What Is a Secure Gateway?
Benefits of a Secure Gateway?
It is possible for someone to hack into a vehicle’s Controller Area Network (CAN bus) and take control remotely, threatening ADAS and emerging autonomous driving capabilities. For example, a security compromise could create unsafe conditions such as automatic emergency braking that fails to operate or self-driving that makes unexpected maneuvers.
A Secure Gateway prevents this type of remote control by blocking non-certified tools from accessing the CAN bus and other connectivity points of the vehicle systems, significantly reducing the possibility of a successful cyberattack.
In June 2020, regulations R155 and R156 from the United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulations set requirements for automotive cybersecurity, making a Secure Gateway a regulatory consideration.
Examples of Secure Gateway Networks
Buses Protected by Secure Gateways
CAN: a medium-speed (1-5Mbits/sec) interface for ECU-to-ECU communications, which forms the foundation of connectivity within a car
Local Interconnect Network (LIN): a low-speed (20Kbits/sec) serial interface with guaranteed latency for simple controls such as indicators, sunroof operation, and temperature sensors
FlexRay: a high-speed (10Mbits/sec) connection for real-time, safety-critical applications such as active suspension
Ethernet: a high-speed (100Mbits/sec to Gigabit) connection for bandwidth-hungry applications such as infotainment, ADAS, and over-the-air updates (interfacing with mobile data)
How a Secure Gateway Works
A Secure Gateway implementation involves a module in the vehicle that enforces registration and authentication through an approved device before access is granted to networked systems. Initially, Secure Gateways primarily addressed diagnostic tools that can update firmware and change ECU settings, such as calibrating ADAS, coding a new LED headlight, actuating vehicle functions, and adjusting system values.
A Secure Gateway functions similarly to a network firewall, protecting the internal vehicle network from external attack. External access to some functions requires authorization of both the user and their device. However, not all functions will be rendered inaccessible. For example, emissions data must remain accessible in European vehicles so that they can be assessed. “Right to repair” legislation can also prevent access from being purely proprietary to the vehicle manufacturer. Connected infotainment functions will have less strict security so drivers can add their streaming media accounts or deliver entertainment to the car from their smartphones.
As vehicle systems become more sophisticated and the type of data being exchanged with external networks increases, the functions of a Secure Gateway must evolve, too. For example, the QNX® Hypervisor is leveraging Cylance® AI and ML technologies alongside a range of protective measures to ensure the proactive safety of connected vehicle systems.