Proof-based system to secure the car
The digital systems in today’s connected car, including engine, infotainment and telematics systems, provide communications, numerous conveniences, information, safety, maintenance, security and are advancing towards driver minimalist features and even completely self-driving vehicles.
The amount of data being generated is increasing rapidly to support these features. When combined with an integrated mobile device, GPS data and social profiles, the connected car becomes a powerful collector and broadcaster of information.
This data is broadcast over public airwaves and stored in the Cloud. Considering the modern connected car has up to 100 million lines of software code, as data becomes more critical to the operation of the vehicle and the connected car ecosystem, it is important to have Active Integrity to verify critical systems in real-time, while Mutual Auditability assures privacy, safety, security, legality and insurability.
A fundamental problem with current security models is that it is hard to discover (and subsequently prove) a breach event if the wall or keys are compromised. With such an attack, it becomes impossible to assure the reliability of the digital asset as it may have been changed or accessed by unauthorized parties (who then covered their tracks).
Guardtime’s Keyless Signature Infrastructure (KSI) is an alternative technology for authenticating electronic data. KSI is changing the game, with an effective attestation-based security model, by attaching complex mathematical “tags” directly to the data, which makes any access to that data a documented and verifiable event.
Time, identity, authenticity and historical provenance of the data is protected and verified in real-time using Guardtime’s patented “proof-based’ technology; instead of protections afforded by administrators or credentials that can be compromised.
Symphony Teleca (STC) and Guardtime have announced a partnership to bring these new security, safety, maintenance, and reliability capabilities to enhance the Connected Car ecosystem. They create solutions to enhance the security and reliability of the connected car software lifecycle, whether from delivery mechanisms such as Over The Air (OTA), or directly from the maintenance portal. With the value of software in vehicles set to increase as much as 50 percent by 2020, it is imperative for OEMs to effectively manage their software lifecycles.
As more and more data traverses public airwaves and increasingly secure networks allow unsecure Mobile devices to connect to their networks, the issue of data integrity, Software Assurance and Mutual Auditability remains an unanswered question.