cyber security for the connected car

13
Cyber Security for the Connected Car Bob Leigh, Director of Market Development, RTI

Upload: real-time-innovations-rti

Post on 07-Jan-2017

568 views

Category:

Software


3 download

TRANSCRIPT

Page 1: Cyber Security for the Connected Car

Cyber Security for the Connected Car

Bob Leigh, Director of Market Development, RTI

Page 2: Cyber Security for the Connected Car

RTI’s Experience• ~1000 Projects

– Automotive– Healthcare– Communications– Energy– Industrial– Defense

• 15+ Standards & Consortia Efforts– Interoperability– Multi-vendor ecosystems

Page 3: Cyber Security for the Connected Car

Industrial IoT Key System Characteristics

• Reliability• Scalability• Safety• Security• Resiliency

Large scale, heterogeneous, built with multi-vendor components, often broadly distributed and evolving

Page 4: Cyber Security for the Connected Car

It’s All About the Data

Data centricity enables interoperation, scale, integration

Unstructured filesDatabase

Data Centricity Data at Rest

Messaging middleware

DataBus

Data Centricity Data in Motion

Page 5: Cyber Security for the Connected Car

DDS Standards: Layered View

DDS v 1.4

RTPS v2.2DD

S-SE

CURI

TY

DDS-

RPC*

DDS-

XTYP

ES

Application

UDP TCP** DTLS** TLS**

DDS-C++ DDS-JAVA* DDS-IDL-C DDS-IDL-C#

SHARED- MEMORY**IP

DDS-

WEB

HTTP(s)

IDL

4.0

Page 6: Cyber Security for the Connected Car

Unit DataBusUnit DataBus

Sensor-to-Cloud

• Connect…– Fast– Seamless– QoS controlled– Secure– Data centric

• Multiple Platforms• Various Transports

In-Car Platform

V2V & V2X

Public Internet Cloud DataBus

Site DataBus

Fleet Management

Unit DataBus

Sense Act

Think HMI

Machine DataBus

Connext

Page 7: Cyber Security for the Connected Car

Connected Car: Security Challenges

• Sensor to Cloud Integration• Multiple Attack Surfaces

– Internet– Cloud– Other cars– In-car

• Connecting Autonomous Cars

Page 8: Cyber Security for the Connected Car

Cloud ServicesConnected, Autonomous Car

Sensing

Planning

Radar, LIDAR Vehicle Platform Navigation

Error Management

Visualization

Situation AnalysisSituation Awareness

Vision FusionCameras, LIDAR,

Radar …

Data Fusion

LoggingVehicle Control

Localization

DDS Bus

Traffic Maps

DDS Bus

Page 9: Cyber Security for the Connected Car

Three Security Boundaries

• Boundary security

• Transport-Level – Network (layer 3) security– Session (layer 4/5) security

• Fine-grained Data-Centric Security

Introducing: RTI Connext DDS Secure

Page 10: Cyber Security for the Connected Car

Threats

• Unauthorized Subscription

• Unauthorized Publication

• Tampering & Replay

AliceBob

EveTrudy

TrentMallory

Local machine is assumed to be trusted

Page 11: Cyber Security for the Connected Car

Practical Fine-Grain SecurityConnext™ DDS Secure• Per-Topic Security

– Control r,w access for each function– Ensures proper dataflow operation

• Complete Protection– Discovery authentication– Data-centric access control– Cryptography– Tagging & logging– Non-repudiation– Secure multicast– 100% standards compliant

• No code changes!• Plugin architecture for advanced uses

WatchdogSensor Planning Operator

State Alarms SetPoint

Topic Security model:• Sensor: State(w)• Watchdog: State(r); Alarms(w)• Planning: State(r), SetPoint(w)• Operator: *(r), Setpoint(w)

Page 12: Cyber Security for the Connected Car

Summary• A connected car has multiple attack

surfaces, many exposed publicly• Risk, especially with self-driving cars, is high• The system needs reliable, flexible, real-

time, secure connectivity• Security should be part of the architecture

design, embedded in multiple system layers• Connext™ DDS Secure supports fine

grained security

Page 13: Cyber Security for the Connected Car

Contact

[email protected]

©2016 Real-Time Innovations, Inc. Confidential.