Holistic Solutions for Automotive Security · Automotive security 7/8/2016 Infotainment System...

[email protected] | ETAS/PSC-ECY | Frederic Stumpf | © ESCRYPT 2016. All rights reserved, also regarding any disposal, exploitation,

reproduction, editing, distribution, as well as in the event of applications for industrial property rights.

A holistic approach to Automotive Security

Dr. Frederic Stumpf

Karlsruhe, 11.07.2016

KIT – Karlsruhe Institute of Technology



2006 Graduated in Computer Science at TU Darmstadt

2006 –

2009

Research Assistant at IT Security Group headed by Prof. Dr.

Claudia Eckert at TU Darmstadt

Research interests:

• Trusted Computing and Secure Operating Systems

• Security Protocols

• Embedded Security

2009 PhD in Computer Science (Dr. rer. nat.) with honors

2009 –

2010

Project Manager at Fraunhofer SIT, Munich

2010 –

2011

Head of Department “Embedded Security and Trusted OS”

at Fraunhofer SIT, Munich

2011 –

2013

Head of Department “Embedded Security and Trusted OS”

at Fraunhofer AISEC, Munich

2013 – Branch Manager and Product Manager at ESCRYPT GmbH,

Stuttgart

7/11/2016 2

Short CV



ESCRYPT provides a

variety of products and

services suited to protect

devices and applications,

to secure the back-end

infrastructure, and to

protect business models.

ESCRYPT's products are

applicable to all industries

with a need for

embedded security.

7/10/2016

ESCRYPT – Embedded Security

Company Profile

3

ESCRYPT GmbH

Foundation: 2004

Shareholder: 100% ETAS GmbH (Robert Bosch Group)

Headquarter: Bochum, Germany

Employees: 100 security experts world-wide

Management: Martin Ridder, Dr. Thomas Wollinger

Locations

Germany (Berlin, Bochum, Munich,

Stuttgart, Wolfsburg), UK (York)

Europe

Location

USA (Ann Arbor)

America

Locations

Japan (Yokohama), Korea (Seoul)

Asia-Pacific

Portfolio

Security consulting

and services

Security products

Customized security

solutions


reproduction, editing, distribution, as well as in the event of applications for industrial property rights.7/8/2016 4

An holistic approach to Automotive Security

Agenda

Motivation and Introduction to Automotive Security

Chrysler Hack – An example

Holistic Automotive Security Solutions

• Secure On-Board Communication

• Secure External Communication (Car-2X)

• Secure Platforms


reproduction, editing, distribution, as well as in the event of applications for industrial property rights.5

Automotive Security

Daily News on Cyberattacks

23.10.2015



Demonstrated attacks allow:

Control over safety-critical vehicle systems, e.g. to issue brake commands

Theft: to unlock doors and start engine without key

Surveillance: to track car, to record and transmit data from in-cabin microphone

() Koscher et al: Experimental Analysis of a Modern Automobile, S&P 2010

Rouf et al: Security and Privacy Vulnerabilities of In-Car Wireless Networks, USENIX Security, Aug. 2011

Checkoway et al.: Comprehensive Experimental Analyses of Automotive Attack Surface, USENIX Security, Aug. 2011

Miller, Vallasek.: Remote Exploitation of an Unaltered Passenger Vehicle, DEFCON 2015

ABS

ABSOBD

ECU

ECUInternet

Smart Phone

AppStoreHU

CAN

Demonstrated Attacks on Vehicle

Smart phone exploit of

Bluetooth stack

vulnerability

Malicious App on the user’s

(paired) smart phone can

execute arbitrary code on the

car’s telematics unit.

Exploit of media file

(WMA) parser vulnerability

Malicious WMA file plays fine

on PC but allows to send out

arbitrary CAN messages when

played in car’s media player.

Bluetooth Pairing

Sniffing telematics unit’s MAC

address and brute-forcing PIN

allows to pair attacker’s

Bluetooth device.

Exploit of vulnerabilities in

voice modem code

Dialing the car’s number from an

office phone and playing a

malicious MP3 file into the receiver

allows to compromise the car.

Hijacking Wi-Fi Pass-

Thru Device

Hijacking pass-thru device via

Wi-Fi lets pass-thru device

send arbitrary CAN messages

when connected to the car.

23.10.2015



Automotive security

7/8/2016

Infotainment System Compromise external network connections

Violate privacy (last trips, contacts..)

Unauthorized feature activation

Engine ECU Tuning via

manipulated software

or parameter sets

Drive Recorder Tachograph forgery

Steal sensitive test results

Odometer Mileage tampering

ECU Circumvent restrictions (e.g.

speed locks)

Spy on intellectual property

Create and use counterfeit

parts

Steal a valuable component

Diagnostic Interfaces

(OBD, OBD2, Ethernet, …) Manipulate safety critical parameters

Tamper with internal communication

Steal intellectual property

Vehicle board network Inject spoofed messages

Harm passengers

Suppress safety mechanisms

7

Threats today

Destroy OEM‘s reputation



Chrysler Hack



Chrysler Hack

Chrysler Hack

Vehicle is addressable from within the network

of the mobile connection provider

HeadUnit (uConnect) was remotely

compromised by unauthenticated D-Bus

Messages (TCP Port 6667)− The HeadUnit is directly connected to both CAN buses (named CAN-C

and CAN-HIS)

− HeadUnit OS (OMAP chip) is only able to read from CAN; no write

access possible

− Integrated IOC (V850 chip) can be updated from HeadUnit and has

write access to CAN

Unsigned update of manipulated IOC firmware

was possible− Reverse Engineering of IOC firmware was required

− Build new firmware image including extended functionality (SPI-to-

CAN-proxy)

Send CAN messages to CAN-C and CAN-HIS− No secure communication



Holistic automotive security solution

Secure E/E Platform

Software integrity

Hardware security modules

Secure Onboard Network

Authenticated communication

Security gateways

Firewalling, Intrusion Detection & Response

Access Control, Security Policy Management

Holistic Security Solution Defense-in-depth approach

Security building blocks on each layer

Secure External Communication

Firewalling, Intrusion Detection & Response

Secure Channel, Secure Endpoint Authentication

Key & Identity Management Solution

Holistic automotive security solutions required to conquer the threats of tomorrow



Holistic automotive security solutions

Multi-Layered Security Concept:

Secure in-vehicle communication

Secure external communication

Secure platforms (HW and SW) Components/Technologies and Solutions:

Firewalls/Domain Isolation

Security Gateways (SG)

Runtime SW Integrity Protection

Secure Software Management

Secure Software Separation

Hardware Security Modules

SG

2 3

3

1

6

7

5 7

4

6

1

5

3Security Mechanisms and Approaches:

Strong isolation of CE domain

Inspection and Restriction of Traffic

Prevention and Detection of infections of both

vehicle bus and ECU domain

Hardening of Multimedia and Infotainment domain

End-to-End security of entities communicating with

vehicle via CE domain

Authentication of entities and bus communication

Maintaining a secure software state

1

2

3

4

5

6

7



Secure and Sustainable E/E architecture

HU

Central Gateway with Firewalling Functionality

SG SG

SG

SGIn

fota

inm

en

t Do

ma

in



In-Vehicle Bus Systems



Controller Area Network (CAN)

Reliable communication between control units

Up to 1 Mbit/s

Media Oriented System Transport (MOST)

In-vehicle multimedia services

Up to 24 Mbit/s

FlexRay

Safety-critical high speed communications

Up to 10 Mbit/s

7/9/2016 14

In-Vehicle Bus Systems



ECUs exchange Critical Signals, e.g.

Brake signals

Adaptive Cruise Control

Secondary Collision Mitigation

Torque request signals

Sensor & actuator signalsECU

ECU

ECU

ECU

ECU

Requirements & Security Goals

Protect critical functionality, vehicle

safety and stakeholder assets

Authenticity & Integrity

protection for critical signals

Confidentiality to protect data

Constraints: bandwidth, latency,

performance, safety reqmnts,…

Solution

Sensor protection

by adding

Truncated MACs

Shared keys for

efficient

communication

15

Secure In-Vehicle Communication


reproduction, editing, distribution, as well as in the event of applications for industrial property rights.4/2015 16

Message Authentication &

Freshness Verification

Sender Receiver

Monotonic

counter

Monotonic

counter

sync

CNT

MAC

MAC

generation

MAC

verification

Secret

key K

Secret

key K

Data Data

CNT

full MAC

(128 bit)Input

Data

(arbitrary

length)

TruncationLast rcv.

counter

OK

Data Data



Secure Platforms

An automotive HSM

Main Security Goal

Integrity of ECU Firmware

Automotive Security Use-Cases

Secure Flashing

Secure Boot

Run-Time Tuning Detection

Secure Debug

Hardware Requirements: “Root of Trust”

Protection of integrity and confidentiality

of cryptographic keys

Secure storage (e.g. log entries)

Acceleration of cryptographic mechanisms

Secure execution environment for

cryptographic mechanisms, extendibility

Bosch HSM

Solution -

microcontroller

with integrated

Hardware Security

Module (HSM)

Realization

Specification of requirements

Implemented by several automotive

silicon vendors (Freescale, STM,

Infineon, Renesas)

4/2015



IF Interface

AES Advanced Encryption Standard

DAP Debug Access Port

IRQ Interrupt ReQuest

OCI On-Chip Interconnect

RNG Random Number Generator

TRNG True RNG (physical)

PRNG Pseudo RNG (deterministic)

18

Bosch HSM Architecture

HSM

TRNG

PRNG

Secure

Core

Secure

Local

RAM

AESOCI IF

Dbg Com.

System

RAM

Host

Core

Flash

Code

Data

Register

Debug IF

Shared Area

Secure

HSM

Code

HSM

Data

IRQ

On-Chip Interconnect

Deb

ug

ger

DAP

On-ChipOff-Chip

23.10.2015



Development of HSM was initiated by Robert Bosch

Cooperation with silicon manufacturers: first HSM

now integrated in automotive micro-controllers

Implementations available from multiple sources

Infineon (Aurix),

Freescale/STM (JDP PowerPC),

Renesas (ICU-M)

Freely available to all suppliers (no Bosch license)

Used by newest Motor Control Unit (MDG1) from Bosch

12.09.2014 19

Status of Implementation



Hardware-

based Security

Engines

Internal

Hardware-based

Security Engines

Crypto

Accelerators

Bosch HSM

External

Hardware-based

Security Engines

Hardware

Security Modules

Secure

Authenticators

4/2015 20

Hardware Security Engines

A simple classification



Automotive Challenges for HSMs

Automotive challenges

Sensitivity to costs

Temperature Range

Debug interfaces

Programmable

Processing power

Security challenges

Attack resistance

Attacks on interfaces

Automotive use cases

4/2015

vs

vs


reproduction, editing, distribution, as well as in the event of applications for industrial property rights.12.09.2014 22

Existing solutions

External security IC



Temperature Range

Debug interfaces

Programmable

Processing power

Security challenges

Attack resistance



✘ Temperature

✘ Debug interfaces

✘ Costs

✘ Attacks on interfaces

Non-automotive HSM,

e.g. TPM, Smart Card, Security IC


reproduction, editing, distribution, as well as in the event of applications for industrial property rights.12.09.2014 23

Existing solutions

On-chip security engines



Temperature Range

Debug interfaces

Programmable

Processing power

Security challenges

Attack resistance



On-chip security engines,

e.g. SHE, Crypto accelerators

(✔) , but not programmable

✘ Attack resistance

✘ Weak security for




Bosch HSM



Temperature Range

Debug interfaces

Programmable

Processing power

Security challenges

Attack resistance



Bosch HSM

✔

✔

4/2015

Note: Physical attacks to reveal

cryptographic key (eg., Side

Channel Attacks, Fault Attacks)

only partly relevant in

automotive industry



Hardware security engines

Comparison and classification

Sm

art

Card

s /

Secu

rity

IC

s

Bo

sch

HS

M &

safe

tyco

ntr

oll

er

Cry

pto

Accele

rato

rs1

1 w/o SHE

23.10.2015



Security Building Blocks

a.k.a Security Use-Cases

Main Goal: Protect integrity of automotive system during full

life-time

Secure Platforms

Secure In-Vehicle

Communication

Security Gateways

Secure External

Communication

Secure Boot

• Ensures secure ECU state

• Executes during boot-up

Secure Flashing

• Secure Update of ECU SW

• Keeps software up-to-date

Secure Debug

• Enables failure analysis

• Keeps software debuggable

Runtime Integrity Protection

• Ensures integrity during runtime

• Prevents runtime attacks



Objective: Provide protection against executing unauthorized code

Tasks: Determination of code integrity by “measuring”

code integrity

Validation of integrity by comparing “measured” code with stored code

Execution of code after checks are passed

Realization: HSM directly involved in boot process

HSM halts the booting if code integrity verification fails

27

Secure Boot

Host Core

Stage 1

(Boot SW)

Stage 2

Host Boot

ROM

HSMHSM

Check

Stage 1

Check

Stage 2

Establishment of a chain of trust

7/11/2016



Valid Fingerprints are either stored1. Directly in HSM

2. In flash

Additional keys are stored for eachlayer of SW Protects valid fingerprints

Ensures that only trusted entitiescan generate fingerprints

Fingerprint of SW is computedusing: SWFingerprint = F(Software, Key)

SWFingerprint is compared with storedvalue

28

Secure Boot

Validation of Code Integrity

HSM

Secure MCU

Boot MAC key

App. MAC key AES

Compare

FW MAC keyMAC

SWBoot Fingerprint

Flash Memory

Bootloader

7/11/2016



Objective: Provide protection against unauthorized access into the microcontroller

Tasks: Open debugger during

development and production

Close debugger access when in the field

Reopen in case of failure analysis

Realization: HSM in control of debug access

Challenge-Response Authentication

Explicit involvement of HSM in authentication process

29

Secure Debug

HSM Host

CoreIRQ

System

RAMFlash

SoC

Deb

ug

ger

7/11/2016



CycurHSM – Product Overview

A Security Stack Satisfying Safety Requirements

Main Goal Provide a standardized SW stack for

implementations of the Bosch HSM

Security Mechanisms Cryptographic libraries (AES, RSA, ECC)

Key generation functionality

(TRNG, PRNG)

(Hardware-shielded) protected storage

Characteristics Safety qualification (ASIL-D planned)

Modular Structure

Preemptive real-time scheduling of crypto jobs

Full compatibility to AUTOSAR, SHE,

and SHE+

Full support of HSM technology

(Infineon, Freescale/STM, Renesas)

Components & Elements AUTOSAR Interfaces

HSM Firmware

Drivers

Security Libraries

Customer-specific SW



Real time operating system to satisfy

automotive safety requirements

Characteristics:

Priority-based scheduling capabilities

Predictive worst-time execution

Preempting running tasks with very low latency

Full context saving capabilities of preempted tasks

31

Initial Idea and Approach

CPU

Crypto Peripheral

Task 1

Task 2

execution

stalling

4/2015




Architecture

(Application)

Software

HSM Core

Firmware Security AppsSecurity Apps

AES TRNG Flash

Crypto Service

Application

Interface

IRQ Timer

Real Time

Operating

System

HSM Host Interface

HSM MCALs

HSM Driver

App. 2 App. 3App. 1

AUTOSAR CSM CSAI

Job ManagerSecure Key

StoreCrypto Library

SHE+

Emulation Security Apps

Product Components

Tier 1 Application SW

Silicon Manufacturer

23.10.2015




BOSCH HSM Architecture

TRNG

PRNG

Secure

Core

Secure

Local

RAM

AES

OCI IF

Dbg Com.

System

RAM

Host

Core

Flash

Code

Data

Register

Shared Area

Secure

HSM

Code

HSM

Data

IRQ





Integrated Architecture

TRNG

PRNG

Secure

Core

Secure

Local

RAM

AESOCI IF

Dbg Com.

System

RAM

Host

Core

Flash

Code

Data

Register

Shared Area

Secure

HSM

Code

HSM

Data

IRQ


App. 2

HSM Driver

App. 2 App. 3

App. 1

AUTOSAR CSM

AUTOSAR RTE

Security AppsSecurity AppsReal Time

Operating

System

HSM Host Interface

HSM MCALs

Job ManagerSecure Key

StoreCrypto Library

SHE+

Emulation Security Apps

23.10.2015



Comparison of Automotive Security Use-Cases

Use CaseLegacy µC

w/o SHE or HSMSHE

On-chip

security engine

HSM

TPM/

Security IC

Bosch HSM

Secure Boot

Secure Flashing

Secure Storage (i.e. Log)

Immobilizer Secret Key

Sensor Prot. Secret Key

Feature Activation (Usage)

Runtime Tuning Detection

Secure Debug

Secure external

communication

Secure in-vehicle

communication (MAC-based)

Secure

weak

impossible

or insecure

4/2015



Vehicle Board Network in 2020

Hardware based security solutions

Head-Unit

Au

dio

Central Gateway

SCUUSS Cam

Powertrain BodyChassis Infotainment

Light

Instru-

ment

Door

CCUWLAN

DAS

ACC

ABS

ESP

BM

MCU

TCU

Climate

Multi-

mediaHYD

Blu

e-

too

th Immo-

bilizer

SHE/ Bosch HSM Smart Card IC/UICC On-chip security engine



Vehicle Board Network in 202X

Hardware based security solutions

Head-Unit

Au

dio

Central Gateway

SCUUSS Cam

Powertrain BodyChassis Infotainment

Light

Instru-

ment

Door

CCUWLAN

DAS

ACC

ABS

ESP

BM

MCU

TCU

Climate

Multi-

mediaHYD

Blu

e-

too

th Immo-

bilizer

C2C

SHE/ Bosch HSM Smart Card IC/UICC On-chip security engine



External communication via CCUs

Exchange of service data

Vehicle service data

Increasing driving efficiency

Flashing of Software

Internet Connectivity

Requirements & Security Goals

Protect critical functionality, vehicle

safety and stakeholder assets

Authenticity & Integrity

protection of incoming messages

Confidentiality to protect data

Vehicle Gateway: to ensure E2E

security

Solution

Vehicle Firewall to inspect

communication

Secure communication channels

Security Hardware to achieve secure

vehicle identities

Mechanisms to isolate vehicles

38

Secure External communication

ECU

ECU

ECUECU

Gateway



Secure cars require a Multi-Layered Security Concept:

Secure in-vehicle communication

Secure external communication

Secure platforms (HW and SW)

Security mechanisms on all layers

complement each other to provide

a holistic security concept for enabling

sustainable secure E/E architectures

Security mechanisms and techniques will start being employed in

next generation cars going in production 2020+

39

Conclusions

ECU

ECU

ECUECU

Gateway



Jobs & Career

Jobs & Career

We are a dynamic, internationally-operating and emerging company in the area of

embedded security. As the leading system provider for embedded security world-wide,

we offer our expertise to all industries with security needs. We are looking for highly

motivated people with great ideas who want to realize those in any of our locations.

Please visit www.escrypt.com/company/jobs

You can also follow us on:



ESCRYPT Worldwide

Service Wherever it is Needed

Germany

Berlin • Bochum • Munich

Stuttgart • Wolfsburg

Korea

Seoul

Japan

Yokohama

USA

Ann Arbor

China

Shanghai

United Kingdom

York

Sweden

Lund



ESCRYPT - Embedded Security

HeadquartersLise-Meitner-Allee 4

44801 Bochum

Germany

Phone: +49 234 43870-200

Fax: +49 234 43870-211

[email protected]

www.escrypt.com

Dr. Frederic StumpfBranch Manager Stuttgart

Phone: +49 711 342-32316

[email protected]

Holistic Solutions for Automotive Security · Automotive security 7/8/2016 Infotainment System...

Documents

Transcript of Holistic Solutions for Automotive Security · Automotive security 7/8/2016 Infotainment System...