Making connected vehicles safer

Connected vehicles, whether they are cars, trucks, buses or construction machinery, use various wireless technologies such as WLAN, UMTS, LTE or Bluetooth. These can be used to offer a range of new on-board functions and value-added services that, for example, warn of traffic jams, reduce fuel consumption and CO2 emissions, or increase vehicle performance. Electronic systems for navigation, infotainment, and safety and emergency call applications are also leading to increasing vehicle networking.

However, this also increases the risk of hackers gaining access to vehicles and manipulating essential functions. In addition, information about driving behavior could be used without the driver's knowledge or consent. As with all devices connected to the "Internet of Things," data security is crucial to prevent unauthorized access or remote takeover of a vehicle.

"Ethical Hacker" by BTwho are part of an international team of experienced security experts, test such potentially vulnerable systems using a standardized method. To do this, they imitated hacker attacks to uncover potential vulnerabilities, report them, and recommend courses of action. In the future, BT will also use this expertise to advise vehicle manufacturers, insurance companies and other companies in the automotive industry. In this way, weak points can be identified and remedied before a new vehicle is launched on the market. To ensure that the car remains safe throughout its lifecycle, BT will also provide ongoing support to ward off emerging threats as well.

With BT Assure Ethical Hacking for Vehicles, the possible attack points of a car can be specifically tested. Among other things, the tests check the interfaces accessible inside a car, such as Bluetooth connections, USB ports or DVD drives, but also external connections such as mobile networks or charging plugs. BT focuses on end-to-end security. All external systems connected to the vehicle are therefore also tested and checked. The primary goal is to detect vulnerabilities that allow unauthorized changes to configuration settings or the introduction of malware. Systems that can be used to access a vehicle from the outside include, for example, maintenance technicians' laptops, infotainment providers' servers and other support systems.

"In a few years, the majority of newly manufactured vehicles will be connected to the Internet or other networks - whether to enable navigation, maintenance, cooperative driving or entertainment services," said Udo Steininger, head of assisted and automated driving at the TÜV SÜD. "Drivers will expect the same level of usability in this that they are used to from their smartphone. This will be a major challenge for the automotive industry because cars are equipped with many embedded systems that were not designed to connect to the outside world. Therefore, the industry needs to work with suppliers, IT security specialists and certification bodies to agree on a common approach to interfaces and security standards for the connected car."

Source: BT (Germany)