As the Internet of Things continues its march across all industries, the automotive sector is accelerating forward with new 'connected cars' that link to things like smart home devices and smartphones.
But are the security implications being taken seriously? We spoke to Tony Dyhouse, knowledge transfer director of the Trustworthy Software Initiative, to find out.
- What were the stories that caught your eye at CES 2016?
The announcement by Ford that they are exploring how a connected car could talk to your smart home and vice versa. Current plans are for Ford to connect its vehicles to smart devices in the home such as the Amazon Echo and Wink. Anyone familiar with IT security will know that the Wink, along with MiOS Vera, has been found to be vulnerable to attack through malicious HTTP requests.
Security researchers have warned that, if not addressed, such flaws could give rise to a new type of criminal – one that is able to unlock doors and disable security monitoring by finding the weak point in a network of connected devices.
- The Internet of Things continues to speed forward, have manufacturers started to take security seriously yet?
Ford, and the motor industry in general, are definitely taking things seriously but there is still some way to go. Last July US Senator Ed Markey released a report that examined security and privacy gaps in connected car technologies. It concluded that security measures to prevent remote access to vehicle electronics are inconsistent and haphazard across all automobile manufacturers. Among the manufacturers surveyed only two were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time. Most were unable to describe effective means to secure the data.
- What are most manufacturers lacking when it comes to securing their connected devices?
Security is not a key feature of ISO 26262 - the existing industry standard governing automotive software design. Under the current framework there is a real risk that applications that allow your vehicle to connect to the home are being rushed on to the market before all the vulnerabilities and flaws have been ironed out.
Only this month GM announced a new bug bounty programme aimed at publicly crowd-sourcing the notification of vulnerabilities in the increasingly complex cyber-systems within its connected cars. The current standard does not address the TSI’s five fundamental tenets of trustworthy software of safety, security, resilience, availability and reliability. Most manufacturers only focus on one of one or two of these elements during the design phase.
- The connected car is also a growing trend, what are the main security implications?
BMW’s recent failure to encrypt its Connected Drive system to a HTTPS standard-a commonly used standard of encryption used in many online payment facilities and websites-has amply demonstrated the dangers of rushing insecure software innovations to market without basic protections. Consumer entertainment systems are made to function as simply as possible for the consumer. When you join together two devices that each has vulnerabilities you end up creating many more vulnerabilities.
A home entertainment system is not designed with security in mind in the same way as an in-car safety system. It’s designed to welcome as many devices as possible to the network. Thus forms a ‘mesh network’ where just one weakpoint can allow every device in the network to be infiltrated. Connecting cars to such home networks carries risk because hackers will always look for the most vulnerable element to exploit to help them unlock part of the network they really want to attack. Allowing people to control their car locks and monitor fuel from their sofa, leaves them vulnerable to ‘man-in-the-middle’ hack attacks. Worst case scenario your car could help a criminal gain access to your home or your smart kettle could help a criminal steal your car.
- What do car manufacturers need to do to win over consumers with the connected car?
It is essential that the manufacturers increase the rigour of their in-house testing of software and systems. The automotive sector has traditionally been strong on safety. However, current safety tests use known data inputs to test the software’s ability to function correctly.
They do not take into account the possibility of malicious attempts to hack the software thereby presenting the systems with unexpected data inputs. The TSI considers that the best step is to design and test software to ensure it is sufficiently trustworthy for a user's needs before it is released. A bug bounty programme can then be used to supplement this, with all information and subsequent updates to the software code being documented and tested in accordance with a Trustworthy Software Management System.
- What trends are you expecting to see in 2016?
Since the ‘Internet of Things’ allows previously isolated devices to share the same network, old distinctions between the security of software in the home and in-car software no longer apply. When everything is connected it only takes one software vulnerability to put cars and homes at risk.
We expect more connected-car vulnerability stories to make the headlines in 2016 along with a greater awareness among manufacturers of the importance of “getting it right” at the development and test phase and less reliance on asking public volunteers to be their test team.