For the past century, the concept of safety in the automotive industry has been “so long as you step on the brakes, the car can stop”. Today, this is no longer enough.
Now, in-vehicle software accounts for 25-30% of a car’s value; five years from now, it will account for up to 40%. Alexander Kocher hopes that his own predictions will come true. If so, Elektrobit, where he serves as the President and Managing Director, would have the most to gain. The German automotive software supplier giant is a subsidiary of Continental AG and has been developing automotive embedded and connected software for more than 30 years. Today, one focus of their business is automotive digital security.
In Kocher’s view, a car is more and more like a smart terminal, but its safety problem is much more difficult than a mobile phone or a computer, because it is related to personal safety, which requires companies that provide solutions to understand both the mechanics and hardware of the car, at the same time, be up to date with the latest information security technologies. The reality is that no single company can lead in all aspects, and this is back to the old question: how traditional car suppliers work with IT companies.
K= Alexander Kocher
Y: Nowadays, when people talk about the digital security of vehicles, the idea of “hacker-controlled cars” comes to mind. In reality, though, what does digital security actually mean for a car?
K: We can understand the concerns of the average user. Indeed, as more cars become connected and thus become smarter, digital security will become more and more important.
However, vehicle safety entails a huge system. First, we must ensure functional safety. In the first 100 years of the automotive industry, it was guaranteed that the car would stop as soon as you step on the brake pedal, or when you turn the steering wheel to the left. This involves a great deal of hardware and software issues. Even functional safety is closely related to software and data because there are complex electronic control units (ECUs) within the car’s engine and gearbox.
Next up is digital security, which more and more people are starting to care about. This includes both user privacy security and also digital transmission security for over-the-air (OTA) programming updates.
Third, which everyone cares about, is the security of the driving environment, so that attacks will not lead to traffic hazards.
The fourth dimension goes beyond the car itself and includes the safety of the entire transportation network, including traffic signals, buildings, and ancillary facilities. Where do cars go to charge? How can we avoid traffic jams? How can we plan out the best routes? Data security is also the basis for answers to these kinds of questions.
Y: As you say, the future car is no longer a closed system but rather a terminal that will continuously output and input information. What is the difference between security in this respect and the kind used in mobile phones and computers?
K: From a technical point of view, cars may not be much different from mobile phones and computers in this respect. They all must prevent attacks from the outside. However, compared to mobile terminals, the security requirements for cars have to be much higher. If you are sitting in a car (which may be an autonomous vehicle in the future), moving from point A to point B at 100 km/h, you certainly do not want anyone to be hurt in the process. Because of the personal safety involved, safety standards for in-vehicle software systems are very high in all aspects. On another level, you might only use a mobile phone for twelve months. As for a car, you might use it for 15 years. This places much higher requirements on safety.
So, there have to be multiple redundant systems in place within a car to ensure passenger safety. You can compare it to the civil aviation industry. Because a civil aviation aircraft involves hundreds of lives, it will have a three-layer redundancy system. Cars have at least two-layer redundancy systems. This makes the technology very complex.
Y: Your company, Elektrobit, has been in the automotive software industry for more than 30 years. From a supplier’s point of view, how has the current emphasis on digital security changed for car companies?
K: Within the industry, in-vehicle digital security has been a topic of discussion for over two decades. From the beginning on, we were discussing vehicle safety, such as in-vehicle anti-theft systems, where you can still protect your data through remote communications or even find your car if it is stolen. Also, if you are buying or selling a used car, you certainly do not want businesses to be able to modify the mileage. We began this kind of research approximately 20 years ago.
The trend towards connected cars began about five to ten years ago, especially after Tesla’s Model S, which offered so-called OTA updates. Before then, cars still had certain in-vehicle system updates, such as the familiar GPS navigation and infotainment system updates. I still remember way back when my car was updated with CDs and DVDs and we had to make sure that they would not infect the car with viruses.
The most important trend of the last five years has been that new architectures have begun to be adopted for vehicle software systems, rather than the previous iterations where ECUs of different components were independent of one another. Now, we are beginning to see more and more integrated architectures. Together with the popularity of OTA programming, this is a completely new iteration of automotive digital security systems.
Y: You mentioned that new technology makes cars more like mobile terminals. Is this why IT companies have entered the automotive security field in large numbers?
K: You’re right. There are already a lot of companies from other industries that have entered this market. As I mentioned earlier, in terms of technology, digital security technology in cars is similar to that of other terminals, so it’s natural for IT companies to enter this field. There are many ways to enter, but the most common one is through collaboration, such as our recent work in autonomous driving with Baidu’s Apollo platform. Another way is through acquisitions, such as when our parent company acquired Argus Cyber Security, an Israeli information security company, in 2017 and merged them into our Elektrobit. Their technology comes from Israeli intelligence agencies, and their capabilities in terms of data security are precisely what the automotive industry needs at this point. Of course, there is also the reverse kind of acquisitions, where IT companies have acquired automotive industry suppliers to enter this industry.
Y: Are you worried about outside competition?
K: Yes and no. I trust that you have also noticed that the entry of new companies will always be tied to relationships with traditional companies. Whether it be through collaboration or acquisition, they never enter alone. This is because of how unique vehicle safety problems are. Just as I mentioned earlier, as they involve personal safety, the requirements are strict. Because they involve a combination of both software and hardware, you have to understand that the entirety of both problems as well as its solution will be very complex. We have seen several accidents within this industry, and it may be that new companies ignored the nuances and complexities of vehicles.
I, personally, have been in many different companies. If a company that is purely IT-based wants to enter the automotive industry, the results may not be so good because the know-how it takes is very complicated. Take, for instance, OTA programming that everyone is so interested in. The protocol for transferring data from the cloud to the car is uniform, but the question is which control unit uses which data after it passes into the car. Different car companies have different requirements for different models, and that puts high demands on customization capabilities.
So, the best way for a new company is to join hands with an old one. Take, for instance, the collaboration between our Elektrobit and Baidu Apollo. Through close talks, we ultimately reached a consensus that we must exert our respective advantages in order to have a practical impact on the automotive industry.
Baidu excels in autonomous driving technology and infrastructure. Likewise, we excel in infrastructure security technology. As such, at this stage, we provide infrastructure (basic software) technical support for Apollo’s advanced ACU (Apollo Computing Unit) autonomous driving computing platform. On the other hand, we can provide consulting services for companies like Baidu, telling them what car makers want and how to build architectures suitable for production models.
There are actually a lot of examples like this, such as our work with Amazon Alexa, where we helped them integrate their voice technology into car systems, or our work with Microsoft on cloud-based validation for automated driving.
Y: As cars become smarter and more connected, what are the challenges in security technology amidst this transformation?
K: I am very optimistic. I think this change poses a huge opportunity for software. Only by building a solid, seamless, and defect-free software architecture we can manage highly complex road conditions and vehicles. So, for a company that knows how to build architectures, our importance in the automotive supply chain will grow in the future.
Of course, the challenges are also great. Now, we are no longer working with just a single controller. Instead, there may be multiple cores and multiple operating systems. The good news, though, is that these technologies are readily available. We only have to adjust them according to the vehicle’s requirements.
What consumers need to understand is that vehicle safety standards will not be lowered because of new technologies. As long as vehicle standards are strictly followed, digital security can be guaranteed.
Alexander Kocher is the President and Managing Director of Elektrobit. Elektrobit (EB) is a global supplier of embedded and connected software products and services for the automotive industry, offering flexible, innovative solutions for connected car infrastructure, human machine interface (HMI) technologies, driver assistance, electronic control units (ECUs), and software engineering services. EB provides support and service for over one billion devices in more than 100 million vehicles worldwide.