Securing telematics and infotainment
By Rainer Makowitz — The Consumer Electronics Show 2012 is once again demonstrating to what extent consumer devices either enter the car or they get converted into their automotive equivalent and added to the feature list. The biggest expectations on value for the driver are in the field of infotainment and assist functions. Whether access to content from the cloud is desired or the factory-installed features must be augmented by downloadable apps, the key technology used is access to a wireless network infrastructure with its associated security challenges.
For vehicle manufacturers, it is essential that they somehow get closer to consumer development cycles and provide new features quicker and at lower cost. The integration of consumer electronics technology, such as open source operating systems into automotive platforms, is an attractive path to reuse. However, it will be essential that automotive-compliance, reliability and protection against attacks can still be demonstrated.
At CES 2012, Freescale, OpenSynergy and Secunet are showing a demonstrator for a solution that allows manufacturers to address these new demands instantly, without compromising on safety or security.
Using Freescale’s SABRE platform for automotive based on the i.MX53 applications processor, a prototypical telematics control unit has been built that provides:
•The high performance required to drive the latest automotive infotainment and telematics systems
•The accelerators to implement advanced user interfaces, sophisticated video processing, security, 2D and 3D graphics, at a high level of system integration
On top of the hardware platform, a set of new capabilities have been realized:
•Opensynergy’s COQOS virtualization environment that includes a certified separation kernel that securely isolates processes of different safety and security levels on a single ECU.
•Secunet’s Application Control Unit (ACU) for reliable protection for the vehicle’s onboard network
The main benefits for users are
•Use of multiple operating systems that can only access the hardware resources that are assigned to them, for example Linux-based infotainment software next to AUTOSAR-compliant automotive software
•Integration of untrusted infotainment software with the on-board network (e.g. CAN) to access vehicle data and the typical automotive diagnostic functions
•Detection of attacks at the application layer and the ability to actively keep them away from the vehicle’s onboard network
•Efficient use of the i.MX applications processor’s hardware security features with the ACU that provides connected cars with necessary hardware supported countermeasures
For the first time, OEMs will have full flexibility to realize different security levels on the same standard hardware platform. The solution is a future-proof investment as it is open for future enhancement through software updates. Application developers can run their fast development and maintenance cycles in independence from automotive life cycles.