Automotive Whitepapers

The Applicability of Automotive Cybersecurity Standards

A cyber security white paper by Copper Horse

This work examines the applicability of automotive cybersecurity standards around the world, firstly by
capturing a longlist of recommendations and guidance and then organising these details into related themes to better consider the following –

• How relevant is the information? Which standards can be safely dropped and ignored?
• What documents are being referenced and how are the recommendations being regulated?
• Do the standards make an impact on real-world cyber security of vehicles or is the process too slow /
the guidance too vague or abstract to enable the required changes in industry?
• What is the additional engineering burden on the automotive industry and the surrounding ecosystem?

Finally, we consider the purchasing costs that OEMs and their suppliers would need to budget for to access the necessary information and discuss the implications of this, reflecting of the original aims of standards and their benefit to society.

The paper can be downloaded here.

Addressing the Challenges of Securing Connected and Autonomous Vehicles

A white paper Capturing the key themes of the Secure-CAV project

Vehicles are becoming the most sophisticated connected objects in the ‘Internet of Things’ as designers consider a fully autonomous future. But integrating such features causes the attack surface of the vehicle to grow – for example, as systems make use of remote connectivity at multiple points.

At the same time, the automotive industry has a challenge in that legacy technologies are both insecure and take a long time to age out. Unlike many other connected products, vehicles can have a very long lifespan, which demands an innovative approach when it comes to cyber security concerns.

Beginning in late 2019, the Innovate UK-sponsored Secure-CAV consortium set out to develop and prove hardware-based security technology that will allow the automotive industry to leap ahead of the threats that it faces currently and – in the near-term – put the industry into a much more tenable cyber security posture than it currently holds.

Secure-CAV partner, Siemens, has developed Intellectual Property (IP) as well as anomaly detection software, which is able to monitor protocols and transactions at the lowest level in hardware. This is backed by unsupervised machine learning algorithms and statistical analysis, with expert input from consortium member University of Southampton.

The solution has been integrated into Field-Programmable Gate Array (FPGA) technology and linked to two vehicle demonstrators developed by teams at Coventry University and cyber security specialists Copper Horse – also part of the Secure-CAV line up.

Building mitigations to a number of real-world and theoretical attacks into a demonstrator enabled the consortium to prove the theory that security anomalies can be detected and responded to appropriately, forming the foundation and basis for future developments in this emergent security solution space.

The paper can be downloaded here.

Copper Horse specialises in tackling future security challenges across many domains and industries from AI, automotive, mobile and IoT. We provide a wide range of services including engineering solutions throughout the product lifecycle from requirements to product security investigations. We offer security training and have a huge range of consulting expertise to help in areas such as mobile telecoms and connected products security. If you have an interesting and complex security problem, we are here to help.