Secure-CAV video transcript
Security is one of the biggest Achilles heels in the emergence of the connected autonomous vehicle economy and that's really why we have constructed this Secure CAV project to help address that very unique very important security challenge.
Secure CAV is an exciting project which brings together a number of industry and University partners to work on the complex problem of automotive cybersecurity.
This is where connected and autonomous vehicles are subject to cyber attacks which then could lead to a number of security and safety incidents.
We have Siemens who are developing the hardware IP technology.
We have Copperhorse who are cybersecurity experts.
We have Coventry University who are developing the demonstrator platform and the University of Southampton who are developing the AI algorithms.
Modern cars have hundreds of micro processesors on them essentially super computers on wheels.
And we want to use some of those resources to evaluate things that are going on within the car.
At the beginning of the project we conducted a threat landscape analysis looking at the impact of the attack looking at how feasible the attack is the motivation of the threat actors and condensing that down into a priority list that we can then sense check against the industry panel.
So So far we're focusing on odometer tampering the onboard diagnostic port the infotainment unit.
You might have wireless connections and if somebody can intercept that signal then it gives them a way in.
What the Siemens team has brought to the project is a very unique set of technology which is semiconductor IP the purpose of which is to be able to monitor what's happening on a chip and in some cases be able to mitigate and defend against what it's observing.
We also have a team of data scientists looking at the data that those monitors are gathering and deciding what actions to take and what does that data actually tell us.
All of these things come together in an FPGA a field programmable gate array which is really a proxy for an actual semiconductor chip. It's programmable so we can make it look like a real world system that you would see in a vehicle.
And it's this FPGA containing the semiconductor IP gathering data that can be analysed.
The demonstrator integrates a number of different industry leading simulation platforms and actual components to provide a hardware in the loop test bed for us to be able to conduct those evaluations in near real time for an actual vehicle electronics architecture.
The different use cases are articulated in different ways. Some of them are data sets or traffic that is generated through the simulation platform for us to be able to look at anomalous traffic.
Some of them are tampered components that are integrated within the demonstrator for us to be able to show where some of the threats may manifest and then essentially using Siemens IP to look at the system on chip analytics and use that effectively to be able to detect them in a safe and secure manner.
We were lucky enough to be loaned brand new vehicles which we were allowed to disassemble connect onto the CAN-bus and actually start pulling real data out of the vehicle. The rich amount of data we got from having real vehicles just was such a huge help for this project.
Automotive cyber security has been on the agenda for the automotive industry for the past few years but 2021 changes the game because of a number of new standards that have emerged this year but it's also about developing new which makes our work very relevant for the automotive industry where it's not just about evaluation controls and measures to address cyber security threats.
The threat landscape is changing very rapidly and so we are looking to provide a solution that defends against the unknown.That challenge is not unique though.
So what we're looking for in essence is the response to a threat not the threat itself. Most people are familiar with the idea of virus checkers on their PCs.
They're looking for known patterns. What we're looking for here are unknown patterns. >We are looking for things that are out of the ordinary.
We want to build up a model of normal behaviour and to identify things that are outside normal behaviour and to say at the first level hey there's something bad happening here.
Perhaps we ought to look further at it.
The challenge of identifying normal is what is normal?
A car driving at 70 miles per hour on a motorway is behaving in a different way to a car in a town stuck in traffic.
Also each driver is different.
How a driver behaves under different circumstances may be different.
Therefore the machine learning has to learn what is normal for one vehicle one driver but what is normal across the whole range of different vehicles.
From what we've seen so far with the work we've done around the mileage modification tampering and actually the way that the software can not only detect that but also then correct it so you wouldn't even know that the tampering equipment has ever been installed in your car.
The Secure CAV project is unique in that it's a hardware based solution providing low latency threat mitigation at the heart of the automotive ICs.
This provides a core layer of any defence in depth solution.
You layer on as many different security mechanisms into your system as you possibly can so that if one layer maybe a layer that has already been used in the connectivity world for a period of time if that layer is penetrated or breached in some sense then the next layer kicks in and you continue to be protected.
This is very much the first step in this and really the objective is it's seeing what is possible as far as we're concerned from the University of Southampton's point of view is to figure out what is feasible on chip.
One of the advantages using an approach like this is we can not only simulate for threats that are there already but also look for emerging new threats that may emerge down the line.
The Siemens technology is being developed for in life monitoring of automotive platforms which means that using the power of machine learning and AI we're able to look for those anomalous states for a vehicle once it's on the road way beyond just existing threats but also looking for other potential risks that may emerge which may be systemic risks to the wider transport system.
Overall the project has been very successful to date.
We have a demonstrator system working on actual in-vehicle systems.
We have proven we can identify threats faster than any conventional solution and we're also able to identify threats that are undetectable by any previous methods.
So the outcome of the Secure CAV project is a package of IP which is configurable enough and generic enough that it can be deployed within any automotive IC project.
The solution that we're building and providing to customers is ambitious.
This combination of Copperhorse working with Coventry University working with University of Southampton working with Siemens has allowed us to develop a solution that is much greater than the sum of its parts.
There is no safety without security so for me being able to crack this nut of security for connected autonomous vehicles is absolutely critical and it leads to a better world for all of us.