Java Card Forum

Vehicle Communication Security

vehicle

In a world of connected or even autonomously driving cars, privacy, integrity and confidentiality of the data exchanged must be paramount:

  • Data communication within the vehicle network
  • Data communication from the vehicle to the cloud or roadside equipment (e.g. geo-location, vehicle specific data, traffic conditions,…)
  • Data communication from the cloud or roadside equipment to the vehicle (e.g. remote diagnostics, SW updates, …)
  • Data communication from the user (owner, driver, fleet manager,…) to the vehicle via the mobile device

Java Card based solutions can help to protect and manage the identities of vehicles, their components and their owners / users / drivers from the time of production over the entire lifecycle of the vehicle /device. Java Card can maintain the authenticity and integrity of the exchanged data, as well as the protection against cyber attacks from the Internet or from the infrastructure (e.g. traffic lights, traffic control systems,…). Thanks to the latest Java Card IoT functionality, it can securely handle sensitive data coming from vehicle peripherals and sensors to protect it against tampering and spoofing.
The biggest cyber security challenge for the Automotive industry is that with the connected car; all of a sudden a device gets connected that was not foreseen to be part of the Internet. Yet, the benefits for customers, as well as for producers, are expected to justify the efforts AND the risk:

  • Consumers demand seamless mobile device integration for ubiquitous reachability
  • Regulators mandate eCall and collision avoidance capabilities to save lives and make driving more secure
  • Manufacturers aim to monetize on new opportunities (e.g. predictive maintenance, product
    improvements,..)

Four main challenges stem from this hunger for data communication:

  • Gather the relevant data from the independent sensor endpoints
  • Process the generated data in “real-time” – locally or in the cloud
  • Ensure the integrity and authenticity of the generated / collected data
  • Protect and manage the vehicle /sensor identities over the entire lifecycle of the vehicle (i.e. starting with production)

Java Card can be used to secure the vehicle communication in various ways:

  • As the security vault for the credentials
  • As the control gateway managing and controlling all connected endpoints
  • As the security gateway protecting the in-vehicle communication streams
  • As the security gateway protecting the communication streams to the cloud

Being already the preferred platform to deploy flexible connectivity Java Cards products are now considered by automotive OEMs to host secure connected car use cases as well.

 

> Back to IoT Use Case Overview

Find out more about Secure IoT Cloud Edge

> Download our FREE Whitepaper to find out more about how Java Card can secure the IoT sector