Read more at www.harmaninnovation.com HARMAN: Securing Connected Infotainment Systems Against Hackers Connected vehicles can offer a gateway for cyber criminals to hack into automotive systems. How can infotainment systems help automakers combat this threat?
Hackers are the new highway threat The security challenge of auto infotainment connectivity
Hackers are the new highway threat The security challenge of
auto infotainment connectivity
Carhacking is a 21st century crime. Connected cars can offer a
gateway for cyber criminals to hack into systems.
How can next-generation infotainment systems be equipped to
firewall vehicles against highway hackers?
Latest infotainment systems provide full internet connectivity
with all the benefits of real-time updates and information but such
access can also be an open door to malicious software.
Once on the system, a virus could disrupt the operation of the
infotainment system, causing errors in music playback, navigation
and potentially corrupt the multimedia display.
Equally intrusive, malware could lurk unnoticed on a system,
and siphon any personal and private information that may be on the
infotainment hub or contained on linked devices, back to another
And thats just for starters.
By far a bigger concern is the potential for malware to migrate
via the infotainment system to other in-car networks such as the
controller- area-network bus (CAN bus). This links infotainment to
the vehicle's critical systems. By connecting a laptop to a car's
on-board diagnostic port and hacking the vital systems, attackers
could in theory seize control of the engine and brakes.
It is the internet connection that provides the gateway for
hackers. In addition to LTE connections, there are also threats
posed from smartphone Bluetooth, WiFi, and NFC connectivity as well
as the increasing trend of BYOD (Bring Your Own Device) consumer
All modern vehicles contain multiple electronic control units
(ECUs) and independent systems, integrated networks such as CAN bus
and Ethernet networks that are used to link the operation of
various components. The infotainment system is on one hand linked
with these systems to access information from the speed sensor or
other safety-critical ECUs and on the other hand connected to the
internet, from where attacks could come from.
How a hybrid architecture can resolve the automotive security
The security architecture of the infotainment system has to be
even more robust than that of the typical mobile device. It must
protect the vehicle and the occupants from all kinds of threats
such as malware, denial of service, and other malicious
The only viable approach is to firewall the car functions from
the infotainment side of the system by hardware and software
security mechanisms to act as a barrier between malware and an
infotainment system. This includes secure boot, data encryption,
network securities and a protocol to isolate 'crashed' or
'compromised' parts of an infotainment system from other connected
components and networks but also more importantly an infotainment
system with two separate domains.
The next-generation scalable infotainment system architecture
from HARMAN uses multi- core processors with a type 1 hyper-visor
to implement segregated domains with separate operating
The application domain, running e.g. Linux with HTML5 as the
application environment, offers a first line of defense with the
proven security techniques used by mobile devices, such as secure
boot, data encryption, and network securities. These security
technologies already offer a strong defense against cyber attack.
The vehicle domain, which runs the critical car functions, is
completely isolated from the application domain through the
Both domains can run the same operating system, e.g. Linux, or
different systems, e.g. QNX in the vehicle domain, and Linux in the
application domain. The split-level architecture ensures the
vehicle domain remains separate: in the event malicious code
penetrates the application domain, it is firewalled from affecting
the critical vehicle functions these remain free from threat.
4G architectures also have a role to play in care security.
Running the infotainment system via cloud makes it possible to
bypass local software, and provides access to powerful, robust and
secure servers for both processing and security. The server streams
the required infotainment functions to the vehicle, significantly
lowering the risk of malicious software being downloaded into
By combining these techniques in its unique, industry-first
split-domain architecture, HARMAN offers a strong firewall between
the two domains and makes the system extremely robust and resistant
to hacking threats. Given the topicality of connected cars,
automakers and drivers will seek ways to keep their vehicles secure
to new threats.
Developments such as HARMANs hybrid architecture point the way
forward to meet these increased security requirements.