Getting Serious About Automotive Cybersecurity
The automotive market is finally beginning to take cybersecurity seriously, according to BlackBerry Chief Technology Officer Charles Eagan. “The chief information security officers of the automotive companies are aware of it. They are trying to build things in a secure way.”
However, there are decisions still to be made on implementation.
“General awareness is a good starting point, and certainly all the automotive OEMs and Tier Ones are looking to find novel technologies. With the advent of 5G we're no longer taxing connectivity. We're bringing high-bandwidth, always-on connectivity to the automobile, so that's going to be a game changer as well, because the thin straw of data wasn't as much of a threat. You couldn't do as much damage as quickly.”
What happens when that thin stream of data connectivity to our vehicles becomes a torrent? Eagan talked about these issues and more during the fourth episode in Season 2 of “Get In: The Software-Defined Vehicle Podcast from BlackBerry.” This series explores the possibilities created by — and technologies behind — the revolution in global transportation we are witnessing today.
We recorded our video podcast during the 2023 Consumer Electronics Show (CES) in Las Vegas, where Eagan was on-hand to discuss BlackBerry’s pioneering efforts in the delivery of secure platforms for automotive and IoT (Internet of Things) applications. In this interview, he shares how BlackBerry is delivering the features required to drive a safe and secure software-defined vehicle (SDV) future.
Watch "Get In: The Software-Defined Vehicle Podcast from BlackBerry," Season 2, Episode 4, below.
SDV Cybersecurity and How to Get It Right
Automotive security for the new generation of SDVs must necessarily be built on what was developed during previous eras of computing.
“Each time there's a new technology revolution, we learn from how we did the previous one,” says Eagan. “In the way that mobile phones are more secure than laptops, vehicles will benefit from the knowledge from laptops and phones and networks. We've got some good tools in our tool belt, so I'm optimistic that we'll figure it out,” Eagan says.
“We need our best partitioning and containment and detection, and we need prevention. Some people don't try to do prevention because they don't believe that it's possible. But prevention is possible. If you apply the right kind of technology, you can minimize the damage from an attack.”
SDV Cyberattack Response Time is Critical
The real-time nature of automotive systems poses a particular problem, however. OEM partners have chosen BlackBerry and its Cylance® AI-based cybersecurity portfolio to utilize a mature AI cybersecurity platform. This is particularly important as smart cities and vehicle-to-vehicle infrastructure emerge, because in that highly automated, high-speed environment, there will be mere seconds to respond to threats. “This is why there's so much focus on how control systems are run in a vehicle,” Eagan says. “You need to be able to react in a very short time to get to a safer state.”
The complexity of automotive systems is only going to increase, which is where the BlackBerry® QNX® hypervisor technology comes in, according to Eagan. The QNX microkernel technology can segregate software stacks within a system, in a secure way. “That means all the components are running in an isolated space, communicating with messaging — unlike Linux, where for example, a device driver and Linux are running in kernel space and, if compromised, can fully attack the system. In QNX, the device drivers don't run in kernel space; everything is partitioned, so if you want to contain something that is malicious, QNX is a powerful platform.”