Written by: Piotr Strzałkowski, expert in the field of embedded
What has the systems’ security in common with a fortress? How do the security systems work and why are they fundamental? Why shouldn’t we believe our third parties companies? To answer those questions, in this article we will discuss the topic of cyber security in automotive and embedded systems. In the end, there will be a bunch of tips and tricks which were useful in one of our projects for the automotive industry.
Security systems have always been a matter of human interest. People built fortresses to protect very important things: treasures, strategic staff and weapons, and most of all – human life.
The concept of protecting valuable information, treasures, and controlling access to selected lands is as old as the world. For example, In the medieval centuries, buildings called fortresses were used to protect lands and places of strategic importance. It is not an easy-peasy thing to design and build such a construction.
You have to adjust everything to the surrounding environment and current abilities. You have to think about:
It is not easy to build a fortress. For a better understanding of the topic, let’s recall how the medieval fortresses looked like and were built. Generally, we can recognize the following elements in those types of buildings:
All those elements are crucial and perform a specific role in the defence system. The lack of one of those diminishes the defence capabilities of construction.
A good point to start is building a moat which should be as deep as possible and as wide as possible to make sure that crossing it without using a drawbridge is impossible or at least very hard. Do you agree?
Nevertheless, as always – the devil is in the details and the width of the moat should fit the capabilities of our army, for example to the range of archers or other war machines, to be able to attack the enemy behind defence walls.
Because it is our first line of defence against direct attack. The enemy would not have easy access to defence walls and gates. They would have to use sophisticated war machines to get in or to destroy them. When they break them, it would allow them to execute easier and launch different types of attacks on our fortress.
Let’s imagine a little island with defence walls surrounded by a moat, where our fortress is going to be built. The island is actually the “hardware”, for example, microcontroller where we’ll embed our software in the future.
Now you know why the HW topics are so important. Here are some key hardware-related elements that we must never forget:
After building a moat and some part of defence walls the need is to build drawbridges and gates. This is another part of the fortress that requires special attention. That’s because all in and out traffic goes through the drawbridges and the gates. From the bandwidth point of view, these roads should be as wide as possible and without any obstacles such as gratings not to disturb the flow. The other way to allow undisturbed bandwidth is to build as many gates as possible.
However, again, the devil is in the details. If the gates and drawbridges are too wide, without proper protection they are a great temptation for the enemies to attack. It is easy to attack gates that are not protected or so wide that verifying the full traffic is not possible. That’s why we should add such constructions as barbicans and gratings to help protect all the drawbridges and gates in the fortress. Translating this story into our cyber security world: any unprotected system interface is asking for trouble and the goal is to reduce the surface of attack in our system, and not make it excessively wide.
To sum up – never forget to:
If you are in doubt which part of the code should be tested the best, always be sure to deeply test the code. That is most exposed to the external environment (for example handles raw frames).
These activities reduce the surface of the attack in the parts of the system.
Building such a big construction as a fortress cannot be done by one man. To achieve the goal at the right time, you would need external help from third-party companies and it is completely normal. However, you must remember a very important thing.
Regardless of how big and famous the company which helps you is or how much you like people who work there when you hear them saying that their work was delivered to the highest quality and that all the required tests have been done internally – don’t take their word for it.
Eventually, it is you who takes responsibility for the solution. All the codes delivered should be tested by them or by you. If your supplier performed the tests, you should get access to the results in order to verify them and make sure that they were made as you requested and covered in the required scope. Don’t accept it when they say the results of the tests are confidential.
Remember, lack of tests or some spots in the scope did not happen because of the bad intentions of the supplier. The cybersecurity topic is quite new in the automotive industry and not many companies handle this topic properly yet. Moreover, there are other circumstances like deadlines and human errors. Of course, if a supplier would have their own methods and for some reason don’t deliver results of tests, finally, you must perform the software tests on your own.
Good to remember:
When the fortress is finally ready the real adventure begins. That is the moment when the assumptions and work meet real threats. We need to make sure that our resources are ready for the fight. It is like in the army, we must train the knights, collect the required armor and weapon to sustain the stable protection of the fortress, and at the highest level.
We have to prepare the action processes, servers, software, hardware, and tools. Then continuously expand our knowledge of possible new threats. Mostly, this part of a project is underpaid and short of resources such as people, skills and time. When the real exploitable vulnerability appears, it definitely is not the right moment to:
That is why you should always remember to:
You have to remember that history shows that only a few fortresses were not defeated.
These which have survived had:
But should we count on luck?
I hope you found the answer to the question, how to build your own digital fortress in this short text.