January 26, 2018

Building Cybertrust into the Connected Car

By Special Guest
Alan Zeichick, Principal Analyst, Camden Associates -

Source: Pixabay

Nobody wants bad guys to be able to hack connected cars – or equally importantly, hack any part of the multi-step communications path that lead from the connected car to the Internet to cloud services – and back again. Fortunately, companies are working across the automotive and security industries to make sure that does happen.

The consequences of cyberattacks against cars range from the bad to the horrific: Hackers might be able to determine that a driver is not home, and sell that information to robbers. Hackers could access accounts and passwords, and be able to leverage that information for identity theft, or steal information from bank accounts. Hackers might be able to immobilize vehicles, or modify/degrade the functionality of key safety features like brakes or steering. Hackers might even be able to seize control of the vehicle, and cause accidents or terrorist incidents.

Horrific. Thankfully, companies like semiconductor leader Micron Technology, along with communication security experts NetFoundry, have a plan – and are partnering with vehicle manufacturers to embed secure, trustworthy hardware into connected cars. The result: Safety. Security. Trust. Vroom.

It Starts with the Internet of Things

The IoT consists of autonomous computing units, connected to back-end services via the Internet. Those back-end services are often in the cloud, and in the case of connected cars, might offer anything from navigation to infotainment to preventive maintenance to firmware upgrades for build-in automotive features. Often, the back-end services would be offered through the automobile’s manufacturer, though they may be provisioned through third-party providers.

The communications chain for connected cars is lengthy. On the car side, it begins with an embedded component (think stereo head unit, predictive front-facing radar used for adaptive cruise control, or anti-lock brake monitoring system). The component will likely contain or be connected to a ECU – an embedded control unit, a circuit board with a microprocessor, firmware, RAM, and a network connection. The ECU, in turn, is connected via an in-vehicle network, which connected to a communications gateway.

That communications gateway talks to a telecommunications provider, which could change as the vehicle crosses service provider or national boundaries. The telco links to the Internet, the Internet links to a cloud provider (such as Amazon Web Services), and from there, there are services that talk to the automotive systems.

Trust is required at all stages of the communications. The vehicle must be certain that its embedded devices, ECUs, and firmware are not corrupted or hacked. The gateway needs to know that it’s talking to the real car and its embedded systems – not fakes or duplicates offered by hackers. It also needs to know that the cloud services are the genuine article, and not fakes. And of course, the cloud services must be assured that they are talking to the real, authenticated automotive gateway and in-vehicle components.

It’s a tricky process, ensuring security and trust. Working together, Micron and NetFoundry have made it work from the vehicle side, and hosts like AWS know how to handle it from the cloud service provider side.

Micron Ensures Hardware Trust with Authenta

Micron works at the deepest level of the connected car – the ECU. Micron offers a secure flash memory technology called Authenta, which protects the ECU board beginning with the boot process. The approach of utilizing existing standard flash memory sockets enables system developers to harden system level security without adding additional hardware components.

Authenta adds a hardware security module (HSM) directly to flash memory to strengthen system-level security and authentication directly on the ECU board, as well as the ability to ensure secure bootups of the device.

If the flash memory chip’s HSM, detects or suspects that the firmware for that specific ECU has been corrupted, damaged, or hacked, Authenta uses “hidden” copies of the last known state’s trusted firmware to recover and boot successfully. Authenta also alerts upstream devices that the corruption has been detected and bypassed, so that the problem may be resolved in the most appropriate manner as soon as possible.

Authenta similarly embeds secure identification tokens and trust logic into the ECU, so that the vehicle can ensure that it has not been tampered with by having intentional or inadvertent replacement of key vehicle components with malicious substitutes or other modules with incorrect functionality (or security vulnerabilities). That trusted secure identity token can also be shared with external hosts, such as the vehicle manufacturer’s cloud services.

The hosts communicating with that ECU can also remotely measure the “health” and identity of the ECU’s firmware and memory to ensure, based on their own policies, that the components haven’t been tampered with or corrupted. It’s a belts-and-suspenders model that validates that the vehicle’s electronics are safe and secure.

NetFoundry Secures the Communications Path

The next stage in the communications path is the link from the ECUs (or the entire vehicle) to the cloud provider. That’s the job of NetFoundry, whose MultiCloud Connect solution provides an application-specific networks (ASNs) between the vehicle and the cloud provider over the public Internet – regardless of the carrier or telco actually making the connection.

The NetFoundry system enables encrypted and authenticated high-performance connections to AWS, eliminates the need for dedicated, expensive private links. As long as the vehicle’s radios provide Internet access over LTE, 4G, or 5G, the NetFoundry ASN will manage the connection.

NetFoundry leverages Authenta’s strong device identity and hardware trust to talk to the automotive back-end services and pass along the identity token – and can ensure that those back-end services can authenticate the vehicle and its specific ECUs and embedded devices.

The NetFoundry platform provides zero-touch onboarding that leverages the Authenta device-specific token so that each IoT endpoint automatically accesses network-wide services and resources based on the car maker’s own policies. These NetFoundry ASNs have built-in performance and path remediation to ensure secure, authenticated bidirectional links from the endpoint to the AWS-hosted services.

NetFoundry also authenticates the cloud service. After all, you wouldn’t want to have a fakes or substitute cloud service trying to push malicious firmware updates down to a customer’s connected automobile.

In short: Micron’s technology uses markers in Authenta to uniquely identify ECUs and ensure they haven’t been tampered with. The NetFoundry MultiCloud Connect gateway and ASN services create secure connections over the Internet and passes those identification markers up to the cloud services, and authenticates the cloud services a well.


NetFoundry and Micron introduced their connected car partnership with AWS at AWS re:Invent in November 2017. The companies are in serious talks with vehicle manufacturers about embedded this safety-critical technology, including secure boot, secure firmware, over-the-Internet communications, and cloud authentication, as well as automated zero-touch provisioning for connected cars. After all, nobody wants bad guys to be able to hack connected cars… and NetFoundry and Micron are ready, willing, and able to provide secure, trusted protection.



Stay current on backup/disaster
recovery and cybersecurity news.



Visit the extensive library of backup
and disaster recovery-related White papers,
webinars and case studies.



Subscribe now to receive the most
important backup and disaster recovery
news delivered to your inbox.