Making Software-Defined Vehicles Cyber-Secure
Virtualization features such as digital twins and virtual patching can accelerate development and make commercial vehicles more agile and secure.

There is one sure-fire way to secure commercial vehicles from cyber-attacks. “You just remove the connectivity,” quipped Brandon Barry, CEO of Block Harbor Cybersecurity and the moderator of a panel session on “cybersecurity of virtual machines” at the SAE COMVEC 2024 conference in Schaumburg, Illinois.

Obviously, that train has left the station – commercial vehicles of all types, including trains, are only becoming more automated and connected, which increases the risks for cyber-attacks. “We have very connected vehicles, so attacks can be posed not just through powertrain solutions but also through telemetry, infotainment systems connected to different applications and services, and also through cloud platforms,” said Trisha Chatterjee, current product support and data specialist for fuel cell and hydrogen technology at Accelera by Cummins.

Virtualization features such as virtual machine introspection (VMI), virtual patching, and application isolation and sandboxing bring benefits but also pose challenges, Chatterjee said. “We are talking about very dense, integrated systems with lots of abstraction layers. The first challenge that comes to my mind is real-time performance and latency.”
Virtualization is still in the conceptual phase, according to Chatterjee. She said that Accelera is in the process of analyzing and verifying the effectiveness of incorporating virtualization in its products.
“By incorporating our layers of abstraction with better integrity and interoperability, we can address virtualization throughout an entire vehicle ecosystem,” Chatterjee said. “That would make our system more integrated. It would add more granularity and controllability towards doing any sort of vulnerability analysis or patching or doing any calibration or software updates.”
Chatterjee stressed that these concerns are not limited to on-highway vehicles. “For railway, it’s way more complex because we deal with very close-knit and complex network signals,” she said. “If one train gets hacked or if the signal system gets hacked, it can result in a complete shutdown of the control centers and cause a lot of disruption. It’s more straightforward for commercial vehicles in on-highway applications.”
Digital twins aid development

George Alvarez, vehicle cybersecurity architect at International, talked about virtualization as a tool to accelerate development of cybersecurity controls. “How can we adapt some of those concepts like digital twins? It’d be a big win if I didn’t need access to every vehicle type, every ECU at all times in order to test out some of the solutions and theories and issues that we might face with security. But that’s easier said than done. We’re going to need a lot of computational overhead,” he said. “At the end of the day, you still have to test your controls on the vehicle.”
With so many vehicle platforms and configurations, International faces a challenge to test the impact of deploying security updates to every combination, Alvarez said. “That’s not to say that we would with virtualization, but we’d increase the scope,” he added. “Also, it’s a sandbox for pushing out the security updates, making sure that we understand what we’re putting out into the market onto our vehicles.”
Software-defined vehicles will require more resilient and faster over-the-air (OTA) updates. “Having these virtual validation environments would serve us well,” Alvarez said.
“If we are going to move toward a more agile vehicle, that also means we need to be as agile as attackers,” Barry said. “If you build a digital twin and are able to test patches against vulnerabilities very quickly, that’s the world we’re going to be moving into.”
Building dynamic trust

Bob Kaster, chief technical expert for cross-division cybersecurity at Bosch, discussed his doctoral research in the area of cybersecurity and some challenges to consider. One opportunity is continuing to enhance security of automotive controllers.
“One of the challenges is that the full image check on an engine controller or braking controller or steering controller might take but a couple of seconds. If you turn your key to start the car and you have to wait a couple seconds or minutes for all of the systems to start, that’s just not really an option,” Kaster said. “As part of my doctoral research with Dr. Di Ma from the University of Michigan, we developed a program to try and have an accelerated secure boot process that meets the needs of functional safety and uptime but also the security.”
Another project the team is working on is “dynamic trust.” “As we move to have more of these autonomous vehicles with advanced architectures and frequent software updates, how can modules build trust in this dynamic environment?” Kaster posed. He mentioned the old paradigm involved highly specified ECUs with each task having a single home. For example, everything to do with braking had its own brake controller, he said. Trust was built by using symmetric keys to authenticate messages.
“The question of trust is, I got a message claiming to be from the engine controller. Is it really from this module that I’ve been trusting for my entire life? If yes, then you trust it completely. If no, you just ignore it. That was a static, binary and rigid trust model that worked for today or yesterday’s architectures,” Kaster said.
As the industry shifts to software-defined vehicles with flexible vehicle architectures and powerful central computers, the trust model needs to be dynamic, nuanced and adaptive, Kaster said.

“If we were to say, ‘I need to take this action, it’s going to have a big safety impact, so I need to have a lot of trust in it.’ And another module that might be using that same information that doesn’t have as big of a safety impact, it wouldn’t need as much trust to do it,” Kaster explained. “By building this hypothetical dynamic trust model concept as part of my research for how the detection system could potentially interact with safety systems, you could have an OEM say, ‘I have this radar where there is suspicious behavior noted from the intrusion detection system.’ The dynamic trust rating in the vehicle might reduce the trust rating from say 92% to 82%, and then have the systems in the vehicle respond accordingly without having to develop new software, test the software, release the software and roll it out, which might take several months. Or if you pull the hard switch and say, ‘You can’t drive these vehicles at all for a week.’ And then you’re like, ‘My bad, it wasn’t a cyber-attack.’ That could be a career-ending decision.”
Kaster also stressed that the commercial-vehicle and off-highway industries need to be more proactive in adopting available technology from the passenger-vehicle sector. “There are security measures available in passenger cars that have not been rolled out to commercial vehicles or off-road vehicles yet,” Kaster said. “The industry lags a bit behind because with a thousand or ten-thousand parts a year, it’s a lot more difficult to roll out these new features than if you’re making ten-million parts a year.”
Regulators lag attackers

Cybersecurity experts can provide crucial input to organizations that develop standards and regulations for the industry, the panelists agreed. But it’s still an uphill battle to combat highly motivated malicious actors.
“As an attacker, if you put out a whole bunch of public regulations, I’m just going to say, ‘Okay, they’re all following the regulations, don’t go after those things, look for the parts that are not being regulated,” Barry said. “The idea that regulators are going to be ahead of attackers, it’s not going to happen.”
“The regulatory process is very slow, and it has to be otherwise you couldn’t design your products to meet it,” Kaster added. “But for cybersecurity we need to be following all regulations, but I think we need to be going beyond that and thinking how do we secure our products and not rely solely on the regulators to tell us how much we need to do.”
Top Stories
INSIDERDesign
Clean Sky Demonstrator Fuselage Shows Potential of Thermoplastics in Aircraft...
INSIDERData Acquisition
Blue Origin Rocket Reaches Intended Orbit on First Launch
INSIDERDesign
Can Microvanes Improve Fuel Efficiency for Legacy Air Force Aircraft?
INSIDERSoftware
The Future of Aerospace: Embracing Digital Transformation and Emerging...
NewsElectronics & Computers
Closing Gap to Leverage Enhanced Computational Power for SDV Advancement
Technology ReportUnmanned Systems
AVSC Develops Best Practices for Traceable AV Safety Inspection Protocols
Webcasts
Software
How a Cloud-Based Remote ID System Helps Monitor Random Drone Sightings
AR/AI
AI-Powered Quality Control for Sustainable Automotive Production
Defense
Improving Thermal Management for Aerospace and Defense Electronics
Connectivity
The Road Ahead for Next-Gen E/E Architectures: Trends and...
Aerospace
Department of Defense Contracts Denied: New Cybersecurity Rules...
Software
Leveraging Simulation for Net Zero Emissions in Conventional and...
Similar Stories
ArticlesInternet of Things
Realizing Software-Defined Commercial Vehicles
NewsRF & Microwave Electronics
Digging Deep for Cyber Security Solutions
INSIDERAerospace
Tomahawk Robotics to Develop Flexible Cyber-Secure Radio Systems for US Navy
EditorialManufacturing & Prototyping
Making Machines Software-Defined No Simple Task
Technology ReportSoftware
Cybersecurity Expert Says Crowdstrike and CDK Global Incidents Serve as Wake-Up...