Connected Vehicle Internet CyberSecurity

Abstract

This is a proposal for forming a research project at MIT Computer Science and Artificial Intelligence Labs (CSAIL) that would be separate but a compliment to the World Wide Web Consortium (W3C) Automotive standards activity.

Accompanying Presentation

In-Vehicle-Infotainment (IVI) systems are ecosystems for third party apps to leverage and interact with information and services from the underlying vehicles and the Internet. The Internet is the biggest attack surface concern for connected vehicles.

Use cases for these applications range from on-board sampling/edge computing for feeding data silos, event listeners for triggering the sending of v2x messages, proactive maintenance, navigation, media/entertainment and payment processing.

Interactions with Internet services' data can be manipulated, malicious content interjected and attempts made to execute arbitrary code on the head unit.

Autonomous vehicles' and driver assist decisions are data driven. It is essential that this information is accessible instantly and consistently. Additionally it is absolutely critical this information is accurate and from authenticated sources. Any systems acting on this data should be able to identify and react to potentially erroneous, missing, malicious, injected or fabricated data that could otherwise result in catastrophe.

Automotive application platforms are entirely too fragmented. There are multiple competing vehicle signals APIs, typically manufacturer specific which is preventing innovation in the industry and discouraging third party content providers to write applications for them.

W3C Automotive Activity

W3C Automotive Working Group and AutoWeb Platform Business Group are working on a rich application ecosystem for connected vehicles.

• Signals/Telematics
• Data warehousing
• Media library and services
• Mixer
• Content Delivery Network (CDN)
• Location Based Services/Navigation
• Notifications
• Payments
• Privacy and Security

W3C Auto activity primer presentation

Distintive Attributes and Advantages

The main distinctive attribute of this work is that it combines the perspectives of Open Web Platform architects, prospective content providers,privacy and security experts and the automotive industry.

Ability to influence privacy and security aspects of W3C Automotive standards.

Scope is subject to change based on agreed interests from contributing sponsors.

Methodology

Evaluate vehicle-to-everything (V2x) data exchanges and systems information interactions, define a full attack tree, find weaknesses and devise risk mitigations applicable at various layers of protection. See also presentation to Genivi Security Expert Group.

Create an implementation of an application, network security layer that is capable of controlling information access to and from authenticated sources including data integrity checks. Data sampling and integrity checks would be a combination of defined rulesets and machine learning and applicable to internal/on-board data such as CAN signals and data sources external to the vehicle. This information flow engine will need to enforce adherence to security guidelines and constantly assess the accuracy and viability of data based on sampling identifying deviation from expected value ranges and other heuristics.

• Establish information exchanges with security teams from sponsors and collaborators to explore attack methods and tools.
• Leverage and expand the various attack tree and protection use cases being worked on by Genivi Security Expert Group and W3C Automotive Privacy and Security Task Force
• Setup development platforms such as Genivi Development Platform, Android, AutoGrade Linux and other open source IVI for evaluation and prototyping solutions.
• Attain additional contemporary, closed source vehicle Head Units from various manufacturers and makes, evaluation equipment such as Universal Software Radio Peripheral devices.
• Explore V2x vulnerabilities and means to modify or inject malicious data
• Create 3rd party application and external website evaluation service.
• Develop Software Protection and Data Integrity Analyzers
• Integrate into driver decision information processing and presentation

• Threat Modeling for IVI, Applications and external websites connected vehicles will be interacting with
• Network focused IVI Penetration tests
• Site security assessment, automated and manual
• App testing, rule generation and review service and evaluation workflow for integration into app marketplaces
• Produce and Promote Guidelines* and Best Practices for on and off vehicle data protection
• Present demonstrations and findings at various conference venues
• Create a connected vehicle data integrity system

*Note: Guidelines should be platform agnostic to the extent possible and not assume W3C marketplace acceptance and dominance.

• Project Lead: Ted Guild, W3C Automotive Activity Lead. MIT Research Staff
• CyberSecurity focused Principle Investigator[s] (Professors) within MIT CSAIL
• Two to three full time researchers
• MIT Computer Science Graduate Students and PostDocs

Three Years with possibility to extend.

Desired annual budget of 700k USD for staff, equipment, travel and other expenses.

W3C, headquartered at MIT's Computer Science and Artificial Intelligence Labs (CSAIL), is the Standards Body for the Web. It has three other host sites at Keio University in Japan, ERCIM in France and Beihang University in China.

• MIT Cybersecurity@CSAIL research groups
• US DOT Volpe and potentially other agencies
• Genivi
• Linux Foundation Automotive Grade Linux
• SAE
• Auto ISAC
• Member organizations participating in W3C Automotive activity
• Additional W3C Working Groups (eg WebAppSec, WebAuthN, Privacy Interest Group)
• Automotive cybersecurity researchers at sponsoring organization and other universities