Address the security vulnerabilities and challenges introduced by today's connected vehicles

Automotive original equipment manufacturers (OEM) and their suppliers rely on Entrust nShield® HSMs for our expertise and experience in building data protection strategies. Our technology enables the root of trust needed to advance connected vehicle security and scale to meet the industry’s evolving demands.

    Challenges

    Attacks Via Connected Components

    The addition of more connectivity to support vehicle infotainment systems, maintenance monitoring, and much more, opens up new potential attack vectors. And a vulnerability in one area could expose the whole system, as advanced attackers seek out pivot points to exploit.

    Compromised Telemetry Transmissions

    Telemetry data, which can be used for maintenance tracking or consumer devices plugged into the on-board diagnostics (OBD II) port, must be protected – in motion or at rest – in accordance with regional privacy mandates. Data transmitted by connected components needs to be authenticated to be sure it’s from a trusted source.

    Unsecured Software and Firmware Updates

    Like other connected devices, today's connected cars comprise components that may require software or firmware updates. Whether delivered over-the-air or at a service center, code updates sent to connected components present the potential for malicious behavior, as well as unintended errors or violations of organizational policies.

    Solutions

    Connected Component Authentication

    To prevent against unsecured components interacting with vehicle systems and introducing malware or providing a pathway for an advanced attack, components need to be authenticated. Entrust nShield HSMs, along with supporting security software, enable manufacturers to give each connected component a unique identification that provides a root of trust along with the foundation for an effective public key infrastructure.

    Protected Data-in-transit

    Encrypting telemetry and other data transmitted to/from the vehicle to support vehicle maintenance tracking or a vehicle-to-vehicle/infrastructure ecosystem, provides protection against data theft and other compromises. Entrust nShield HSM products enable the authentication of connected components and provide encryption of data-in-transit to ensure data can be trusted.

    Strong Code Signing

    To ensure the integrity of software and firmware updates, and defend against the risks associated with code tampering or code that deviates from organizational policies, the code must be signed using a strong methodology. The recognized best practice entails using private keys protected by hardware security modules.

    Benefits

    Defense Against Malware and Brand Damage

    Establishing cryptographically-based digital identities for connected vehicle components and securing code updates against tampering help to protect against malware and code tampering, thus safeguarding against unwanted sophisticated attacks, unauthorized modifications to vehicle performance and reputational damage.

    Protection of Sensitive Data

    Securing the transmission of telemetry data and other information broadcast to/from the vehicle helps to protect against data loss and the compromise of vehicle and driver safety. Protecting data in transit also helps fleet operators safeguard sensitive information about their vehicles and cargo.

    Opportunities for Improved Customer Service and Revenues

    With strong authentication in place, components can receive over the air (OTA) software and firmware updates, presenting a significant opportunity for manufacturers, who could open up new revenue streams and enhance driver satisfaction with the introduction of new features, while reducing the cost of issuing updates.

    Resources

    Solution Briefs: Connected Vehicle Security Solution Brief

    New vehicles offer advanced features and functionality - along with vulnerabilities. Learn how Entrust nShield HSMs deliver solutions that help secure the connected vehicle....

    Use Cases

    Related Products

    Chat Now