All over the world, COVID-19 lockdowns are disrupting supply chains and manufacturing. As a result, European vehicle manufacturers may have trouble meeting the latest United Nations Economic Commission for Europe (UNECE) automotive cyber security requirements. As discussed in a previous post, the new UNECE WP.29 regulations aims to enhance cyber security and software updates in vehicles.
There isn’t much time for vehicle manufacturers to adapt these requirements, which will start to take effect in Japan and South Korea in 2021, and in Europe in 2022. They will be mandatory for all vehicle manufacturers in the EU by 2024. (Vehicle manufacturers in North America will not be required to adhere to them.)
Given the unique challenges posed by such a short time frame during a pandemic, the industry may need to make some tradeoffs, which could have an untold impact on time, quality, and costs.
A “Security-First Design” Solution
It’s no wonder governments are beginning to regulate cyber security in vehicles—today’s modern high-end vehicles can need up to 100 electronic control units under the hood. As these vehicles become even more complex in the coming years—equipped with advanced driver assistance systems and autonomous vehicle technology—they’ll be only as secure as their weakest link.
To meet the growing security needs of modern vehicles, the global security company Kaspersky developed a software development kit that uses a “security-first design” approach, which can help automotive vendors slash costs, said Ilya Efimov, Head of Technology Solutions Development, KasperskyOS, during an interview with Automotive World.
“Right now we have a version that automotive developers can use to develop their own applications, and we’re working on launching it commercially next year,” Efimov told Automotive World.
The system, KasperskyOS, harnesses a multi-layered security method that aims to cover all possible trajectories of attack, ensures secure data flow throughout the system, and allows the company to make cyber security policies. KasperskyOS puts a stop to any action that violates these policies, effectively blocking any unapproved actions, such malware. Additionally, the system employs hypervisors, which permits a lone host computer to share resources virtually—including memory and processing power—and host a handful of virtual machines. The hypervisors are essential in order for operating systems to work in isolation. They would shield future autonomous vehicles from cyber security attacks as they communicate with each other and with roadside infrastructure.
For now, the system could prove to be a timely and cost-effective solution to the impending UNECE regulations.
“This is one of the main reasons for us to join this market because we see that ‘classic’ solutions will not work in automotive,” Evgeniya Ponomareva, Business Development Manager, KasperskyOS, told Automotive World. “Our operating system and our adaptive platform are based on this upcoming regulation.”
Other operating system manufacturers are beginning to adapt. In October, the embedded safety and security company Green Hills Software said it will begin incorporating UNECE regulations in its products.
The pandemic may be erecting challenges for vehicle manufacturers, but it’s also spurring cyber security solutions that will make future vehicles safer and more resilient.
Securing Autonomous Vehicles
As the automotive industry continues to work on intelligent and autonomous vehicles, there is a need to better comprehend the safety and security of this connected technology. Automotive Cyber Security: Protecting the Vehicular Network is a five course program that aims to foster the discussion on automotive cyber security solutions and requirements for not only intelligent vehicles, but also the infrastructure of intelligent transportation systems.
Contact an IEEE Content Specialist today to learn more about getting access to these courses for your organization.
Interested in the course for yourself? Visit the IEEE Learning Network.
Hunsley, Jack. (10 November 2020). Automotive cyber security must be efficient, scalable and foolproof, says Kaspersky. Automotive World.
Tengler, Steve. (10 November 2020). How Increasing Coronavirus And Post-Election Conflict May Affect Automotive Cybersecurity. Forbes.
Green Hills Software. (28 October 2020). Green Hills Software expands leadership in automotive cybersecurity. Automotive World.
Reuschlaw Legal Consultants. August 2020. New UN regulations for cybersecurity and software updates in the automotive industry.