Secure Vehicle Architecture

Today automotive innovation is primarily driven by electronics and software. Modern connected cars contain up to 100 control units (ECUs), managing everything from infotainment systems through to safety-critical systems. And more of these in-vehicle systems are connecting to external networks like the internet.

This enhances consumer experience and vehicle safety, but it also makes the connected car more vulnerable to cyberattacks. Hackers are often trying to gain access to confidential (user) information, but their aim may also be to take over control of the vehicle. To mitigate the risk of system interference or data misuse, we enable the safeguards for the entire vehicle architecture with a comprehensive defense-in-depth solution.

4+1 Layers of Defense

Our 4+1 layer security framework provides a holistic approach for securing the entire vehicle architecture, using a defense-in-depth strategy complemented by our leading secure car access products.

Each layer has its own specific security challenges, affecting both hardware and software components. We address each layer individually to provide the right level of protection and countermeasures for the different elements of the architecture. This structured approach delivers multiple levels of defense, starting from the vehicle perimeter (interfaces), all the way down to the individual computers (ECUs) that implement the vehicle’s features, and ensures there are no weak links in the chain. It can also be managed during its entire lifecycle, using for example active key management and secure firmware updates.

Defense in Depth

1. Secure Interfaces

Connect the vehicle to the outside world. Security measures include protection against data theft and strong machine-to-machine authentication to prevent unauthorized access.

2. Secure Gateway

At the heart of operations between interface and network – responsible for domain isolation, separating elements such as interfaces, infotainment and safety-critical systems.

3. Secure Network

Protecting communication between ECUs and employing countermeasures that protect against data theft, network and message manipulation, and inside attacks from any compromised ECU.

4. Secure Processing Units

The ‘brains’ of the car. ECUs continuously generate, process, exchange and store large amounts of valuable (sensitive) data making them an attractive target for hackers, They require firmware protection and update provisioning, in the form of secure boot and secure OTA updates.

Featured Videos