There are few more exciting frontiers of the Internet of Things (IoT) than connected cars. Gartner predicts that there will be 61 million vehicles with built-in connectivity on our roads by 2020. But as we drive ever closer to a future where autonomous vehicles are a commonplace sight, we must be alert to the implications of cyber-threats in this domain. Already, real-world attacks and demonstrations by researchers have shown the potential for serious disruption.
That’s why we are excited we have announced a major new partnership with Panasonic, which will tap the expertise of both companies to create a leading cybersecurity solution for connected cars.
A growing attack surface
Cars are increasingly being filled with computing power and connectivity, as our appetite grows for on-board digital functionality. According to McKinsey, today’s connected cars may have as many as 100 electronic control units (ECUs) — in-vehicle computers that control a range of functions from steering, engine and brakes to infotainment. This amounts of hundreds of millions of lines of code; complexity which can leave gaps for hackers to exploit. The threats here don’t merely revolve around data theft, as with many cyber-attacks, but also physical safety.
These threats are also no longer theoretical. In 2015, researchers managed to remotely hack a Jeep Cherokee from miles away, taking control of its steering, brakes and engine whilst it was driving down the motorway. They got in via a connectivity vulnerability in the vehicle’s Uconnect infotainment system, before pivoting and rewriting firmware which allowed them to issue the new commands. The furore sparked a recall of affected cars by the manufacturer.
That research has been followed by many other similar efforts, illustrating just how broad an attack surface the modern connected car has.
A new partnership
That’s why we’ve teamed up with Panasonic in a new partnership which will see the two companies jointly develop a cybersecurity solution for connected cars. The idea is to make the most of the unique skills and capabilities of each party to build a product which can effectively detect and prevent intrusions into ECUs, infotainment (IVI) devices such navigation systems, and telematics devices.
To that end, it will tap Panasonic’s Control Area Network (CAN) intrusion detection and prevention technology to spot and block any unauthorised commands sent to the vital ECUs that control key driving operations. Trend Micro, meanwhile, will contribute its expertise in IoT security, malware analysis and global security intelligence, to protect IVI devices from exploits. Data from both systems will be sent to a cloud platform for analysis, and suspicious traffic will be blocked.
The combination of our IoT and threat prevention expertise and Panasonic’s knowledge of in-vehicle security and partnerships with car manufacturers will give us a great chance of making a real difference to connected car security. As cybercriminals continue to look for new revenue-making opportunities, that’s good news for carmakers and drivers alike.