosystem managementl Network Partitioning for securityl Hardware-secured TLSl Ethernet switching requirementsl Example of secure Ethernet IVN

Agenda

3

Cars Are Already Connected

More than 20% of vehicles sold worldwide in 2015

included embedded connectivity solutions

More than 50% of vehicles sold worldwide in 2015 to be

connected (either embedded, tethered or smartphone integration)

Every new car to be connected in multiple ways

by 2025

The new question: • Will these cars be connected with a foundation of

security in mind?

4

High Visibility Hacks Influencing Market Trend

• Resulting in new regulations and OEM cybersecurity specs

5

l Increasing remote attack interfacesl On-board diagnostic portl Telematics

l Wi-Fi® hotspot & long-range wireless connectivityl 3G, 4G, LTE

l Bluetooth ® connections (smartphones)l Passive entry / keyless systems

l Infotainmentl Storage media (CD, USB, SD card)

l Attack scenariosl Safety critical (Brakes, engine control…)l Obstructive (Instrument reading, lights, infotainment…)

• No security on CAN2.0 & limited bandwidth to implement• Ethernet VLANs for traffic separation not security

Attack Surface Keeps Growing

6

High-Level Security Needs

l Ease of integration into existing architecture & Engine

Control Units (ECUs)

l Scalable across platform models

l Flexible migration to next-generation architecture

l Common methodology across all types of In-Vehicle

Networking (IVN)

l Intrusion detection and OTA updates

• Cost effective total solution!!

7

Attributes of Automotive Hardware Security Devices

l Secure Key Storagel Trusted Ethernet nodes with secure boot & firmware updatel TLS key protectionl CAN communication keys & certificates storagel CAN communication session key(s) storage

l Ease of Integrationl Less code = lower costl Minimal code updates on node microcontroller (MCU)

l Node Authentication & Key Agreementl ECU authentication & key agreement schemel Encrypted and authenticated command sessions

l Hardware Crypto Acceleratorsl Symmetric and asymmetric algorithmsl High quality random number generatorsl HMAC & CMAC for serial communication protection

l Automotive Grade-1High-security storage

8

Unprotected Hardware AttackMicroprobe to See Internal Device Nodes and Extract Keys

• Software can NOT protect private keys!

9

How Keys are Protected Matters!

l Strong Multi-Level HW Securityl Starts with active shieldl Plus a multitude of environmental tampersl Protection modesl Ability to erase keys

l Designed to Defend Againstl Microprobe attacksl Timing attacksl Emissions analysis attacksl Fault , invalid command attacksl Power cycling, clock glitches

HW Crypto Devices

StandardDevices

10

Security Considerations at every Node in the Vehicle

• SAE J3061 Consider risks associated with each vehicle system

11

Ecosystem Management

l Protect your brand

l OEM’s can manage approved suppliers for each node

l Only approved safety critical nodes operate in the vehicle

l X.509 certificates can help in authentication genuine components

12

Digital Certificates

l The x.509 Digital Certificate is a unique verifiable form of identity for the node

l It comprises three main components:l The device public keyl A signature to enable verification of

the authenticityl Data capturing any attributes the

owner intends as part of the identityl Certificates are standards

driven forms of identity for the Internet

Static Data (SN, model number, etc.)

Dynamic Data (Date, time, etc.)

Device Public Key

Signature

KPUB_DEVICE

13

Creating a Certificate (Provisioning)

Device Static & Dynamic Data

KPUB_DEVICE

Has

hSIGN

KPUB_OWNER

KPRI_OWNERKPUB_DEVICE

KPRIV_DEVICE

Certificate

HW Security DeviceMCHP or OEM

1. Create a unique key pair for each participant

2. MCHP or OEM creates device certificate

3. O

wne

r em

beds

cer

tific

ate

into

dev

ice

Signature

• Remember: private keys, no matter which, must remain secret!

14

Physicalprotection/Tamper-proof

MULTI-PORT ETHERNET

SWITCH

APPLICATION SOFTWARE

CPU

VLAN PTP

Monolithic Approach to Securing Ethernet

KEY STORAGE DEBUG, TEST, SCAN

Secure Coding

ACL DPI

Ingress Policing Secure BootAuthentication

EncryptionDownload / OTA

ü ComplexX Flexible

X Scalable

X Common methodology

X Existing architecture

? Cost effective

? Secure

à Impractical àPartition network

15

Partitioning Network for Security

l Separate common network security from data traffic processing

Common Network Functions

• Physical defence mechanisms• Secure boot & download• Authentication• Key management• Ecosystem and certificate chain

management

Network Specific Processing

• Virtual LANs• Access control• Deep packet inspection• Ingress / egress policing• Intrusion detection / protection

• Optimizes security performance, flexibility and cost• Any ECU, any architecture, any configuration, any bus

16

Scalable Security for IVN

Processor or Microcontroller

Secure boot & HDCP

MOST

Processor or Microcontroller

Secure Boot & Ethernet TLS

Ethernet

CAN Bus

Processor or Microcontroller

Secure Boot, CAN Security, Ethernet TLS

Ethernet

CAN Bus

Processor or Microcontroller

Secure Boot, Upgradable to CAN security

Processor or Microcontroller

Secure Boot, CAN Security

CAN Bus

Security IC

• Addresses large number of ECU architectures• Secure Boot at each node

17

Software-Only TLSAuthentication

Main Software

Stack

or

Device main MCU

AuthenticationRequest

Cry

pto

API

Cipher Suite SW Module &

KEYS

TLS = Transport Layer Security

l Performs cryptographic functions in software in the device MCUl Requires more code spacel Requires more processing

loadl Houses keys in software

and unsecured memoryl Small nodes with low-end

processors are too slow

• Software-only TLS is vulnerable!

18

Hardware Secured TLSAuthentication

Main Software

Stack

or

Device main MCU

AuthenticationRequest

Mic

roch

ip H

W-T

LS A

PI

Secu

rity

IC

• Authentication• Key agreement• Key storage

l Hardware-TLS offloads cryptographic functions from the device MCUl Access via HW-TLS API

l Security IC handles all computation

l Minimal code space & computational load

l Keys are generated & protected in secure hardware

• Keys are secure!

19

Exploiting Automotive Ethernet Network Characteristics

l Fixed star / hybrid network topologyl Typically maximum eight network ports on ECUl Applications, traffic flows are known and pre-determinedl Network configuration is static (MAC, IP addresses)l Broadcast, multicast and unicast trafficl Limited use of protocols

l TCP/UDP, DoIP, PTP, SOME/IP ….

• Well-defined and bounded network• Exploit to deploy intrusion detection / protection• LEARN à MODEL à ANALYSE à ACT

20

Ethernet Switch Security Requirements

l Requires hardware features to support intrusion detection / protection

l Prevent typical attacks; spoofing, flooding, misuse / failuresl Dynamically update to adapt to changing network behavior

l 802.1Q VLANl AVB (time synchronized)l 802.1Qci Ingress policing and filtering (per stream per port)l Extensive network statistics gathering (metadata)l TCAM-based layer 2,3,4 deep packet inspection

l Forward, drop, mirrorl Time stampl Countl Modify packetl Rate limit

l 802.1x Port and MAC authenticationl Enhanced diagnostics (harness defect detection)l Seamless redundancy

21

Example Secure Ethernet IVN

AMP

Display

Head Unit

Antenna

Sensor Fusion

CA

M

Lida

r

CA

M

Rad

ar

Gateway

OBD

Door

Lights

Fan

CAN

Ethernet

?

?

Flexible, Scalable Cost-effective & Secure!

Add tiny Security companion IC

= Secure Link

Infotainment

Telematics

ADAS Body

22

Come and visit us at Booth #2 J

l Ethernet Gateway Security Demonstratorl Ethernet AVB Streaming Demonstrator

Thank You!