secunet showcases close-to-production demonstrator for secure online access in vehicles

[Essen, 30 October 2012] At the Freescale Technology Forum in Tokyo, a close-to-production system that protects a vehicle's electrical system against online attacks was revealed to the Asian market for the first time by secunet and OpenSynergy. The solution is called ACU (Application Control Unit) and monitors the online communication of the vehicle depending on different vehicle states.

Online access in vehicles presents a particular challenge, as it is more difficult to protect vehicles against threats from the Web than PCs or smartphones. Effects on the operational reliability and reduced processing power are just two factors that demand a different security approach. The showcased Application Control Unit demonstrator detects attacks from the Internet and actively prevents them from infiltrating the vehicle's network. To do so, the ACU uses access rules derived from the specification of the internal network.

The ACU from secunet means that, in future, vehicles with Internet access will have the required hardware-supported measures at their disposal to protect themselves against possible online attacks. The ACU is based on the standards-based COQOS software platform from OpenSynergy. COQOS allows different software systems to be integrated on one piece of hardware through the use of virtualisation technology, based on a separation kernel. It generates multiple logical software partitions. Guest operating systems such as Linux, Android or vehicle functions are performed independently in each partition. This approach prevents direct access to the hardware (e.g. interfaces). The secure compartmentalisation results in a high degree of functional reliability and means that only one control unit is required for multiple functions. The ACU on COQOS runs in a separately isolated partition.

For the first time, OEMs can implement different security levels such as open Internet and safety-relevant electrical system domains on the same hardware platform. The solution can be updated and can therefore also realise future security concepts as soon as new applications are released on the market. OEMs now have the opportunity to market new and innovative vehicle apps independent of the automotive development cycles.