世界上第一個(gè)基于云端的網(wǎng)聯(lián)車安全解決方案誕生于以色列����,目前正在各地的整車廠進(jìn)行測試。
黑客究竟可以對(duì)一輛車做什么呢��?答案是什么都能做��。網(wǎng)絡(luò)安全專家一邊指著標(biāo)有數(shù)十個(gè)攻擊向量的汽車原理圖�,一邊感嘆道,如今的汽車簡直就是待宰的肥羊��。(譯注:所謂的攻擊向量����,就是容易受到入侵的安全漏洞。)
對(duì)前老板懷恨在心�,想要遠(yuǎn)程鎖住他的F-150,給他制造點(diǎn)“驚喜”�����?小菜一碟���。來點(diǎn)難度更高的����?例如鎖上全國范圍內(nèi)的F-150,1個(gè)小時(shí)后再解鎖��?這可能會(huì)讓惱怒的車主對(duì)福特群起而攻之�����。不過���,和其它一些黑客攻擊所具備的破壞力相比��,這些都還只是小打小鬧——黑客還可以遠(yuǎn)程操控車輛的剎車和轉(zhuǎn)向���,甚至大范圍植入勒索軟件。
Upstream Security是一家總部位于以色列的網(wǎng)絡(luò)安全公司���。Upstream的副總裁Dan Sahar表示�����,“我們和很多‘白帽’黑客(堅(jiān)持正道的黑客)合作�,其中一位號(hào)稱是汽車黑客中的勒布朗·詹姆斯����。” Sahar本人也是一名計(jì)算機(jī)科學(xué)家�����,他說,“你如果問這位黑客該怎么保障車輛的安全����,他會(huì)說沒有辦法。電子節(jié)氣門控制器��、動(dòng)力總成ECU的編碼都不知道用了多少年了���。整車廠沒有控制權(quán)���,而且他們的供應(yīng)商和零部件都是共用的。”
Sahar還說�����,“這意味著如果有一家一級(jí)電子系統(tǒng)集成商犯了安全錯(cuò)誤����,所有人都會(huì)遭殃。過去�����,汽車行業(yè)幾乎沒有什么網(wǎng)絡(luò)安全問題,但是情況在迅速惡化�����,現(xiàn)在可能會(huì)發(fā)生極其嚴(yán)重的安全事件���。這不僅會(huì)危及車企和科技公司���,也會(huì)對(duì)普通大眾造成實(shí)質(zhì)性的傷害。”
無限的處理能力
Sahar在接受SAE《汽車工程》雜志的采訪時(shí)表示���,未來十年�,網(wǎng)聯(lián)車的數(shù)量有望達(dá)到2億輛�����,自動(dòng)駕駛汽車也會(huì)不斷增多���,但與此同時(shí)�,汽車面臨的風(fēng)險(xiǎn)也在與日俱增,甚至可能會(huì)出現(xiàn)越來越多新的威脅��。Sahar等網(wǎng)絡(luò)安全專家認(rèn)為�,出行服務(wù)(MaaS)供應(yīng)商和快遞公司的車隊(duì),以及企業(yè)或政府的租賃車隊(duì)都將面臨越來越多的網(wǎng)絡(luò)攻擊���。
Sahar表示�����,“一旦連上網(wǎng),汽車所面臨的威脅就會(huì)急劇增加�����。這就是風(fēng)險(xiǎn)�����。”那么�����,企業(yè)到底應(yīng)該如何保護(hù)自身安全呢��?Sahar認(rèn)為,把安全保護(hù)層建在車內(nèi)只會(huì)讓網(wǎng)聯(lián)車離黑客更近�����,而且會(huì)讓車輛更易受到新型威脅的攻擊���。最佳的解決方案是把安全保護(hù)層建在云端�。這也是Upstream的兩位創(chuàng)始人Yonatan Appel和Yoav Levy在近兩年前創(chuàng)立公司時(shí)所秉持的觀點(diǎn)�。Appel和Levy都是前以色列國防軍的資深網(wǎng)絡(luò)安全專家。
Sahar還說���,“在汽車網(wǎng)絡(luò)安全公司里���,只有我們沒有把安全系統(tǒng)放在汽車、車聯(lián)網(wǎng)服務(wù)器和移動(dòng)應(yīng)用程序服務(wù)器中���。其它公司都還在研究車載安全設(shè)備���。但就算你設(shè)了防火墻,兩年后它就有可能失效����,因?yàn)镃PU會(huì)過時(shí)����。”
“但如果把安全層保護(hù)部署在云端�����,你就會(huì)擁有無限的處理能力��。如果需要提高處理能力�,那就多加幾臺(tái)服務(wù)器。你也可以輸入新的編碼��,遠(yuǎn)程更新防御系統(tǒng)��。但如果是車載安全設(shè)備���,你就不能靠輸編碼更新設(shè)備。”與此同時(shí)���,未來網(wǎng)聯(lián)車所具備的強(qiáng)大的數(shù)據(jù)收集能力��,也會(huì)為整車企業(yè)帶來不菲的收益�。Sahar認(rèn)為�,這也會(huì)為Upstream帶來巨大的商機(jī)。2018年,這家公司的員工數(shù)已增加到了40名����。
防范欺騙攻擊
Sahar說,“未來每輛車都會(huì)產(chǎn)生并收集海量的數(shù)據(jù)��。汽車行業(yè)正在朝著5G時(shí)代邁進(jìn)���,這對(duì)我們來說是件好事����。我們?cè)谠贫藢?duì)所有數(shù)據(jù)流進(jìn)行集中監(jiān)控��,隨著數(shù)據(jù)量和安全威脅在5G時(shí)代不斷增加�����,輸入云端的信息也在不斷增多�,我們的監(jiān)控就會(huì)變得更加有效。”
Upstream將采用自主開發(fā)的人工智能����、機(jī)器學(xué)習(xí)和高級(jí)數(shù)據(jù)分析工具,標(biāo)記出正常流量和異常流量����。
Sahar舉了一個(gè)檢測的實(shí)例����,“如果我們看到車輛收到一個(gè)未經(jīng)授權(quán)的OTA更新請(qǐng)求���,車輛又隨后發(fā)出‘OTA更新完成’的反饋��,我們就會(huì)把它標(biāo)記出來���,去查究竟是誰發(fā)出的更新命令。我們以前也遇到過類似的事情��,最后發(fā)現(xiàn)它們是欺騙攻擊��。我們的目標(biāo)是在攻擊到達(dá)網(wǎng)絡(luò)之前就能檢測到威脅并將其攔截�����。”
Sahar表示���,監(jiān)控的整車廠數(shù)據(jù)越多,Upstream的安全解決方案就越有效����。“各地整車廠使用的零部件都是來自同樣的1級(jí)供應(yīng)商���。很多車型的硬件也很相似。如果我們發(fā)現(xiàn)寶馬的系統(tǒng)安全出現(xiàn)了異常����,可能其它品牌也有一樣的問題。”
Upstream的監(jiān)控系統(tǒng)還可以檢測到出行服務(wù)的異常狀況����,比如根據(jù)數(shù)據(jù)足跡偵測租車詐騙犯罪。Upstream目前擁有十幾家整車廠客戶���,一些客戶在最初階段就納入了Upstream的產(chǎn)品�,另外一些則是北美����、歐洲和以色列的出行服務(wù)公司。去年春天�,Upstream和一家總部位于東京的、名為Asgent的網(wǎng)絡(luò)安全開發(fā)分銷公司建立了戰(zhàn)略合作關(guān)系����,一起為日本的整車廠和車隊(duì)提供汽車網(wǎng)絡(luò)安全解決方案�。
Sahar表示��,“離量產(chǎn)網(wǎng)聯(lián)汽車的到來已經(jīng)沒剩幾年了�����,汽車行業(yè)必須在此之前解決好安全問題�。這是一場貓鼠游戲。汽車上的安全漏洞很大���,很容易受到入侵�����。Upstream正在努力解決這個(gè)問題���。”
The first cloud-based solution for connected vehicles was born in Israel and is now pilot-testing at global OEMs.
What can hackers do with a car? Just about anything they want. A typical vehicle today is a potential sitting duck, cybersecurity experts say. They point to ghosted schematics of cars showing dozens of ‘attack vectors’—the places that are in various ways vulnerable to security intrusions.
Lock the doors of your former boss’s F-150 remotely, for spite and kicks? Too easy. How about something a bit more ambitious—like locking the doors in F-150s across the state and keeping them locked for an hour? Angry owners might diss Ford, but the fallout would be minor compared to the damageand pain inflicted by a remote hack of vehicle brakes or steering. Or a mass hack involving ransomware.
“We work with a lot of ‘white hat’ guys, one of whom is ‘the LeBron James’ of car hackers,” noted Dan Sahar, VP of Product for Israel-based Upstream Security. “Ask him how to secure at the vehicle level and he’ll tell you it’s impossible. The electronic throttle control, the powertrain ECU—when was the code written for these? The OEMs often don’t have control, and they share many suppliers and components,” asserted Sahar, a computer scientist.
“If one of the Tier 1 electronic-systems integrators makes a mistake regarding security, everyone can get hit,” he said. “The industry has rapidly moved from having zero security problems to a world in which very bad things can happen, not only to an enterprise and an IT organization, but physical damage to people.”
Infinite Processing Power
The danger becomes exponential with an estimated 200 million connected and increasingly automated vehicles expected to be in use by early next decade, Sahar said in an interview with Autonomous Vehicle Engineering. They’ll be exposed to even more new threats. Security attacks on vehicle fleets including MaaS (mobility as a service) providers, delivery companies and those leased by businesses and government agencies are likely to increase, Sahar and other experts believe.
“The second you enable connectivity, you increase the threat level dramatically. That’s the risk,” he said. How, then, does an enterprise protect itself? Applying the security layer inside the car will always put connected vehicles steps behind the hackers and more vulnerable to the most recent threats, Sahar argued. The optimum place for security instead is in the cloud, reckoned former Israeli Defense Forces cybersecurity veterans Yonatan Appel and his colleague Yoav Levy when they founded Upstream nearly two years ago.
“We’re the only company in the automotive cyber space that places the security in the cloud—between the car, the telematics server and the mobile-applications server,” Sahar explained. “The others still pursue the in-vehicle path. If you firewall something it will be obsolete in two years. CPUs get old.
“But in the cloud, I have infinite processing. If I need more power I just add more servers. And the defenses can be updated remotely with new code. You can’t do that by putting code in the car.” The formidable data-collecting ability of future connected vehicles is a potential pot of gold for OEMs and Sahar sees significant opportunities for his company, which has grown to nearly 40 employees in 2018.
Preventing Rogue Attacks
“Data generation and collection per vehicle will be enormous. The industry moving to 5G is good for us—more data and more risk in terms of security threats. And this benefits the effectiveness of our centralized position in the cloud where we can monitor every bit of traffic that goes on there,” he explained.
“We map out what’s normal traffic and what’s not,” using Upstream’s artificial intelligence, machine learning and advanced data-analytics tools.
Sahar cites a real-world detection example: “If we see an OTA update sent to the car without authentication, followed by an ‘OTA update complete’ response from the car, we flag it. Who told it to do an update? We’ve seen these events—they’re rogue attacks,” he said. “The aim is to detect and prevent threats before the reach they network.”
More data from more OEMsthat Upstream monitors means more effective security solutions, according to Sahar. “The global makers all use components from the same Tier 1s. The hardware in many cases is similar. If we found a security anomaly in one area of a BMW, for example, we’d then apply it on others.”
Upstream monitoring also could spot anomalies in MaaS activities— for example, fraudulent use of rental vehicles based on the data footprint. Upstream currently has nearly a dozen OEM customers, some using the product in advanced-pilot stage, as well as MaaS fleets in North America, Europe and Israel. Last spring, the company entered a strategic partnership with Asgent, a Tokyo-based developer and distributor of network security to provide automotive cyber-security solutions to OEMs and vehicle fleets in Japan.
“The industry now has a deadline to ship connected cars within a few years. They have to get the security done,” Sahar opined. “Autos is a cat-and-mouse game and the security holes are big and easy to penetrate. We’re in the process of changing that,” he said.
Author: Lindsay Brooke
Source: SAE Automotive Vehicle Engineering Magazine
網(wǎng)聯(lián)汽車網(wǎng)絡(luò)安全一瞥:Upstream的操控界面
