In modern vehicles, the security of human beings should be a top priority. Technologies such as airbags, lane-assist, or automatic brake systems are constantly improved to save more lives on the road. One aspect that is often denied sufficient security measures, is out of all things, a feature that most of these life-saving technologies rely on heavily - software.
Automotive Software Security Is Becoming More Important
Due to the high output rate expected of automotive manufacturers, application security is often quite low on their priority list. Instead, manufacturers focus on problems that are more visible to the customer, such as functional bugs in the human-machine interface. This approach works fairly well to reach short-term goals. But in the long run, this strategy is destined to fail, as the cost of a recall due to insecure software can easily exceed the cost of an early investment in the right security measures by hundreds of millions of dollars. Additionally, more and more industry standards such as ISO 21434 require automotive firms to prioritize software security, including many requirements for continuous and automated software testing.
One of the main reasons why major automakers don't seem to be too concerned about their security and diagnostic software is that there were only a few reports of attackers gaining access to vehicles. This is no surprise since the software that can be hacked remotely is fairly new in vehicles. However, this has changed rapidly over the last couple of years, and vehicle manufacturers should definitely be more concerned about their software security. Let’s look into an example...
Hacking a Jeep Is Surprisingly Easy
While most hacks were conducted analog in older vehicles, the abundance of connectivity platforms in modern vehicles exposes them to remote attacks. As early as 2015, security researchers managed to remotely hack a Jeep Cherokee, while a forewarned reporter was driving it down the highway.
The attackers basically gained control over the whole system, through a vulnerability within UConnect, which is a web-connected entertainment and navigation unit. While the poor reporter was going down a highway, the researchers toyed with the AC, windscreen wipers, and speaker system. Eventually, they shut off the engine completely, leaving the reporter almost at a complete halt with nowhere to go, and an 18-wheeler approaching from behind!
This example highlights just how dangerous vulnerabilities in automotive software can be. The two researchers conducted the hack from over 10 miles away, but they could have just as well done it from the other side of the planet. The breach resulted in 1.4 million vehicles being recalled, causing hundreds of millions of financial damage to Jeep.
Automotive Software Has to Be Reliable and Secure
The example above highlights how far-reaching the consequences of vulnerabilities in automotive software can be. Making our vehicles more reliant on software has made cars more secure and efficient. Nonetheless, this digitalization of vehicles has been swift and recent, which created an imbalance between the level of software dependency and software security in modern cars. If exploited, this imbalance would be a huge risk to public safety.
This should not be one of these instances where something needs to go horribly wrong for us to understand that we need to take action. Especially because it can be so simple! Given the incredible feats that have already come out of the automotive industry, keeping up with the technological advancements in appsec should be achievable as well.
3 Steps That Will Help You Develop Secure Automotive Software
Below, we have collected three proven effective measures to improve the security and quality of automotive software.
1. Foster a Security Culture
The first step towards secure software is cultural acceptance. Automotive companies need to build a culture in which each and everyone involved in the SDLC (software development lifecycle) understands the importance of security and feels responsible for it. This requires a conscious commitment from management and developers alike. To enforce a security culture, tooling, valuers and common practices need to be re-evaluated.
2. Shift Left
Most automotive companies test their software after product release, which is clearly too late. To ensure that software vulnerabilities do not make it to the late stages of software development, it is crucial to conduct security tests directly within the different delivery teams and throughout the entire SDLC.
“Shifting left” i.e. implementing early testing, will cost money and time, but compared to the cost of fixing bugs in the late stages of software development or even recalling millions of vehicles, these costs are insignificant. If you want to find out more about the resources that can be saved by early testing, we recommend reading up on the rule of ten.
3. Use Feedback-Based Fuzzing in Automotive Software
In most automotive companies, static application security testing (SAST) or dynamic application security testing (DAST) are used. However, these approaches, are somewhat inefficient, as SAST is unable to detect runtime issues and DAST requires a lot of manual effort and produces countless false-positive test results.
An alternative to these traditional methods is a testing procedure built around feedback-based fuzzing. A feedback-based fuzzer uses feedback about code coverage from previous inputs to create new inputs that penetrate deeper into the software. This allows it to detect bugs that are hidden deep within the source code. Modern fuzzing platforms such as CI Fuzz are highly automated and produce basically no false positives - perfect for automotive software development.
Build Secure Automotive Software
Automotive companies need to make software security a priority and implement appropriate security measures before it is too late. This will not only make our roads safer, but also save time, money, and nerves. DevSecOps and automotive fuzzing tools offer great solutions that manufacturers can implement to prevent crashes, and thus improve the efficiency and accuracy of their testing efforts while minimizing costs.
