Harness considerations for vehicle security
Recently we have seen the effects of cyber-attack of national infrastructure from hostile governments and terrorists. Clearly, digital warfare is the preferred modality for future conflict, it can be clandestine and does not require feet-on-the ground personnel to execute.
It was as early as 2010 when Koscher et al (K. Koscher, et al. Experimental security analysis of a modern automobile. In Security and Privacy) showed through detailed analysis that the CAN bus on various vehicles could be compromised and allow an external agent to control several critical systems of an automobile, potentially leading to occupant harm.
This requires future engineering efforts to start to factor in these potential sources of attack into their designs and it extends into our domain, that of the wire harness.
We have a couple of factors to consider,
1) The physical security of our designs
2) The integration of encryption-capable bus hardware and their associated wiring
Physical Security
is somewhat simpler to get our heads around – at its most basic form we need to ensure that all the interconnects and end-points of critical communication busses are not easily compromised. Or to put it into a simpler way, how to prevent a hostile player from inserting a malicious device into the wiring loom through preventative means.
Naturally, given time and access it would be incredibly difficult stopping someone from splicing into the vehicle loom or inserting a device behind bulkheads or trim panels without putting constant surveillance into place. However, we can, more realistically prevent opportunistic tampering, i.e. at a detailers or during an oil change.
This can be achieved by ensuring that all harness interconnects are inaccessible behind trim and all connection end-point terminations are either also inaccessible, or their construction makes any interference easily detectable.
Encryption-capable bus technologies
cover both the harness and system engineering disciplines of vehicle design. Rather than have clear-text data flowing between modules, sensors and telemetry systems, all data will need to be encrypted against a known, pre-programmed set of security keys. Any message on the data bus not in the correct format will be rejected and logged to alert the control system to the issue.
This will have two effects, 1) It will prevent any system from reacting to false information on the bus and 2) it will prevent any 3rd party from obtaining data from the vehicle.
So not only will a hostile player be prevented from causing your vehicle to malfunction, but they will also be prevented from using your vehicle data to track or observe your movements.
Engineers now have a number of options when it comes to chipsets they can use to implement these technologies as a number of automotive grade MCU companies starting to offer the encryption layers as standard in a number of their products. It is entirely possible to design or redesign communication hardware for most sensors and modules to use these devices in exchange of their non-secure counterparts.
From a harness standpoint the wiring remains mainly unchanged, the encrypted versions of these protocols still have the same electrical characteristics. The only consideration will be whether to add additional non encrypted busses for the less sensitive communications commonly on vehicles such as video or audio entertainment systems.
It would be entirely possible to design a harness to cater for both regular and safety critical systems with the latter using different coverings and security graded hardware. Using a suitable software, such as ARCADIA, the BOMs for these various systems can be monitored and separated out for analysis and review.
It will be an interesting time to see the developments in the market to further improve the security of vehicles and prevent cyber-attack.