Research talk I gave at Semiconductor Research Corporation workshop in September 2017. Here I set research goals to create a new type of security technology to protect autonomous systems.

1. Safe & Secure Systems
SRC’s Automotive Cybersecurity and Autonomous Vehicles Workshop in Dallas
Wednesday, September 27
by Alan Tatourian
Member of SAE Vehicle Cybersecurity Committee

2. 2
Trustworthiness (NIST 800-160)
• Systems engineering provides the basic foundation for a disciplined
approach to engineering today’s trustworthy systems.
• Trustworthiness, in this context, means simply worthy of being trusted
to fulfill whatever critical requirements may be needed for a particular
component, subsystem, system, network, application, mission,
enterprise, or other entity.
• Trustworthiness requirements can include, for example, attributes of
safety, security, reliability, dependability, performance, resilience, and
survivability under a wide range of potential adversity in the form of
disruptions, hazards, and threats.
• Effective measures of trustworthiness are meaningful only to the extent
that the requirements are sufficiently complete and well-defined, and
can be accurately assessed.

3. 3
Primary Security Concerns

4. Relations between information security, cryptography, physical security
and physical roots of trust
Cryptographic
Primitives
PKCS#11
Physical Root of Trust PUF TRNG Secure Logic . . .
Physical World
Secure Key
Generation
(KDF)
Physical Security
Objectives
FIPS 140-2 Levels 2/3
Secure (Key)
Storage
Trusted
Execution
Environment
. . .
Cryptographic
Acceleration
Physical
Tamper
Protection
Secure Hash
(SHA2, SHA3)
Digital Signatures
(RSA, ECDSA)
Message Authentication Code
(CMAC, HMAC, GMAC, HMACSHA)
Symmetric Crypto
(AES-128, AES-256)
Asymmetric Crypto for
signing/verification
(RSA-2K, 3K, 4K)
Elliptic Crypto
(25519, P-256, P-384, P-512)
Cryptographic Agility . . .Protocols
Information Security
Objectives
Availability Integrity Confidentiality . . .Authorization
Non-
repudiation
(sometimes)Hardware
Security
Module
Boundary

5. 5
Information Security Goals
1. Auditing and logging
2. Authentication and authorization
3. Session management
4. Input validation and output encoding
5. Exception management
6. Cryptography and integrity
7. Data at rest
8. Data in motion
9. Configuration management
10. Incidence response and patching
• Together, these formulate the end-to-end security architecture for the product and thus should be
considered alongside one another—not in isolation. Also, each of the categories has many sub-
topics within it. For example, under authentication and authorization there are aspects of
discretionary access controls and mandatory access controls to consider. Security policies for the
product are an outcome of the implementation decisions made during development across these
nine categories.

6. 6
Main security requirements (per HW module)
• SoC
• Dedicated Security Core (HSM)
• Full cryptographic stack
• Discrete Execution Environments
Common Requirements: SoC, FPGA, ASIC
• Secure and fast boot
• Secure Debug
• Unique Device ID
• Anti-cloning and Tamper Protection
• Remote background ECU firmware update
• Remote Attestation
Customization
• IP protection and customizations
• DRM for Features
AI Security for Autonomous Driving
• Invariant-based IDS

7. 7
Vehicle Reference Security Architecture
4G/5G DSRC
Connectivity
Gateway
(OTA)
Head Unit
Display
SDC ECU
Instrument
Cluster
Display
Central
Gateway
ADAS/AD ECU
Powertrain
DC
Body DC
Chassis DC
EDR
Smart
Charging
Laptop
Tablet
Smart
Phone
Secure off-board communication
Secure on-board communication
Secure boot, storage, cryptographic services
Firewall
Download Manager (OTA)
Intrusion Detection & Prevention System (IDPS)
Secure Monitoring & Logging
Secure Synchronized Time Manager
TCU

8. 8
Defense in Depth
Occupant safety
Surround sensors
Brake control system
Electric power steering
CAN bus
V2X antenna
Mobile Devices
ISP
BS
BSGPS
Electric Chargers
Fast cryptographic performance
Device identification
Isolated execution
(Message) Authentication
Virtualization
Hardware security services that can be used by applications
Platform boot integrity and Chain of Trust
Secure Storage (keys and data)
Secure Communication
Secure Debug
Tamper detection and protection from side channel attacks
Hardware security building blocks
Over-the Air Updates/Background Reflashing
IDPS / Anomaly Detection
Network enforcement, VPN and secure tunnels
Certificate and Key Management
Antimalware and remote monitoring
Biometrics
User/operator authentication and access control
Software and Services
Security features in the silicon, for example Memory Scrambling, Execution
Prevention, etc.
Defense in Depth
HardwareRootofTrust
Analog security monitoring under the CPU

9. 9
What do we do with AI?!

10. 10
Computer Vision Now

11. 11
Functional Safety & Security Architecture• There are 3 sides of security:
• Automotive SDL (aligned with FuSa)
• System hardening (similar to FuSa, the goal is to ensure there are no single points
of failure)
• Security features (encryption, signatures, etc. – working with FuSa is very
important to prevent false positives)
• All of these have to be considered during system lifecycle from conception
through design and to maintenance while the system is in the wild (for at
least 15 years!!!).
• Security should not be viewed in isolation from the system design and other
inputs including safety, privacy, survivability, etc. (slide with the umbrella).
Product Heterogeneous Architecture
Safety Island
Security Island
(PKCS 11, FIPS 140-2 L2/3)
FuSa (ISO 26262)SDL (ISO 21434)
ASIL Security
Process
Safety/Security
Architecture
Device
Reliability &
Trustworthiness
Process
Platform Hardening for
Safety and Security
Safety & Security
Architecture
FuSa (ISO 26262)
Functional SafetySecurity
Self-Test and Recovery
(STAR)
Safety Island
SDL (ISO 21434)
The principle of least
privilege (POLP)
Security Island
Platform

12. 12
Functional Safety and Security Helping Each-
Other
Security threats
affecting safety
Security measures
helping safety
Safety measures
helping security
Safety measures as
vulnerable points for
security attacks
Attackers can disable/modify or affect
safety critical functions or breach
Freedom from Interference (FFI)
Attackers can activate safety
mechanisms to attack the safety-critical
function (deploy airbags)
Message authentication in a safety-
critical communication
Attacks interpreted as faults and
detected by a safety mechanism.

13. 13
Safety and Security can be at odds
• Safety encourages stable software versions while security encourages
updates, breaking safety certification/qualification.
• While safety implicitly expects that access should be easily possible for
a quick and easy analysis, security would restrict access as strictly as
possible via authentication and authorization mechanisms.
• Security mechanisms add latency, for example fast boot where TPM
initialization (measurement) adds valuable time.
• Another feature of security is the question of how a safe state should
be defined in the event of an error. To meet the protection objectives of
confidentiality and integrity, it is conceivable that operation should be
shut down in the event of an error; however, this immediately causes
conflict with the protection objective of availability.
Cannot isolate security and functional safety
from the system architecture

14. 14
1. Interactive computing.
2. Time sharing.
3. User authentication.
4. File sharing via hierarchical
file systems.
5. Prototypes of ‘computer
utilities’.
Emerging
concerns
1. Access controls
2. Passwords
3. Supervisor state
Security
Technologies
1960s
1. Packet networks
(ARPANET)
2. Local networks (LANs)
3. Communication secrecy
and authentication
4. Object-oriented design
5. Multilevel security
6. Mathematical models of
security
7. Provably secure systems
1. Public key cryptography
2. Cryptographic protocols
3. Cryptographic hashes
4. Security verification
1. Adoption of TCP/IP
protocols for the Internet
2. Exponential growth of
Internet
3. Proliferation of PCs and
workstations
4. Client-server model for
network services
5. Viruses, worms, Trojans,
and other forms of
malware
6. Buffer overflow attacks
1. Malware detection
(antivirus)
2. Intrusion detection
3. Firewalls
1. World Wide Web
2. Browsers
3. Commercial transactions
4. Data repositories and
breaches
5. Portable apps and scripts
6. Internet fraud
7. Web-based attacks
8. Social engineering and
phishing attacks
9. Peer-to-peer (P2P)
Networks
1. Virtual private networks
(VPNs)
2. Public-key infrastructure
(PKI)
3. Secure web connections
(SSL/TLS)
4. Biometrics
5. 2-factor authentication
6. Confinement (virtual
machines, sandboxes)
1. Botnets
2. Denial-of-service attacks
3. Wireless networks
4. Cloud platforms
5. Massive data breaches
6. Ransomware
7. Malicious adware
8. Internet of things
9. Surveillance
10. Cyber warfare
1. Secure coding and
development processes
2. Threat intelligence and
sharing
3. Adware blocking
4. Denial-of-service mitigation
5. WiFi security
1970s 1980s 1990s 2000s
Here’s our final security toolkit, we are good!!!
Any new ideas in the last 20 years?!

15. 15
And after all we’ve done, there is this!
1980 1985 1990 1995 2000 2005
Source: escrypt
Increasing digitalization and
digital integration
Security
Escalation:
Hypothetical vulnerabilities
identified
Security threats become
relevant in practice
Regular security breaches with
severe damages
ICS-CERT
(2008)
20152010 2020
???
CAESS
(2010)
GSM Interface
Exploit (2015)
Stuxnet and Duqu
(2010/11)
German Steel Plant
(2014)
AS/1 Card
Cracking (2009)
IMSI Catcher, NSA
iBanking (2014)
Cabir, Premium
SMS Fraud (2008)
DOS via SMS
DoCaMo (2008)
I Love You
(2010)
Heart Bleed
(2014)
Sasser
(2004)
Melissa
(1999)
Michelangelo
(1992)
Leandro
(1993)
Brain
(1986)
F. Cohen
(1981)
Confliker
(2008)
NSA, PRISM Reign
(2014)
SQL Slammer
(2003)
Code Red
(2001)
Morris Worm
(1988)
Tribe Flood DDOS
(1998)
CCC BTX Hack
(1984)
Creeper
(1971)

16. 16
Cryptography != Security
• Whoever thinks his problem can be solved using cryptography, doesn’t understand his problem and doesn’t understand cryptography.
• – Attributed by Roger Needham and Butler Lampson to each other
Security is much more than cryptography!
Here’s an example of mitigation techniques of vulnerabilities in SW:
Type 0 – Strong Mitigation: End a bug class
Type 1 – Weak Mitigation: End an exploitation technique
Type 2 – Attack Surface Reduction: Remove a set of exposed functionality
Type 3 – Chain Extension: Increase the number of bugs required in an exploit
Cryptography rots, just like food. Every key and every algorithm has shelf time. Some have very short shelf time.
• How long do you need your cryptographic keys or algorithms to be secure? – this is cryptography shelf life (x
years)
• How long will it take to extract secrets out of your system? – this is the end of honeymoon (z years)
• What are your parameters to reduce attack surface and to update keys or algorithms? -  (pronounced Xi)
𝐼𝑓 𝑧 < 𝑥 + 𝜉, 𝑖𝑚𝑝𝑟𝑜𝑣𝑒 𝑦𝑜𝑢𝑟 𝑎𝑟𝑐ℎ𝑖𝑡𝑒𝑐𝑡𝑢𝑟𝑒 𝑎𝑛𝑑 𝑖𝑛𝑓𝑟𝑎𝑠𝑡𝑟𝑢𝑐𝑡𝑢𝑟𝑒!
Vulnerabilities: Starts slow,
Then speeds up!
Bugs: Starts fast,
Then slows down
The Honeymoon Effect

17. 17
• What is intelligence?
• Intelligence is a force, or at least it can be modelled as a force, that maximizes future freedom of action either in thermodynamic terms if you
are a statistical physicist or in information terms if you are a computer scientist.
• Intelligent behavior can be defined as a force that tries to climb a gradient landscape and maximize the future freedom of action.
The question of whether Machines Can Think… is about as relevant as the question of
whether Submarines Can Swim.
‒ Edsger W. Dijkstra
Call for Research: AI
1. Develop AI which provides deterministic categorization and decisions (I see a human, and not ‘human: 75%,
horse 3%, I have no clue 1.8%’)
2. Develop AI which can construct contextual explanatory models (I see a human about to cross the road because…)
3. Develop AI causality (A boy threw a ball, a ball may roll to the road, a boy may run after the ball)
4. At a system level, constrain AI to a bounding box to ensure correct behavior of the moving vehicle

18. Call for Research: Self-HealingEmerging
concerns
(New!)Security
Technologies
Attacks against Cyber-Physical Systems (CPS):
1. Autonomous vehicles
2. Smart communities
3. Aviation and transportation
4. Robots
5. Drones
6. Infrastructure
• Self-adaptive Systems which can evaluate and modify their
own behavior to improve efficiency, and which can self-heal.
• Multi-agent Systems, a loosely coupled network of software
agents that interact to solve problems, are resilient and
partition tolerant.
• Self-optimizing Systems based on Artificial Intelligence
(Genetic Algorithms?).
From around 2015 through present time
In information technology, self-healing describes any device or system that has the ability to perceive that it is not operating correctly and,
without human intervention, make the necessary adjustments to restore itself to normal operation. IBM, for example, is working on an
autonomic computing initiative that the company defines as providing products that are self-configuring, self-optimizing, and self-
protecting - as well as self-healing. For all of these characteristics together, IBM uses the term "self-managing."
Every 30 years there is a new wave of things that
computers do. Around 1950 they began to model
events in the world (simulation), and around 1980
to connect people (communication). Since 2010
they have begun to engage with the physical
world in a non-trivial way (embodiment – giving
them bodies).
– Butler Lampson, Microsoft Research