Building trust in future connected vehicles
Road vehicles are increasingly streaming data to and from the highway infrastructure, as well as between each other – especially in the case of self-driving cars. This demands more rigorous standards that encompass new threats to passengers and pedestrians. The EU has identified aspects of the use of autonomous vehicles which need consideration. The issue of networked cars and cybersecurity throws up its own issues which the EU-supported SAFERtec project analysed. The team then put forward a framework for assuring the security, privacy, reliability and safety of modern vehicles. The project’s consortium focused on two elements of modern automotive technology related to vehicle-to-infrastructure (V2I) communication: the short-range communication link between the vehicle and roadside infrastructure, and the cellular communication link to the cloud-based services. “We did not deal with the introduction of new cybersecurity controls or solutions, but rather tried to comprehensively evaluate the available technology,” says Angelos Amditis, project coordinator of SAFERtec. Numerous approaches have been attempted in the past, including the Common Criteria standard ISO/IEC 15408. These frameworks require an exhaustive series of evaluation tasks to be carried out to approve a new wireless technology. “Evaluating the security level of a system is a very complex, expensive and time-consuming task,” explains Amditis. “The complexity of assurance assessment activities grows almost proportionally with the complexity of the system to evaluate, which itself tends to grow exponentially with its size.” By developing a framework that builds on Common Criteria but is carefully designed for connected vehicles, SAFERtec reduces the time and cost associated with this evaluation process without sacrificing the thoroughness of the checks. “The end product is, to the best of our knowledge, the most complete security assurance framework for the connected vehicle paradigm,” he notes. SAFERtec combines several existing methodologies, including Expression of Needs and Identification of Security Objectives which is an IT risk management guide developed by the French government, and Secure Tropos, a security process used in software development. The new framework also adds privacy requirements to the flagship standard for automotive risk analysis, and provides a modular Protection Profile document which describes the relevant security requirements for the connected vehicle. “To ensure that we account for a large spectrum of threats, we have adopted best practices from industrial fora and also have introduced a modular way to apply the Common Criteria identification of the security objectives and requirements,” says Amditis. If a vulnerability is identified during this evaluation, the developer is obliged to fix the product before it can be used in a vehicle. The project, coordinated by the Institute of Communication and Computer Systems in Athens, Greece, received EUR 3.8 million in support from the EU’s Horizon 2020 fund. Not only did this provide the funding to put together a consortium, notes Amditis, it also covered the cost of developing real-world V2I test beds to trial the SAFERtec framework. The framework is expected to be used by accredited Common Criteria evaluation laboratories, which are employed by car manufacturers and automotive companies to certify new products. Industrial and academic partners are also expected to use it. “Two projects closely related to the SAFERtec work, CitySCAPE and 2CeVau, have already been funded,” adds Amditis. In both cases, a large part of the consortium involved includes SAFERtec partners. “There is an ever-increasing need to establish trust for these vehicular technologies,” concludes Amditis, “and the extent to which the proposed security assurance evaluation tasks are cost-efficient directly relates to the establishment of this trust.”
Keywords
SAFERtec, connected, framework, vehicle, technology, assurance, criteria, standard, reliability, safety
