At the Consumer Electronics Show (CES) 2020 in Las Vegas, companies present their vision of a secure and networked automotive future. With the Secure Automotive Connectivity Platform, companies offer a fully integrated software framework secure administration and secure data exchange and thus the growing challenges of connected vehicles. The platform guarantees information security by protecting data transfer through strict encapsulation and separation of all communication channels. This partitioning is supplemented by a secure boot process, an integrated intrusion detection system and a firewall.
The Platform Uses The Hypervisor Technology Of The Real-Time Operating System
This platform enables critical and non-critical infrastructures to be operated simultaneously with one system. By using the hypervisor functionality to execute applications in strictly separate partitions, security-critical applications in particular can be executed without interference in a given time frame. The platform is pre-certified according to the common criteria EAL3 + security standard for the automotive industry. This is advantageous because only a single hardware system is required when planning the software architecture, which reduces development and production costs and accelerates the market launch. The platform offers a flexible software framework that supports customers in designing their software architecture to secure communication and updates.
Communication Through Proven Secure Boot Mechanism
The demonstrator communicates with the outside world via a gateway that supports various protocols and enables a variety of applications, such as updates of applications without visiting an authorized workshop, connectivity to the cloud backend or uploading maintenance data. Internally, a WiFi hotspot set up for passengers is protected by the platform’s firewall. The vehicle’s internal network – is separated and can only be reached via secure and monitored channels. The platform uses the proven secure boot mechanism. Communication takes place using the Transport Layer Security encryption protocol. The data is encrypted and digitally signed, so that only the owner of the private key created for it can actually make changes. The Intrusion Detection System runs as a separate partition and monitors network traffic.