The Government has published new guidance that aims to see a new generation of internet-connected cars better protected from hackers, including using a ‘defence in depth’ approach.
This approach is where security ‘does not rely on single points of failure, security by obscuration or anything which cannot be readily changed, should it be compromised’.
Under this system, security architecture applies segmented techniques that seek to mitigate risks with complementary controls in an attempt to ensure no one failure can bring down the whole.
Other aspects of the defence-in-depth are that design controls to mediate transactions across trust boundaries must be in place throughout the system while remote and back-end systems, including cloud based servers, that might provide access to a system have ‘appropriate levels of protection and monitoring in place to prevent unauthorised access’.
Launching the guidance, transport minister Lord Callanan said: ‘Whether we’re turning vehicles into Wi-Fi connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks.
‘Our key principles give advice on what organisations should do, from the board level down, as well as technical design and development considerations.’
The documented eight key principles for use throughout the automotive sector, the connected and autonomous vehicles and intelligent transport system ‘ecosystems’ and their supply chains.
1 – organisational security is owned, governed and promoted at board level
2 – security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain
3 – organisations need product aftercare and incident response to ensure systems are secure over their lifetime
4 – all organisations, including sub-contractors, suppliers and potential third parties, work together to enhance the security of the system
5 – systems are designed using a ‘defence-in-depth’ approach
6 – the security of all software is managed throughout its lifetime
7 – the storage and transmission of data is secure and can be controlled
8 – the system is designed to be resilient to attacks and respond appropriately when its defences or sensors fail
The guidance has been produced by the Department for Transport in conjunction with the Centre for the Protection of National Infrastructure.