ESCRYPT Multi-layered protection concepts

Modern vehicles are a nodal point in the Internet of Things. While this increases convenience and versatility, it also presents a significantly bigger target for cyber attackers. Successfully minimizing the risks associated with manipulation and data abuse calls for multilevel protection concepts that take into account the complexity of modern vehicle architecture.

An integrated solution for secure vehicle architecture is based on interlocking and complementing protective measures on all relevant system levels. Each of these levels presents its specific challenges with regard to potential attacks and their impact, and therefore requires a dedicated protection concept. ETAS’ “defense in depth” approach integrates several defense levels with specific products and services to create an overall concept.

Multiple lines of defense

1. Secure control units: protecting data and firmware

Security begins at the control unit level – this is the vehicle’s nerve center. ECUs produce, process, and exchange large amounts of sensitive data over the on-board network, which can become a target of cyber-attacks. Solutions for secure booting, secure debugging, software signing, and hardware security modules help to protect data and firmware at the ECU level.

2. Secure on-board network: protecting the integrity and confidentiality of critical network signals

Communication between the individual control units must be protected against manipulation, data theft, and attacks from potentially compromised ECUs. This requires secure protocols, strong key management, and secure on-board communication (SecOC).

3. Secure E/E architecture: domain separation and secure gateways

Network domains need to be isolated so that network components such as interfaces, the infotainment system, and safety-critical systems remain separate and therefore protected. Firewalls block any attempt by unauthorized external parties to send commands to individual devices or to the entire network. An intrusion detection system (IDS) reports anomalies in the network communication, allowing extensive prevention measures to be rolled out across the entire vehicle fleet.

4. Securely connected vehicle: protecting the interfaces

The vehicle is connected to the outside world via a number of interfaces. Secure communication protocols protect the connection to the cloud, a firewall shields the vehicle network, and vehicle-specific certificates protect firmware updates.