Vetronics Resilience

Modern cars contain a myriad of electronic controllers that are segregated in variety of networks such as CAN, FlexRay, LIN, etc. to carry out functional tasks. Vehicle electronics (Vetronics) perform crucial functions such as braking, steering, cruise control, driving assistance, infotainment etc. Traditionally the vehicle networks have been developed to maintain the integrity and safety of the vehicle. They have been proven reliable in performing safety related tasks but, are mostly unprotected against malicious attacks. With the advent of connected car, and 3g/Wifi/internet connection to the vehicle these safety related networks are exposed to connections from the outside world which, makes them vulnerable to security attacks. A malicious attack through the internet connection on any of these safety related controllers and networks can cause an accident and endanger the safety of the passenger. For example, a firmware update on the brake controller of the vehicle can have a malicious component the triggers to de activate the brakes after travelling for a certain number of miles.

Security in vetronics has always been an afterthought. Relevant research in this area has looked at application of security techniques of encryption, authentication, and authorisation in the vetronics environment. Security itself is computationally expensive on the low powered controllers in vetronics and there is also a need to look at approaches that go beyond the traditional fortress model of security.

Project aims

The aim of the project is to investigate application of the concept of resilience in the vetronics environment. Threat to vetronics components could be from an internal source such as a malicious firmware on the vehicle or from an external source through the internet connection to the vehicle. It is vital to expand the current view of vetronics security to encompass behaviour that contributes to the survivability of vehicle in spite of malicious attacks, intrusions, or accidents.

Resilience is the ability of the system to complete its mission in a timely manner. In essence, if the brakes of the vehicle are attacked in real-time through a malicious entity, the vehicle should be resilient enough to protect the brakes, detect an intrusion/attack and maintain the availability of the braking functionality during and after the attack. Central to the notion of resilience is the capability of the system to fulfil its mission, even if significant portions of system are damaged or destroyed.

Project findings and impact

The concept of resilience was applied in vetronics architectures. Proof-of-concept demonstrator was built using a safety-critical network cluster Time Triggered Protocol (TTP/C). The project findings and the demonstrator was presented to the VRC steering committee and industry partners. The research has impacted in creating awareness on the issue of security in vetronics and has generated funding in the following years of completion of the research.

Research findings were also presented and discussed at European workshops and have impacted in the development of open standards and architectures where, security was considered as a requirement during development and not in hindsight.