|Yair Allouche, IBM cybersecurity researcher|
Editor’s note: This article is by
Yair Allouche, researcher at IBM’s Cybersecurity Center of Excellence in Beer
my sister reluctantly upgraded to a smart phone, she was concerned that her
location, contacts, personal calendar, and even banking information would be
vulnerable to cybercrime. And she was right to be concerned. Most of us made
the decision to give up a certain amount of security in exchange for the
wondrous and practical applications that we can no longer live without. But how
many of us are making that same conscious decision when we buy a new car?
IBM cybersecurity researchers in Israel are developing protection
for connected cars by providing cloud-based intelligence to identify cyberattacks
and suspicious activity that can endanger the car or its occupants. By offering
car manufacturers a hybrid system that can collect, analyze, and
cross-reference massive amounts of data from different vehicles, these
researchers are bringing IBM’s security smarts from the data centers to the
What makes cars so vulnerable?
Today hackers can get inside your smartphone and
steal identities or personal information, access emails, or in extreme cases,
hack into our banking apps. This in itself is pretty scary, but so is the idea of hackers taking over your car’s steering or
Cars are now more digital than ever. And with more than 100
distributed computer systems and 100 million lines of code in a typical car,
there are plenty of components that need protection from hackers. Why do cars
have 7 times more code than a Boeing 747? This comes primarily from the fact
that today’s cars are assembled from different parts rather than manufactured
from start to finish in one factory. As a result, the central door-locking
mechanism could easily be the same component across several different car manufacturers. This
is problematic from the point of view of security because it means that any
vulnerability breached in one car leaves the others open to hacking.
A recent study stated that by 2018, 420 million automobiles will be connected, representing
a huge growth over the 45 million connected vehicles in 2013. If the
frequency of software threats for the auto industry is similar to that of PCs,
the need for a sophisticated system that continuously remains updated becomes
critical. By applying the expertise from the IT world to cars,
IBM can offer a solution that never stops working and is always updated to deal
with new types of attacks.
Intra- And Inter-Vehicle Security
At our Cybersecurity Center of Excellence in
Beer Sheva, Israel, my team of researchers decided to take a holistic approach to car security.
On one hand, we want to protect the car so that hackers can’t take over
control by changing the car’s speed or direction, or applying the brakes, for example. On the other hand, we want to protect the data stored in and sent by the
car’s systems. This data is used to send messages if the car was stolen, or if the
driver had a heart attack, or simply about its speed and location. If abused by
hackers, false data can be injected to create fake traffic jams that reroute
vehicles, submit false information to insurance companies for pay-as-you-drive packages, or even determine if someone is not at home. Each digital
component in the car that is connected to an outside system is vulnerable.
Most automotive security systems focus on in-car
security, similar to the way an anti-virus program might work on our home
computer. This may include isolating the car’s infotainment and critical drive
systems, or even the inter-car connections that are used to prevent accidents. Our
research technology goes beyond the level of the individual car. By taking
into account all cars' data channels, we can build a system that uses the
synergy between the many sources. For example, by collecting and analyzing
data from many cars, we can cross reference them to validate that the
information coming in is correct. If one car says it’s traveling at 50 kmph
and all the other cars near it are traveling 90 kmph then obviously something
is not right.
Our goal is to offer security visibility by identifying suspicious
activity and alerting the drivers or car manufacturers — even without having to
install a specific component in the car. Our hybrid solution includes a
component that sits in the car, but its intelligence sits in the cloud. This
allows us to continuously protect the car and driver, remaining connected at
all times and not only when the car goes in for service.
This new solution also offers more control and
transparency over what information is being collected about you from your car. Since
the data collected includes information on where your car is every single
second of the day, our technology will allow users to access services to help
secure the car, but will only use personal identification if the driver agrees
to share it.
By building a protective solution whose architecture
allows it to adjust itself to new threats as they arise, we are giving the
automotive industry a boost in the right direction. With IBM’s vast
amounts of IT security knowledge and assets — alongside new algorithms from
Research — we can offer true protection for connected cars and the data being
collected from them.
Our next step is targeted at bringing the technology
to market. We recently demonstrated a prototype solution for securing vehicles
at the International Motor Show in Frankfurt, Germany. Read more about the demo, here.
Labels: automotive, connected cars, cybersecurity, hybrid cloud, IBM Research - Haifa, security