Published: September 23, 2015 | Munich, Germany
Giesecke & Devrient and IBM are teaming up to work on a new connected vehicle security solution with the intent to make car hacks much more difficult in the future. The new crypto chip and key solution is being showcased first at IAA International Automobile Fair in Frankfurt. IT security is becoming a crucial precondition for the automotive industry in terms of a wider adoption of connected vehicles. Security infrastructures are required within the vehicle and from the vehicle to the back-end infrastructures. As trusted partners and suppliers for the automotive industry, IBM and G&D team up to tackle these security challenges for the connected vehicle ecosystem.
IAA: IBM and G&D showcase connected vehicle security solution
IBM and G&D present a first showcase of the connected vehicle security solution at the IBM booth. The technology partners demonstrated a “Secure Gateway ECU” to enable a more secure communication within the vehicle and to the backend. The partners expect a further development of the platform based on OEM customer requirements over time, potentially combining other security elements to enhance the existing crypto key and chip core elements.
Multiple IT security related solution components
The IBM/G&D end-to-end connected vehicle security solution platform will be based upon multiple IT security related solution components. Highly protected hardware elements with Smart Card level security, so-called “embedded Secure Elements” (eSE), within the vehicle for storing cryptographic keys in a protected high-level tamper-resistant area help to raise the level of security and to reduce the number of car hacks drastically. Key creation and lifecycle management in a key management back-end is essential to ensure both the availability and security of the encrypted information. The management of trusted identities protects users identity and enables authorized access to vehicle. The Subscription Management of the SIM modules (M2M SIM cards) provides automotive OEMs with more flexible connectivity solutions. A car can be individually configured for security settings when delivered in different markets and connected to service operators without changing the SIM module to simplify the logistics. This allows vehicle manufactures more flexibility when producing vehicles for different counties with many mobile network operators (MNOs). The subscription to the MNO can be programmed when the vehicle is delivered to the destination country after manufacturing.
Security intelligence within the vehicle, closely linked to security intelligence capabilities on the backend side, improves the detection of hacker attacks from abnormally operation monitoring. Security intelligence on the backend side with Security Operations Centers and Security Intelligence and Event Management helps detect tampering operations at an early stage to detect hacker attacks early and to avoid damages to the system. Secured communication channels and secured data storage in the cloud ensure highest standards for data privacy. This also helps to make payment transactions safer with a resilient backend infrastructure.
Source: Giesecke & Devrient