The dawn of the “intelligent” car is here. Vehicle manufacturers can now provide on-demand entertainment, smart sensor safety applications, and autonomous driving. Intelligent vehicles are filled with a variety of sensors, processors, software, and displays that are increasingly being connected to the internet. Increased computation complexity and connectivity will demand greater computing power, application support, and heightened security that pose significant cost and design challenges for manufacturers.
Convenience is the new basis of competition in the automobile industry. Cars are starting to offer customized “infotainment” experiences to users, similar to smart phones. The possibility of banking, paying bills, and shopping right from your vehicle will soon become a reality. In addition, the United States Department of Transportation’s (DOT) National Highway Traffic Safety Administration has been studying and announced plans to move forward with vehicle-to-vehicle (V2V) networking to provide collision warnings in light vehicles. With these new innovations, vehicles will be connected in several different ways both to the internet, infrastructure, and each other. However, each new connectivity port also opens up a point of attack to internal computing platforms.
Most attacks on information systems originate from external sources through system inputs. When vehicles are allowed access to the global internet, anyone can launch an attack against the internal electronic systems. The only way to prevent these complex systems from being compromised is by providing secure separation between information domains or applications. Using similar techniques found in critical avionics and military systems, intelligent vehicle platforms can partition computing domain according to system criticality level and provide narrow communication paths between partitions on a need to know basis.
Pair these new communication capabilities with technologies such as GPS, cameras, proximity sensors, machine actuators, touch screen displays etc. and manufacturers will struggle to manage the cost and integration of the overwhelming choices of processors, operating systems, applications, devices, and drivers. Utilizing a single monolithic operating systems as a vehicle host platform faces the traditional OS problems with limited app and device driver support, and exposes major safety and security problems due to insufficient kernel and application separation control.
Hypervisors show a promising path that will allow vehicle platforms to run best in breed application and device support, allowing a mixture of different OSes and applications to run concurrently on a consolidated platform. However, the selection of hypervisors is an arduous task when considering security, as most hypervisors do not offer any more protection and segregation from safety critical data and general applications than a monolithic operating system.
The LynxSecure Separation Kernel Hypervisor solves these complex issues with its full virtualization guest OS support and least privilege design. LynxSecure guarantees that a configuration of segregated applications or hardware can be verified to match the original specification. In addition, the very small Trusted Computing Base (TCB) disallows any unprivileged applications or malicious agents from accessing private information or compromising the safety critical applications. With the increasing number of emerging vehicle-hosted applications such as collision avoidance and toll payments, this separation becomes vital. Traditional software mechanisms can only provide assurance down to the operating system level and are still at the mercy of the operating system’s kernel or the device drivers that control the hardware. With LynxSecure, you are guaranteed that hardware memory resources have been segregated to the configuration specification because the hardware has been programmed to match it.
“Intelligent” vehicle technology opens up a wide range of possibilities with traffic safety and communication. With the deployment of these new technologies, addressing safety and security from the ground up is paramount. LynxSecure provides a robust foundation for protecting critical applications and allows for future expansion of vehicle capabilities without re-tooling of vehicle equipment while maintaining a high level of assurance.
Read more information about LynxSecure Separation Kernel Hypervisor.