世界上第一個基于云端的網聯車安全解決方案誕生于以色列,目前正在各地的整車廠進行測試。
黑客究竟可以對一輛車做什么呢?答案是什么都能做。網絡安全專家一邊指著標有數十個攻擊向量的汽車原理圖,一邊感嘆道,如今的汽車簡直就是待宰的肥羊。(譯注:所謂的攻擊向量,就是容易受到入侵的安全漏洞。)
對前老板懷恨在心,想要遠程鎖住他的F-150,給他制造點“驚喜”?小菜一碟。來點難度更高的?例如鎖上全國范圍內的F-150,1個小時后再解鎖?這可能會讓惱怒的車主對福特群起而攻之。不過,和其它一些黑客攻擊所具備的破壞力相比,這些都還只是小打小鬧——黑客還可以遠程操控車輛的剎車和轉向,甚至大范圍植入勒索軟件。
Upstream Security是一家總部位于以色列的網絡安全公司。Upstream的副總裁Dan Sahar表示,“我們和很多‘白帽’黑客(堅持正道的黑客)合作,其中一位號稱是汽車黑客中的勒布朗·詹姆斯。” Sahar本人也是一名計算機科學家,他說,“你如果問這位黑客該怎么保障車輛的安全,他會說沒有辦法。電子節氣門控制器、動力總成ECU的編碼都不知道用了多少年了。整車廠沒有控制權,而且他們的供應商和零部件都是共用的。”
Sahar還說,“這意味著如果有一家一級電子系統集成商犯了安全錯誤,所有人都會遭殃。過去,汽車行業幾乎沒有什么網絡安全問題,但是情況在迅速惡化,現在可能會發生極其嚴重的安全事件。這不僅會危及車企和科技公司,也會對普通大眾造成實質性的傷害。”
無限的處理能力
Sahar在接受SAE《汽車工程》雜志的采訪時表示,未來十年,網聯車的數量有望達到2億輛,自動駕駛汽車也會不斷增多,但與此同時,汽車面臨的風險也在與日俱增,甚至可能會出現越來越多新的威脅。Sahar等網絡安全專家認為,出行服務(MaaS)供應商和快遞公司的車隊,以及企業或政府的租賃車隊都將面臨越來越多的網絡攻擊。
Sahar表示,“一旦連上網,汽車所面臨的威脅就會急劇增加。這就是風險。”那么,企業到底應該如何保護自身安全呢?Sahar認為,把安全保護層建在車內只會讓網聯車離黑客更近,而且會讓車輛更易受到新型威脅的攻擊。最佳的解決方案是把安全保護層建在云端。這也是Upstream的兩位創始人Yonatan Appel和Yoav Levy在近兩年前創立公司時所秉持的觀點。Appel和Levy都是前以色列國防軍的資深網絡安全專家。
Sahar還說,“在汽車網絡安全公司里,只有我們沒有把安全系統放在汽車、車聯網服務器和移動應用程序服務器中。其它公司都還在研究車載安全設備。但就算你設了防火墻,兩年后它就有可能失效,因為CPU會過時。”
“但如果把安全層保護部署在云端,你就會擁有無限的處理能力。如果需要提高處理能力,那就多加幾臺服務器。你也可以輸入新的編碼,遠程更新防御系統。但如果是車載安全設備,你就不能靠輸編碼更新設備。”與此同時,未來網聯車所具備的強大的數據收集能力,也會為整車企業帶來不菲的收益。Sahar認為,這也會為Upstream帶來巨大的商機。2018年,這家公司的員工數已增加到了40名。
防范欺騙攻擊
Sahar說,“未來每輛車都會產生并收集海量的數據。汽車行業正在朝著5G時代邁進,這對我們來說是件好事。我們在云端對所有數據流進行集中監控,隨著數據量和安全威脅在5G時代不斷增加,輸入云端的信息也在不斷增多,我們的監控就會變得更加有效。”
Upstream將采用自主開發的人工智能、機器學習和高級數據分析工具,標記出正常流量和異常流量。
Sahar舉了一個檢測的實例,“如果我們看到車輛收到一個未經授權的OTA更新請求,車輛又隨后發出‘OTA更新完成’的反饋,我們就會把它標記出來,去查究竟是誰發出的更新命令。我們以前也遇到過類似的事情,最后發現它們是欺騙攻擊。我們的目標是在攻擊到達網絡之前就能檢測到威脅并將其攔截。”
Sahar表示,監控的整車廠數據越多,Upstream的安全解決方案就越有效。“各地整車廠使用的零部件都是來自同樣的1級供應商。很多車型的硬件也很相似。如果我們發現寶馬的系統安全出現了異常,可能其它品牌也有一樣的問題。”
Upstream的監控系統還可以檢測到出行服務的異常狀況,比如根據數據足跡偵測租車詐騙犯罪。Upstream目前擁有十幾家整車廠客戶,一些客戶在最初階段就納入了Upstream的產品,另外一些則是北美、歐洲和以色列的出行服務公司。去年春天,Upstream和一家總部位于東京的、名為Asgent的網絡安全開發分銷公司建立了戰略合作關系,一起為日本的整車廠和車隊提供汽車網絡安全解決方案。
Sahar表示,“離量產網聯汽車的到來已經沒剩幾年了,汽車行業必須在此之前解決好安全問題。這是一場貓鼠游戲。汽車上的安全漏洞很大,很容易受到入侵。Upstream正在努力解決這個問題。”
The first cloud-based solution for connected vehicles was born in Israel and is now pilot-testing at global OEMs.
What can hackers do with a car? Just about anything they want. A typical vehicle today is a potential sitting duck, cybersecurity experts say. They point to ghosted schematics of cars showing dozens of ‘attack vectors’—the places that are in various ways vulnerable to security intrusions.
Lock the doors of your former boss’s F-150 remotely, for spite and kicks? Too easy. How about something a bit more ambitious—like locking the doors in F-150s across the state and keeping them locked for an hour? Angry owners might diss Ford, but the fallout would be minor compared to the damageand pain inflicted by a remote hack of vehicle brakes or steering. Or a mass hack involving ransomware.
“We work with a lot of ‘white hat’ guys, one of whom is ‘the LeBron James’ of car hackers,” noted Dan Sahar, VP of Product for Israel-based Upstream Security. “Ask him how to secure at the vehicle level and he’ll tell you it’s impossible. The electronic throttle control, the powertrain ECU—when was the code written for these? The OEMs often don’t have control, and they share many suppliers and components,” asserted Sahar, a computer scientist.
“If one of the Tier 1 electronic-systems integrators makes a mistake regarding security, everyone can get hit,” he said. “The industry has rapidly moved from having zero security problems to a world in which very bad things can happen, not only to an enterprise and an IT organization, but physical damage to people.”
Infinite Processing Power
The danger becomes exponential with an estimated 200 million connected and increasingly automated vehicles expected to be in use by early next decade, Sahar said in an interview with Autonomous Vehicle Engineering. They’ll be exposed to even more new threats. Security attacks on vehicle fleets including MaaS (mobility as a service) providers, delivery companies and those leased by businesses and government agencies are likely to increase, Sahar and other experts believe.
“The second you enable connectivity, you increase the threat level dramatically. That’s the risk,” he said. How, then, does an enterprise protect itself? Applying the security layer inside the car will always put connected vehicles steps behind the hackers and more vulnerable to the most recent threats, Sahar argued. The optimum place for security instead is in the cloud, reckoned former Israeli Defense Forces cybersecurity veterans Yonatan Appel and his colleague Yoav Levy when they founded Upstream nearly two years ago.
“We’re the only company in the automotive cyber space that places the security in the cloud—between the car, the telematics server and the mobile-applications server,” Sahar explained. “The others still pursue the in-vehicle path. If you firewall something it will be obsolete in two years. CPUs get old.
“But in the cloud, I have infinite processing. If I need more power I just add more servers. And the defenses can be updated remotely with new code. You can’t do that by putting code in the car.” The formidable data-collecting ability of future connected vehicles is a potential pot of gold for OEMs and Sahar sees significant opportunities for his company, which has grown to nearly 40 employees in 2018.
Preventing Rogue Attacks
“Data generation and collection per vehicle will be enormous. The industry moving to 5G is good for us—more data and more risk in terms of security threats. And this benefits the effectiveness of our centralized position in the cloud where we can monitor every bit of traffic that goes on there,” he explained.
“We map out what’s normal traffic and what’s not,” using Upstream’s artificial intelligence, machine learning and advanced data-analytics tools.
Sahar cites a real-world detection example: “If we see an OTA update sent to the car without authentication, followed by an ‘OTA update complete’ response from the car, we flag it. Who told it to do an update? We’ve seen these events—they’re rogue attacks,” he said. “The aim is to detect and prevent threats before the reach they network.”
More data from more OEMsthat Upstream monitors means more effective security solutions, according to Sahar. “The global makers all use components from the same Tier 1s. The hardware in many cases is similar. If we found a security anomaly in one area of a BMW, for example, we’d then apply it on others.”
Upstream monitoring also could spot anomalies in MaaS activities— for example, fraudulent use of rental vehicles based on the data footprint. Upstream currently has nearly a dozen OEM customers, some using the product in advanced-pilot stage, as well as MaaS fleets in North America, Europe and Israel. Last spring, the company entered a strategic partnership with Asgent, a Tokyo-based developer and distributor of network security to provide automotive cyber-security solutions to OEMs and vehicle fleets in Japan.
“The industry now has a deadline to ship connected cars within a few years. They have to get the security done,” Sahar opined. “Autos is a cat-and-mouse game and the security holes are big and easy to penetrate. We’re in the process of changing that,” he said.
Author: Lindsay Brooke
Source: SAE Automotive Vehicle Engineering Magazine