Connected Vehicle Security

Thales' data protection solutions address the security vulnerabilities and challenges introduced by today's connected vehicles.

Connected Vehicle Security

Automotive original equipment manufacturers and their suppliers rely on Thales e-Security for our expertise and experience in building data protection strategies. Our technology enables the root of trust needed to advance connected vehicle security and scale to meet the industry’s evolving demands.

Attacks Via Connected Components

The addition of more connectivity to support vehicle infotainment systems, maintenance monitoring, and much more, opens up new potential attack vectors. And a vulnerability in one area could expose the whole system, as advanced attackers seek out pivot points to exploit.

Compromised Telemetry Transmissions

Telemetry data, which can be used for maintenance tracking or consumer devices plugged into the on-board diagnostics (OBD II) port, must be protected – in motion or at rest – in accordance with regional privacy mandates. Data transmitted by connected components needs to be authenticated to be sure it’s from a trusted source.

Unsecured software and firmware updates

Like other connected devices, today's connected cars comprise components that may require software or firmware updates. Whether delivered over-the-air or at a service center, code updates sent to connected components present the potential for malicious behavior, as well as unintended errors or violations of organizational policies.

Connected Component Authentication

To prevent against unsecured components interacting with vehicle systems and introducing malware or providing a pathway for an advanced attack, components need to be authenticated. Thales HSMs, along with supporting security software, enable manufacturers to give each connected component a unique identification that provides a root of trust along with the foundation for an effective public key infrastructure.

Protected Data-in-transit

Encrypting telemetry and other data transmitted to/from the vehicle to support vehicle maintenance tracking or a vehicle-to-vehicle/infrastructure ecosystem, provides protection against data theft and other compromises. Thales products enable the authentication of connected components and provide encryption of data-in-transit to ensure data can be trusted.

Strong Code Signing

To ensure the integrity of software and firmware updates, and defend against the risks associated with code tampering or code that deviates from organizational policies, the code must be signed using a strong methodology. The recognized best practice entails using private keys protected by hardware security modules.

Defense Against Malware and Brand Damage

Establishing cryptographically-based digital identities for connected vehicle components and securing code updates against tampering help to protect against malware and code tampering, thus safeguarding against unwanted sophisticated attacks, unauthorized modifications to vehicle performance and reputational damage.

Protection of Sensitive Data

Securing the transmission of telemetry data and other information broadcast to/from the vehicle helps to protect against data loss and the compromise of vehicle and driver safety. Protecting data in transit also helps fleet operators safeguard sensitive information about their vehicles and cargo.

Opportunities for Improved Customer Service and Revenues

With strong authentication in place, components can receive over the air (OTA) software and firmware updates, presenting a significant opportunity for manufacturers, who could open up new revenue streams and enhance driver satisfaction with the introduction of new features, while reducing the cost of issuing updates.

Solution Briefs : Connected Vehicle Security Solution Brief

New vehicles offer advanced features and functionality - along with vulnerabilities. Learn how Thales delivers solutions that help secure the connected vehicle....

Download

Case Studies : ZF Friedrichshafen AG Secures Wireless Manufacturing with Thales HSMs

ZF Friedrichshafen AG Secures Wireless Manufacturing with Thales HSMs to protect mission-critical processes and meet regulatory requirements....

Download

Data Sheets : ASG PKI Consulting Services Data Sheet

Thales Public Key Infrastructure (PKI) Consulting Services help your business design and deploy a self-managed PKI customized to meet your specific needs. Based on Microsoft Active Directory Certificate Services® as well as open source and other applications, Thales will help you establish the critical root of trust to ensure that your enterprise applications run securely....

Download

Посмотрите интерактивное демо Подробнее
Записаться на демо Записаться
Свяжитесь со специалистом Свяжитесь с нами