Digital Trust in
connected critical
systems
Nick Cook, Chief Innovations Officer
What is Digital Trust?
People, machines and organisations need to be able to digitally trust each other.
• Trust is built using layers of controls within an ecosystem
• Secure hardware execution and trusted applications
• Data flow and reaction security
• Physical security
• Strong identity is a key component of trust
• If you can’t determine someone or something is who or what they say they are, you cannot trust it
• Trust isn’t one time; it needs ongoing, sustainable management
What is Digital Trust in the ‘connected
car’?
Importance of Digital Trust to Functional Safety
Connected critical components must be able to trust
each other
• Components are becoming connected – no longer in islands of
connectivity
• Secure maintenance is critical
• In-vehicle radio connections – e.g. smartphone as important to
consider as long range wireless connections
• Need to consider both trust at POST but also ongoing during
operation
• Run time trust is important to establish
Digital Trust: Functional Safety
Being connected emphasizes need for authentication
& signatures
• What authentication / signing is required?
• What / who must check?
• Is there any forensic support required? For what purpose?
• Where are the system boundaries?
• Sensors vs gateways
• What are the constraints on the algorithms that can be used?
• What impact is there on the selected hardware?
Digital Trust: Functional Safety
Being connected emphasizes need for creating secure
managed application silos
• Separation of concerns important
• Architect for different types of service on the same processing
node
• How are the “containers” going to be updated?
• System as a whole needs a clearly obtainable “status” check
capability
So how do we achieve digital trust?
Digital Trust from Silicon to Services
A complex ecosystem made simple
• In-vehicle is the same • Chain of trust critical
Implementation
Cybercriminals are super-sophisticated at exploiting
vulnerability.
• Hardware backed crypto material
• Smart chips
• TPM
• UICC
• TEE
• Execute in protected / silo environments
• Managed apps and outlets
• Create and maintain digital identities
Identity and Credentials Management
The key to achieving trust
• Establish the person or device is who or what it claims to be
• Delivery of identities locally or over the air
• Locking down credentials
• Ongoing lifecycle management
• Transfer ownership securely – temporarily or permanently
• Revoke permissions
• Secure processes and policy must be applied
Hardware container management / Trusted Apps
Trusting the software that is running
• Utilize protected execution environments to run security critical
software
• Have end to end security management of the protected
environment and the apps that run inside it
• Be able to OTA update apps securely
• Make it simple to access – readily available
To conclude…
Summary
If connected cars are to become trustworthy, a new ’normal’ needs to be established
• A three-tier approach must be applied as appropriate (trust the device, trust the person, trust the application)
• Robust, standards-based, security framework
• Strong authentication & signing is important
• Consumer-grade ease of use
• Enterprise-grade security
• Lifecycle management is critical
• Collaboration is required