The automotive industry is on the cusp of the transition to automated driving. Already connected car services are available to consumers and these are increasingly providing the differentiating features driving consumer choice. It is anticipated that the connected vehicle service features deployed will increase dramatically over the coming years and with this comes the risk of malicious exploitation of the technology. This scenario within the project focuses on the implementation of secure end-to-end communications between the cloud and an automotive dedicated IoT device making use of the SecureIoT architecture and services. This device has been designed as a tool for the development of connected and automated driving.

1. SecureIoT
Connected Vehicles
21.10.2020
This project has received funding from the European Union’s
Horizon 2020 research and innovation programme under
grant agreement No 779899

2. • The modern vehicle is a complex architecture
of interconnected subsystems
• To keep up with market demand, connectivity
is progressively integrated
into the vehicle.
Connected Vehicle
The Connected Vehicle at risk

3. SecureIoT – Connected / Autonomous Vehicles
The Connected Vehicle at risk
Example: Jeep Cherokee Attack
• Remote (internet) control over a targeted vehicle
• Malicious actors could take control over vehicle functionality
• Vulnerability affected thousands of vehicles
Attack-Surface
• Telematics unit of vehicle was accessible over IP
• This unit was connected to other vehicle subsystems
• Such systems involved control of critical vehicle functionality.
• Knowledge of the IP address allows malicious actors to remotely
influence vehicle functionality while on the road

4. SecureIoT – Connected / Autonomous Vehicles
SecureIoT capabilities
• Security of the operating status is unknown.
We must observe the operation independently of the
vehicle systems. SecureIoT is independent observer and
analyst
• Process Monitoring - Detection of process anomalies
(Security Analytics) monitors process data to:
• detect attacks
• detect abnormal use by driver
• detect abnormal vehicle behaviour in early stage
supporting predictive maintenance
• Trustworthiness enables Secure Access (Developer Support)
• Automated IIoT Configuration Audit (Compliance Audit)

5. SecureIoT – Connected / Autonomous Vehicles
SecureIoT capabilities
• Probes deployed at both the vehicle and IoT platform
• Enables intimate analytics and integration with SecureIoT
SECaaS.

6. SecureIoT – Continuous OT Security Monitoring

7. SecureIoT – Detection and Prediction of Attacks
The Connected Vehicle at risk
Part
Order
Attack
Attack
Attacker
• Attacking at the vehicle level
• Attacking at the IoT infrastructure
Connected Vehicle Telematics Unit
Attack
Vehicle OBU (Telematics Unit)
• Uploading data (e.g. Insurance Pay as You Drive)
• Interacting with other vehicle systems
• Edge level aggregation
IoT Platform
• Ingest data from vehicles
• ML based on vehicle
information

8. Takeaways
Vehicles developed now must be able to
handle the vulnerabilities in 5-10 years
time.
Innovative attacks require extraordinary
detection and analytics
Integration with SecureIoT can monitor the
data at several layers of the data inception
and delivery.
Benefit of knowledge of similar attacks
methods in other industries.

9. Thank you