This document discusses cyber security challenges for connected cars. It notes connected cars have multiple attack surfaces through the internet, cloud, communication with other cars, and in-car systems. The document advocates for a layered security approach, including boundary security, transport-level security, and fine-grained data-centric security. It describes using Real-Time Innovation's Connext DDS Secure product to implement fine-grained security at the individual data topic level to control access and ensure proper system operation in a secure manner.
3. Industrial IoT Key System Characteristics
• Reliability
• Scalability
• Safety
• Security
• Resiliency
Large scale, heterogeneous, built with multi-vendor components, often broadly
distributed and evolving
4. It’s All About the Data
Data centricity enables interoperation, scale, integration
Unstructured files
Database
Data Centricity Data at Rest
Messaging middleware
DataBus
Data Centricity Data in Motion
6. Unit DataBus
Unit DataBus
Sensor-to-Cloud
• Connect…
– Fast
– Seamless
– QoS controlled
– Secure
– Data centric
• Multiple Platforms
• Various Transports
In-Car
Platform
V2V & V2X
Public Internet Cloud DataBus
Site DataBus
Fleet
Management
Unit DataBus
Sense Act
Think HMI
Machine DataBus
7. Connected Car: Security Challenges
• Sensor to Cloud Integration
• Multiple Attack Surfaces
– Internet
– Cloud
– Other cars
– In-car
• Connecting Autonomous Cars
8. Cloud Services
Connected, Autonomous Car
Sensing
Planning
Radar, LIDAR Vehicle Platform Navigation
Error
Management
Visualization
Situation Analysis
Situation Awareness
Vision Fusion
Cameras, LIDAR,
Radar
…
Data Fusion
LoggingVehicle Control
Localization
DDS Bus
Traffic Maps
DDS Bus
10. Threats
• Unauthorized Subscription
• Unauthorized Publication
• Tampering & Replay
Alice
Bob
Eve
Trudy
Trent
Mallory
Local machine is assumed to be trusted
12. Summary
• A connected car has multiple attack
surfaces, many exposed publicly
• Risk, especially with self-driving cars, is high
• The system needs reliable, flexible, real-
time, secure connectivity
• Security should be part of the architecture
design, embedded in multiple system layers
• Connext™ DDS Secure supports fine
grained security