Οι εποχές που το χειρότερο που μπορούσε να συμβεί ήταν να βρεις το τζάμι του αυτοκινήτου σου σπασμένο και τη κεφαλή του ράδιο/CD, ή πιο παλιά ακόμα του κασετοφώνου, να λείπει, έχουν προ πολλού περάσει.
Πλέον με τις δυνατότητες συνδεσιμότητας που έχουν τα συστήματα ψυχαγωγίας ή αλλιώς infotainment, των αυτοκινήτων, έχουν δημιουργεί κάποιες ανεπιθύμητες αδυναμίες ασφαλείας. Ο μέσος χρήστης βέβαια, μέχρι και τη στιγμή που μιλάμε, δεν τα χρησιμοποιεί σε τέτοιο βαθμό ώστε να τον απασχολούν ιδιαίτερα οι αδυναμίες τους.
Η τεχνολογία όμως γύρω από τα συστήματα infotainment εξελίσσεται και μαζί της και κάποιοι χάκερ, οι οποίοι βρίσκουν τρόπους να εκμεταλλευτούν τις αδυναμίες ασφαλείας που προκύπτουν, με κάποια εργοστασιακά συστήματα ψυχαγωγίας να έχουν ήδη παραβιαστεί.
Η Harman, η μητρική εταιρία της πασίγνωστης Harman Kardon, ανακοίνωσε ότι θα επικεντρωθεί στον τομέα της cyber ασφάλειας των αυτοκινήτων. Σύμφωνα με την εταιρία, το 60% των πελατών της, ανησυχεί για μια ενδεχόμενη παραβίαση του αυτοκινήτου τους από χάκερ , συνεπώς η ανάπτυξη συστημάτων που θα εξαλείφουν τη πιθανότητα να συμβεί κάτι τέτοιο έχει γίνει προτεραιότητα.
Για να εξασφαλίσει την ασφάλεια των μονάδων ψυχαγωγίας της η Harman έχει δημιουργήσει μια δομή στο λογισμικό της, που αποτελείται από πολλαπλά επίπεδα. Με τον τρόπο αυτό απομονώνονται οι λειτουργίες του αυτοκινήτου που ελέγχονται από το σύστημα ψυχαγωγίας, όπως για παράδειγμα αυτή των φρένων, από τις υπόλοιπες συσκευές τις οποίες χειρίζεται, όπως είναι το CD player. Επίσης μέσω αυτής της αρχιτεκτονικής του λογισμικού, παρέχεται η δυνατότητα απομόνωσης εφαρμογών που εγκαθίστανται μετέπειτα από τον χρήστη, σε περίπτωση που προκύψουν επιβλαβείς για το αυτοκίνητο.
Άλλα επίπεδα του λογισμικού ασφαλείας θα επιτρέπουν την άμεση αναβάθμιση των συστημάτων πολυμέσων του αυτοκινήτου, αλλά θα παρέχουν και ασφάλεια στον κεντρικό εγκέφαλο του αυτοκινήτου από εξωτερικές προσπάθειες παραβίασης.
Η Harman υποστηρίζει ότι τα συστήματα της είναι θεωρητικά αδιαπέραστα, ειδικά όταν έχει να κάνει με ευαίσθητα προσωπικά δεδομένα όπως είναι οι αριθμοί πιστωτικών καρτών. Η εταιρία βρίσκεται ήδη σε συζητήσεις με κατασκευαστές αυτοκινήτων για την εφαρμογή αυτού του συστήματος σε οχήματα.
[learn_more caption=”Δελτίο Τύπου”]
HARMAN RESPONDS TO NEW SECURITY CHALLENGES POSED BY RISE OF CAR CONNECTIVITY
- Prospect of cyber attacks on vehicles rises with the popularity of car connectivity
- Almost 60% of buyers concerned about possibility of car hacking
- Automotive electronics giant HARMAN pioneer in new field of automotive cyber security
Automotive electronics giant HARMAN is pioneering the new field of automotive cyber security, as the prospect of cyber attacks on vehicles becomes an increasingly serious one. More and more users are embracing the ‘connected car’ and, in theory at least, any form of wireless link – even via a separate mobile phone or tablet – could provide the conduit that hackers need to launch an attack.
“A few years ago the concept of automotive cyber security was largely confined to industry experts,” says HARMAN’s Asaf Atzmon, Director, Business Development and Marketing, Automotive Cyber Security. “Now it’s a topic that consumers are asking about. According to a recent survey, in some countries as many as 59 per cent of buyers are actively concerned about the prospect of car hacking.”
There seems to be a unique brand of fear associated with the idea of car hacking. One minute you’re driving down the road merrily listening to Radio 4 and the next someone remotely hijacks your car. Brakes jammed on in the middle of the motorway; headlights disabled in the dead of night; stereo suddenly playing Justin Bieber. None of it bears thinking about.
Of course, the reality is rather different. To date, there hasn’t been a single instance of malicious car hacking – the examples that have made the headlines all involved engineers or researchers experimenting under controlled conditions. In most cases it also required a cable to be physically plugged into the car.
HARMAN has devised a specially-developed 5+1 security framework which consists of a series of layers that protects the car’s head unit from being compromised and used as a portal into the in-vehicle network (something which could jeopardise safety critical systems). It can be thought of like the layers of an onion:
- At the deepest level, a secure hardware platform provides a safe place to store cryptographic keys and execute highly-sensitive operations in a secured manner.
- Safety-critical functions are isolated from the infotainment system using what’s known as a hypervisor. This concept – originally developed for supercomputers – allows two completely separate operating systems to run off the same hardware. It makes it extremely difficult for an infection on one side of the system to spread to the other.
- The next level controls access to the memory, storage and peripherals. It essentially determines who has access to what. If, for instance, your CD player suddenly wants to control the brakes it’s a good indication that something is wrong.
- Next comes the sandbox function. This keeps newly downloaded applications separate from the core system so they can be disabled and removed if they’re found to be harmful.
- The fifth level is the network protection system. This controls the flow of information into and out of the car, looking for any signs of intrusion. Working on two levels, ECUSHIELD turns the vehicle’s ECU into an Intrusion Detection and Prevention (IDS/IPS) system and smart firewall to protect critical communications within the car. It continuously monitors the vehicle to provide real-time detection of malicious communications and prevents them from reaching the vehicle’s critical systems. Meanwhile, TCUSHIELD protects infotainment and telematics systems. Also using IDS/IPS technology, it integrates with existing telematics units and uses highly advanced algorithms to protect both internal and external networks so a vehicle can operate safely while still monitoring and reporting to an external control centre. This level has the ability to spot patterns and uncover a threat, even if the threat is attempting to disguise itself as a legitimate function such as a software update.
- The final ‘plus one’ level is the ability to install over-the-air (OTA) updates to various systems within the car such as the navigation, engine management and infotainment systems. By keeping the software up to date, it helps to ensure that the car is protected at all times.
All these elements combine to produce a virtually impenetrable shield around the safety-critical functions and those which may contain personal data, such as credit card information. HARMAN is already working with a number of car makers to employ this technology on future models.
“Ultimately, it’s all about eliminating the risk of intrusion,” concludes Atzmon. “The car industry will need to reassure consumers that their connected cars are safe. By 2020 it’s expected there will be nearly a quarter of a billion of them on the world’s roads. This number will continue to grow but only if the car industry can provide the protection that those consumers have to come to expect from their other electronic devices.”
About HARMAN
HARMAN (harman.com) designs and engineers connected products and solutions for automakers, consumers and enterprises worldwide, including connected car systems, audio and visual products, enterprise automation solutions and connected services. With leading brands including AKG®, Harman Kardon®, Infinity®, JBL®, Lexicon®, Mark Levinson® and Revel®, HARMAN is admired by audiophiles, musicians and the entertainment venues where they perform around the world. More than 25 million automobiles on the road today are equipped with HARMAN audio and connected car systems. The Company’s software services power billions of mobile devices and systems that are connected, integrated and secure across all platforms, from work and home to car and mobile. HARMAN has a workforce of approximately 29,000 people across the Americas, Europe, and Asia and reported sales of $6.7 billion during the 12 months ended March 31, 2016. The Company’s shares are traded on the New York Stock Exchange under the symbol NYSE:HAR.
[/learn_more]