BlackBerry's 7-Pillar Recommendation for Automotive Cybersecurity

TRENDS IN AUTOMOTIVE IMPACTING SECURITY

There are four industry trends that make modern vehicles vulnerable to cyber attacks and potential failures:

VEHICLE ACCESS

Physical and Wireless Connectivity allows the internal workings of vehicles to be accessible by the outside world.

SOFTWARE CONTROL

Modern vehicles have over 100 million lines of software, increasing the vulnerability surface.

AUTONOMOUS DRIVING

Autonomous vehicles are driverless and will talk to each other and to infrastructure. This increases the points through which the car can be breached.

CHANGING STATE OF SOFTWARE

Learning algorithms, used in automated driving, will cause software to morph over time. This introduces challenges in ensuring certified software remains safe and secure.

CHARACTERISTICS OF CARS THAT AMPLIFY CYBERSECURITY THREATS

NETWORK OF IN-VEHICLE COMPUTERS

The electronics in a vehicle are a complex network of safety critical and non-safety critical computers called electronic control units (ECUs). Isolating the safety critical from the non-safety critical systems is a complex problem.

COMPLEX SUPPLY CHAIN

The ECUs of a modern vehicle are built by multiple silicon and software suppliers. How does one ensure this complex supply chain is not porous to security risks?

LONG LIFECYCLE

A vehicle’s lifecycle is 7 to 15 years. Proactive software maintenance will be regularly required to keep the software current and address security vulnerabilities throughout the car’s lifecycle.

WHY SHOULD THE AUTO INDUSTRY BE CONCERNED?

As vehicles become increasingly reliant on software, this software must remain safe and secure over the lifetime of the car.

Vehicle and consumer safety, costly recalls and brand reputation are at stake for automakers when the vehicle’s software is compromised by a cyber attack.

WHAT STEPS CAN BE TAKEN TO ENHANCE AUTOMOTIVE CYBERSECURITY?

To address these concerns, BlackBerry has developed a 7-Pillars recommendation for Automotive Cybersecurity.

Read on to learn how these best practices can help mitigate security risks and build the foundation for a reliable and secure system.

Pillar 01

SECURE THE SUPPLY CHAIN

Ensure the supply chain and the software and hardware components it delivers are safe and secure.

Pillar 02

USE TRUSTED COMPONENTS

Use software and hardware components, in a defense in-depth architecture that has been hardened against security attacks.

Pillar 03

ISOLATION

Separate safety critical and non-safety critical systems and ensure trusted communication between these systems and to the outside world.

Pillar 04

IN FIELD HEALTH CHECKS

Monitor car health by regularly scanning and reporting a defined set of parameters while the vehicle is in the field.

Pillar 05

RAPID INCIDENT RESPONSE

Share common vulnerabilities and exposures (CVE) and advisories via a trusted network of subscribing enterprises.

Pillar 06

LIFECYCLE MANAGEMENT SYSTEM

Proactively re-flash the car’s software with secure over-the-air (OTA) software updates.

Pillar 07

SAFETY AND SECURITY CULTURE

Implement best practices and train every development organization for safety and security.

THE SOLUTION

As the leader in safety certified, secure and reliable software for the automobile industry, BlackBerry has developed and deployed world-class technology, tools and services that can be used to mitigate the security risk to a vehicle.

Download the whitepaper for a detailed outline of the BlackBerry
7-Pillars Recommendation for Automotive Cybersecurity.

Download the full whitepaper

References + Overrides