It is important to consider security starting from the hardware layer through all the software layers. For example, hardware-specific vulnerabilities may affect a certain chip that is used in millions of devices. In 2020, security researchers identified a vulnerability in a Wi-Fi chip that allows unauthorized decryption of some WPA2-encrypted traffic.
Also critical is considering security during chip design and using appropriate IP building blocks. To enable secure wireless communication on a hardware level, it’s necessary to, for instance, ensure that hardware wireless interfaces are designed with robust protections. Moreover, it is crucial to include a secure hardware root of trust that can support cryptographic functions used to establish secure communication, such as an AES crypto core and secure storage to store cryptographic keys and credentials. In addition, the root of trust can provide secure boot to prevent an attacker from making malicious code or backdoors persistent in a vulnerable system.
Software vulnerabilities can range from the lower layers in the communication stacks to upper layers in the application software and can be caused by design flaws or implementation mistakes. One famous example affecting secure communication is the Heartbleed vulnerability in the OpenSSL cryptographic library. This vulnerability allows an attacker to extract potentially sensitive data such as secret keys, usernames, and passwords from servers running vulnerable versions of OpenSSL. This vulnerability was discovered in 2014 using a fuzz testing tool. Fuzzing as a technique is effective to detect issues in protocol stacks and parsers by providing malformed input to the target system and observing the behavior.
Furthermore, there is an example where custom code in a telematics unit contained a buffer overflow vulnerability allowing an attacker to remotely send exploit code to compromise the system. This type of coding mistake and implementation flaw can generally be detected using static analysis and be avoided by following secure coding guidelines.
Additionally, open-source software (OSS) is often used in communication stacks. The famous Blueborne from 2017, which is a set of vulnerabilities, affected more than eight billion devices, including Android and Linux-based devices. Automotive organizations can manage the usage of OSS communication stacks in their released products using software composition analysis in order to detect and manage known vulnerabilities.
Moreover, besides software implementation flaws, there are several examples of common design issues. For example, communication between a vehicle and the backend system is conducted in plain text, making the communication susceptible to eavesdropping attacks. There have also been examples where network services on vehicles are accessible remotely without any authentication. Additionally, there have been cases where the authentication mechanism has not been properly implemented; for example, it does not verify the receiving certificates properly and is, therefore, susceptible to man-in-the-middle attacks.
Several Bluetooth-enabled automotive systems have in the past used static and fixed PINs such as 0000 and 1234. Some Wi-Fi enabled automotive systems act as hotspots and use fixed SSIDs that are broadcast, which makes it easy to identify and track such vehicles. Other systems automatically connect over Wi-Fi to predefined SSIDs and make them susceptible to the evil twin attack. There are also examples where the randomly generated Wi-Fi passwords are based on low entropy data such as a fixed date, which makes the password susceptible to a brute-force attack. By conducting a TARA (threat analysis and risk assessment) of the target system early in the development lifecycle, it is possible to detect these type of design issues and define appropriate security controls. It may also be possible to detect these types of issues during a penetration test of the automotive system.
As the automotive industry continues to evolve, vehicles will support more advanced use cases based on wireless communication, and it will become increasingly important to consider building secure wireless communication based on a strong hardware foundation and software layers developed following best practices for secure software development.