cyber security for the connected car
TRANSCRIPT
Cyber Security for the Connected Car
Bob Leigh, Director of Market Development, RTI
RTI’s Experience• ~1000 Projects
– Automotive– Healthcare– Communications– Energy– Industrial– Defense
• 15+ Standards & Consortia Efforts– Interoperability– Multi-vendor ecosystems
Industrial IoT Key System Characteristics
• Reliability• Scalability• Safety• Security• Resiliency
Large scale, heterogeneous, built with multi-vendor components, often broadly distributed and evolving
It’s All About the Data
Data centricity enables interoperation, scale, integration
Unstructured filesDatabase
Data Centricity Data at Rest
Messaging middleware
DataBus
Data Centricity Data in Motion
DDS Standards: Layered View
DDS v 1.4
RTPS v2.2DD
S-SE
CURI
TY
DDS-
RPC*
DDS-
XTYP
ES
Application
UDP TCP** DTLS** TLS**
DDS-C++ DDS-JAVA* DDS-IDL-C DDS-IDL-C#
SHARED- MEMORY**IP
DDS-
WEB
HTTP(s)
IDL
4.0
Unit DataBusUnit DataBus
Sensor-to-Cloud
• Connect…– Fast– Seamless– QoS controlled– Secure– Data centric
• Multiple Platforms• Various Transports
In-Car Platform
V2V & V2X
Public Internet Cloud DataBus
Site DataBus
Fleet Management
Unit DataBus
Sense Act
Think HMI
Machine DataBus
Connext
Connected Car: Security Challenges
• Sensor to Cloud Integration• Multiple Attack Surfaces
– Internet– Cloud– Other cars– In-car
• Connecting Autonomous Cars
Cloud ServicesConnected, Autonomous Car
Sensing
Planning
Radar, LIDAR Vehicle Platform Navigation
Error Management
Visualization
Situation AnalysisSituation Awareness
Vision FusionCameras, LIDAR,
Radar …
Data Fusion
LoggingVehicle Control
Localization
DDS Bus
Traffic Maps
DDS Bus
Three Security Boundaries
• Boundary security
• Transport-Level – Network (layer 3) security– Session (layer 4/5) security
• Fine-grained Data-Centric Security
Introducing: RTI Connext DDS Secure
Threats
• Unauthorized Subscription
• Unauthorized Publication
• Tampering & Replay
AliceBob
EveTrudy
TrentMallory
Local machine is assumed to be trusted
Practical Fine-Grain SecurityConnext™ DDS Secure• Per-Topic Security
– Control r,w access for each function– Ensures proper dataflow operation
• Complete Protection– Discovery authentication– Data-centric access control– Cryptography– Tagging & logging– Non-repudiation– Secure multicast– 100% standards compliant
• No code changes!• Plugin architecture for advanced uses
WatchdogSensor Planning Operator
State Alarms SetPoint
Topic Security model:• Sensor: State(w)• Watchdog: State(r); Alarms(w)• Planning: State(r), SetPoint(w)• Operator: *(r), Setpoint(w)
Summary• A connected car has multiple attack
surfaces, many exposed publicly• Risk, especially with self-driving cars, is high• The system needs reliable, flexible, real-
time, secure connectivity• Security should be part of the architecture
design, embedded in multiple system layers• Connext™ DDS Secure supports fine
grained security