Слайд 0
The New Assembly Line
3 BEST PRACTICES FOR BUILDING
(SECURE) CONNECTED CARS
Слайд 1
Connected cars are about to change
the auto industry’s assembly line.
Слайд 2
Vehicles are becoming computers on wheels
and now have more in common with your
laptop than they do the Model T.
Слайд 3
Just as smartphones have supplanted nonInternet-connected phones, connected cars
will supplant non-Internet-connected cars.
Слайд 4
Auto manufacturers need to become
software companies if they want to
survive into the 21st century.
Слайд 5
The auto industry must now consider cybersecurity
as an integral part to how cars are built, just as
physical safety became a critical part of how cars
were built in the late 20th century.
Слайд 6
When an industry without experience from the
front lines of Internet security begins connecting
its products, one of two outcomes often occurs.
Слайд 7
When an industry without experience from the
front lines of Internet security begins connecting
its products, one of two outcomes often occurs.
If there are clear security
best practices, then most
companies will (hopefully)
implement those best
practices.
Слайд 8
When an industry without experience from the
front lines of Internet security begins connecting
its products, one of two outcomes often occurs.
If there are no clear best
practices, companies will likely
make a lot of security mistakes,
resulting in major cybersecurity
problems down the road.
Слайд 9
How do we make cars
resilient in the face of
cyberattacks?
Слайд 10
How do we make cars
resilient in the face of
cyberattacks?
In our research, we have found that if the auto industry is to
build vehicles that are resistant to cyberattack, they must
implement three important measures.
Слайд 11
1
An over-the-air update process: Ideally without the owner having
to subscribe to a separate service.
Isolation of vehicle and infotainment systems: With this in place, it’s
important that any gateway systems receive an extreme amount of
security scrutiny.
Hardening each individual component: A resilient automotive
cybersecurity architecture should assume that attackers will
compromise some component (e.g. the web browser). That single
component compromise should not affect the functionality of the
system as a whole.
Слайд 12
An over-the-air update process: Ideally without the owner having to
subscribe to a separate service.
2
Isolation of vehicle and infotainment systems: With this in place,
it’s important that any gateway systems receive an extreme
amount of security scrutiny.
Hardening each individual component: A resilient automotive
cybersecurity architecture should assume that attackers will
compromise some component (e.g. the web browser). That single
component compromise should not affect the functionality of the
system as a whole.
Слайд 13
An over-the-air update process: Ideally without the owner having to
subscribe to a separate service.
Isolation of vehicle and infotainment systems: With this in place, it’s
important that any gateway systems receive an extreme amount of
security scrutiny.
3
Hardening each individual component: A resilient automotive
cybersecurity architecture should assume that attackers will
compromise some component (e.g. the web browser). That single
component compromise should not affect the functionality of the
system as a whole.
Слайд 14
Read Hacking a Tesla Model S: What we found and what we learned
Слайд 15
