As the manufacturing industry becomes smarter, the cybersecurity protocols used to protect connected IoT devices and components also need to adapt and be built in at the manufacturing level.
The advancement of digital technologies has increased the cyber complexity requirements in all areas of manufacturing. These areas can range from medical devices, automotive, farm, printing, oil and gas, to construction machinery and equipment manufacturing. Smart factories are interconnected, and cyber threats expose people, technology, processes, and intellectual property to these risks.
In this article, we focus on vehicle manufacturing and its associated vulnerabilities. We explain the various cybersecurity challenges that face this industry, the risks, and how cybersecurity needs to be incorporated throughout the entire production process.
Vehicle Manufacturing and IoT Cybersecurity Challenges
With the accelerating pace of digitalization, more and more electronic control systems, intelligent components, embedded systems, and API interfaces are being integrated into vehicles, making them more efficient and smarter than ever before. However, there are also inherent risks associated with our growing reliance on connected vehicles.
The fundamental challenge facing the vehicle manufacturing industry is cybersecurity. Cybercriminals could use any additional communication interface or component as a point of entry. Connected devices rely on networked electronic systems and software applications. Therefore, across the board for the entire sector, safeguarding and securing these components is becoming more and more important, and therefore IoT cybersecurity becomes a necessity.
Vehicle cybersecurity needs to start with the manufacturer and extend to suppliers, engineering service providers, and software and ICT infrastructure service providers.
Cybersecurity requirements need to be incorporated into products from the concept phase through production, operation, service and decommissioning. Manufacturers must look beyond the end product to construct an organizational cybersecurity environment that facilitates the production of safe and secure devices if they intend to protect connected vehicles and their components.
A loss of trust has obvious financial consequences and impacts on both the physical safety of employees and customers.
What cybersecurity risks do vehicle manufacturers face?
Even existing connected vehicles are vulnerable to security concerns since they operate by using wireless and cellular communication interfaces. Factors such as growing demand for high-end vehicles and advancements in the electronics industry are driving the growth of the automotive electronic control unit (ECU) market.
An electronic control unit (ECU) is a small device in a vehicle’s body that is responsible for controlling a specific function.
The dedicated chip contained in each ECU runs its own software or firmware and requires power and data connections to function.
Vehicles today have up to 100 ECUs and, along with their 100 million lines of code, new vehicles provide a diverse range of opportunities for malicious hackers. ECUs from numerous suppliers further complicate issues because no single party has access to or even knowledge of all of a vehicle's source code.
With increased automation and connectivity, intelligent vehicles are evolving rapidly, creating new opportunities for various cyberattacks, such as in-vehicle assaults which include hijacking attacks, and vehicle-to-everything communication attacks, leading to data theft. These issues are exacerbated with the advancement of 5G communication technologies.
As vehicle connectivity increases and drivers and passengers become more interconnected, the usage of behavior monitoring systems, traffic management, and other innovative functions, has resulted in the generation of huge volumes of data. This raises data protection and privacy issues concerning permissible access to vehicle data. As a security breach may endanger the life of a connected vehicle’s users as well as persons nearby, it is of vital importance for manufacturers and security vendors to address the security of data and involved processes and systems.
Audit and Compliance Requirements for the Vehicle Manufacturing Industry
There is a potential for a security compromise wherever there is digital connectivity. To effectively manage cyber risk in the connected manufacturing environment, the International Organization for Standardization (ISO) and the Society of Automotive Engineers (SAE) International have created a global standard for vehicle manufacturing cybersecurity: Road Vehicles - Cybersecurity Engineering, ISO SAE 21434.
The design, engineering, production, operation, maintenance, and decommissioning stages of the vehicle's creation must all adhere to the standard. ISO SAE 21434 ensures that cybersecurity is taken into account at every stage of manufacturing digitally connected vehicles, leading to a more comprehensive and secure end product.
Without sufficient security precautions, there is a risk of data loss and data theft by hackers, as well as company breakdowns due to attacks via the web or misuse of data.
The UNECE World Forum for Harmonization of Vehicle Regulations (WP.29), has now been adopted by the European Union. WP.29 is an international vehicle manufacturing cybersecurity regulation that paves the way for connected vehicles and mitigates the cybersecurity risks posed to passenger vehicles. For new passenger vehicles sold in the European Union and other countries, the legislation defines performance and audit criteria for cybersecurity and software update management.
The cybersecurity and software update proposals adopted by WP.29 require manufacturers of vehicles and parts to implement measures to:
- Manage vehicle cybersecurity risks
- Secure vehicles by design to mitigate risks along the supply chain
- Detect and respond to security incidents across the vehicle fleet
- Provide safe, secure software updates that do not compromise vehicle safety.
The Regulation will be mandatory for all new vehicle types in the EU from July 2022 and take into consideration three lifecycle phases - development, production, and post-production, which include monitoring, detecting, and responding to cyberattacks.
Cybersecurity in Vehicle Manufacturing
Manufacturing security bridges the gap across physical and digital requirements. However, the increasing number of connected devices within the production environment opens multiple new points of attack. With this increasing threat to security, customer privacy and data integrity are also at risk, and therefore, cybersecurity measures need to be in place.
File Encryption & Tokenization
Encryption and digital tokenization are two distinct cryptographic methods used for IoT data security. The fundamental difference between the two is that, in contrast to encryption, tokenization does not change the length or type of the data being protected. Tokenization uses undecryptable information to represent secret data. Encryption necessitates the use of a cryptographic key.
Fulfilling data security and regulations such as GDPR and compliance requirements for security audits is essential. To protect data at rest and ensure only particular employees have access rights according to GDPR, data encryption is an effective security method.
To protect data in use - especially for IoT production environments - tokenization turns out to be an efficient data security method.
Tokenization turns sensitive data into non-sensitive tokens with the use of cryptographic algorithms. These tokens are an unrecognizable string of characters that are rendered unusable without the tokenization system in place and, if stolen, provide no value to cybercriminals. This is particularly important for data in use in a manufacturing environment where data is often shared with other companies and organizations or among IoT devices. To prevent this data from being accessed, modified, or stolen, manufacturers should employ tokenization, as with a tokenization solution in place, data can be shared without exposing sensitive information.
Protecting the organization's personal, sensitive, and business-critical data from unauthorized access, which allows only authorized access (users with the corresponding rights). This adds an additional layer of security to ensure a zero trust approach to compliant data management.
Identity Management and Public Key Infrastructure
The manufacturing industry’s complex and fragmented supply chain is a major factor in causing quality issues resulting in security vulnerabilities. The frequent integration of third-party components, software, communications protocols, and applications often introduces threat vectors that Original Equipment Manufacturers (OEMs) must address. Embedding ‘security by design’ into a device during the vehicle development process eliminates a multitude of risks.
Vehicle manufacturers require a certificate-based solution to provide each device with a unique identity. Identity management is essential as a foundation for data and device security as well as authenticity and integrity to ensure compliance, as it authenticates and communicates with numerous parties both inside and outside of the organization’s environment. Automotive PKI can prevent remote attacks, send security OTA updates, and protect communications.
A well-defined identity security strategy begins with the secure configuration of the environment and its various digital components, which includes their adaptability in managing and monitoring every action performed by or in tandem with it. This ensures comprehensive traceability and transparency across the whole value chain and beyond.
To keep a connected manufacturing environment secure and efficient, a Public Key Infrastructure (PKI) solution for the production line is required. A PKI system has two main components: A Certificate Authority (CA) and digital certificates. The CA is centrally managed and issues certificates to individual users or devices. These certificates allow devices to be identified and to communicate securely, providing secure identification and access management.
Every time a certificate is issued, a public / private key pair must be generated. A PKI should use a key management system to store and protect private keys.
Secure Key Generation & Storage
A PKI, however, is only as reliable as the security of the associated keys.
The trust in all components and services that rely on the PKI root key may be severely compromised as a result of malicious actors, unexpected errors, or system failures. The use of dedicated secret or key management systems can provide an additional layer of security protection. It is therefore critical to secure PKI key management to prevent threats, audit key usage and lifecycle, and ensure regulatory compliance.
A solution needs to be in place to generate, store, use, and destroy cryptographic key material and provides the functionality for secure key storage of encryption keys and use of encryption and digital signature algorithms.
It is imperative that organizations have complete control of their key inventory, preferably in a centralized location, and that all keys are secured, maintained, and supported for the generation, import, and distribution of all key types.
Key Injection for IoT
Assigning each component and each digital identity a tamper-proof cryptographic key via key injection is a well-known method for securing components and the data exchanged between those identities. This process injects a cryptographic key into the components, giving them a unique electronic identity, and increasing the authenticity of the device. This unique identity enables manufacturers to provide reliable device attestation.
The integrity of the key injection process is of extreme importance and can be achieved by using Hardware Security Modules (HSMs) to establish a Root of Trust for this process.
The cryptographic keys are generated within the secure boundaries of a Hardware Security Module (HSM) and injected into the smart component such as Electronic Control Units (ECUs), that controls the mechanics of electronic features within the vehicle.
Implementing a Cybersecurity Solution in the Vehicle Manufacturing Industry
Given the rising complexity of connected devices in vehicle manufacturing, it is necessary to safeguard smart components from the time they are manufactured until they reach the end of their lifecycle. This also applies to protecting the vast collection of highly sensitive data that is collected by them. Enhanced levels of IoT security provide protection against ransomware, cyber war, and various other cyber attacks that exploit hardware and software vulnerabilities.
The recommended steps in implementing successful cybersecurity for manufacturing are as follows:
- Protect data at rest with Data Encryption
- Ensure data security for data in use with Tokenization
- Deploy a Public Key Infrastructure (PKI) - Identity management is essential as a foundation for data and device security as well as the authenticity and integrity of parts
- Securing PKI management by having a reliable Key Generation and Storage solution in place
- Ensure that every device and component is given an identity through Key Injection.
Manufacturing cybersecurity should be taken into consideration to provide manufacturers with a complete, efficient, and effective cybersecurity solution for preventing the risks posed by hacks of product-control systems and theft of customer information.
To ensure a comprehensive cybersecurity environment, a multi-faceted approach is required. By proactively addressing cybersecurity challenges, any associated security risks can be mitigated in the designing and building of modern vehicles, vessels, agriculture machines, and vehicle systems.
Find out more about how a Control Systems manufacturer successfully integrated Utimaco’s key injection and Public Key Infrastructure solutions, enabling them to fulfill all essential compliance and cybersecurity requirements.
