Automotive Software Attestation: Self, Remote, and Peer - Building Trust in Autonomous Driving Safety Systems

Abstract

“Can you trust a car’s software (SW)?” This question attracts attention from professionals, politicians, and professors for three reasons: ability, access, and interest. Autonomous and driver assistance systems have responsibility and authority in controlling the vehicle - increased ability. Many cars today are connected to the outside world with Bluetooth, Wi-Fi, USB, and cellular connections - increased access. Talented researchers, organized crime and nation state intelligence agencies are turning their attention to develop sophisticated cyber-attacks on expensive critical infrastructure - increased interest. People all over the world trust their vehicles with their lives and livelihoods. The increase of authority within, connectivity without, and motivation to exploit all serve to increase the risk of compromised vehicle software, the importance of checking, and the required depth of verification. My research focuses on three critical challenges for automotive SW attestation, each expanding on the question for a different ‘you’.1. Self Attestation How can a real-time automotive controller verify its own SW before starting and maintain compatibility with start-up time, functional safety, and limited power requirements? Secure boot has successfully protected systems from executing untrusted SW, but low-power controllers lack sufficient time to check every memory cell while satisfying real-time functional safety requirements. Automotive controllers need to maintain security through multiple cycles of remote, unsupervised operation and reach a secure state in a safe manner when an anomaly is detected. To accelerate the boot time, we propose Sliced Secure Boot: build fingerprints by slicing orthogonally through memory blocks, protect each cell with a reusable fingerprint using a reproducible pattern with sufficient entropy, and randomly check one fingerprint pattern during boot. Sampling does not offer equivalent protection to exhaustive checks, but careful sampling can provide a sufficient level of detection while maintaining compatibility with both startup time and functional safety requirements.2. Remote Attestation (RA) How can someone verify the SW integrity of an automobile without access to sensitive intellectual property? Researchers have explored using RA on computers and Internet of Things (IoT) devices, but these use cases presuppose that the verifier has access to the full SW image or can control the memory access of the prover. Our Digital Shadow (DS) approach takes a ‘snapshot’ of a Digital Twin (DT) with sufficient detail to identify, but not enough to reconstruct. It builds a modified Merkle tree signature based on each module’s current SW and compares this with a fingerprint that the Original Equipment Manufacturer maintains of the DT. We measured the time required to calculate a vehicle fingerprint with 14 different types of vehicle controllers and the amount of data to support the concept. Verifying the SW integrity confirms that the correct SW is available but does not prove that it is actually controlling the vehicle. We expand DS to monitor internal and external plausibility verification of the run time and fault codes. This enables a quick verification of the vehicle’s cyber-health state with limited trust requirements on the party performing the check.3. Peer Attestation With advanced vehicle architectures, software defined vehicles, cloud computing, and service-oriented architectures, how can a module build trust in the information it is receiving in a manner that is dynamic, nuanced, and adaptive? Today’s vehicle architectures build trust on a framework that is static, binary, and rigid. The Zero Trust (ZT) paradigm supports this dynamic need, but current implementations are focused on protecting information and do not consider the additional challenges that automobiles face interacting with the physical world. We propose expanding ZT for a cyber-physical system by weighing the potential safety impact of taking action based on information provided against the amount of trust in the message and develop a method to evaluate the effectiveness of this strategy. This strategy offers a solution to the problems of implementing real-time responses to active attacks over vehicle lifetime.