Harman Harnesses Onion Technology to Revolutionize Connected Car Security
Harman has developed a six-layer security framework designed to safeguard a car’s main system from cyber-attacks. This “onion-like” security protects the entire in-vehicle network, which includes critical safety systems, from being compromised.
As more people use connected cars, the risk of a wireless attack increases. Hackers could potentially exploit any wireless link, even one via a mobile phone or tablet, to breach the car’s system.
“A few years ago, automotive cyber security was mostly a niche concern among industry experts,” said Harman Director Asaf Atzmon. “Today, it’s a hot topic for consumers. A recent survey found that up to 59% of car buyers in some countries are worried about car hacking.”
Atzmon highlighted the unique fear around car hacking, imagining a scenario where someone is driving peacefully, only to have their car taken over remotely. One could suddenly find their brakes locking up on the motorway, headlights turning off at night, or their stereo blasting an unwanted song. Although frightening, these scenarios aren’t currently a reality. So far, all reported cases of car hacking have been conducted under controlled conditions by engineers or researchers, often requiring physical access to the car through a cable.
Harman’s approach to car security can be likened to the layers of an onion:
1. Secure Hardware Platform: At the core, a secure hardware platform safely stores cryptographic keys and carries out highly sensitive tasks.
2. Hypervisor: This technology, initially designed for supercomputers, separates safety-critical functions from the infotainment system by running two independent operating systems on the same hardware. This makes it difficult for malware to spread from one system to another.
3. Access Control: This layer manages who can access the car’s memory, storage, and peripherals. For instance, it would flag any unusual requests, like the CD player trying to control the brakes.
4. Sandbox Function: Newly downloaded apps run in a separate, isolated environment where they can be disabled and removed if harmful.
5. Network Protection: This controls data going in and out of the car, monitoring for signs of an intrusion. Ecushield turns the car’s ECU into an intrusion detection and prevention system (IDPS) which acts as a smart firewall, continuously monitoring for and stopping malicious communications. TCUShield, on the other hand, protects infotainment and telematics systems, identifying threats that might disguise themselves as legitimate functions like software updates.
6. Over-the-Air Updates: The additional layer allows the car’s systems, such as navigation and engine management, to receive updates remotely. Keeping software up-to-date ensures the car remains protected at all times.
These components work together to shield safety-critical operations and protect personal data, such as credit card information. Harman is already collaborating with several car manufacturers to integrate this technology into future models.
“At the end of the day, it’s about eliminating the risk of intrusion,” said Atzmon.