Continental sees big potential in vehicle cybersecurity

Tier 1 supplier and technology major, Continental states that with the trend toward digitalisation, connectivity and automated driving are becoming part of the IoT. At the same time, however, cars potential targets for hacker attacks, which is why the security of data and safety-relevant components is currently a burning issue throughout the automotive industry. The company has now introduced an incident response management system, which is an additional layer of security that responds immediately if there really is an attack.

The aim is to protect vehicles against hacker attacks. Of particular importance, for example, is the protection of safety-critical components such as the brake system. After all, to achieve the vision of accident-free driving (‘vision zero’), cars and the infrastructure have to be able to communicate with each other through, for instance, digital connectivity.

This potentially opens the doors for hackers, which means that the digital systems have to be not only functionally reliable but also resistant to external attacks. This is why the technology company uses cyber security technology to ensure comprehensive protection against possible hacker attacks on both: safety-relevant vehicle components and in production plants.

“Our experts are working to bring security to the next level and safeguard our systems against hacker attacks. This depends on production security in our plants, which we are also working on. The first production lines have already been equipped to integrate cyber security functions in the products,” said Felix Bietenbeck, head of the business unit Vehicle Dynamics at Continental. “Security affects every single vehicle component, which is why not only communication interfaces but also – and especially – safety components such as brakes systems need to be protected.”

Security first

The company states that cryptographic processes for a safety-relevant system have been implemented for the first time in its latest brake system, the MK C1. With the MK C1, the brake actuation feature, the brake booster and the control systems (ABS and ESC) are combined into a compact, weight-saving braking module. The MK C1 is more dynamic, lighter and more compact than conventional brake systems and has been specially developed for vehicles with extensive advanced driver assistance systems as well as recuperation and automated driving capability.

As the level of connectivity grows and the number of in-vehicle interfaces this necessitates increases, so does the risk of hacker attacks. The hackers are motivated by all sorts of reasons – data theft, financial interests and reputation being just three possible ones. In response, Continental is strengthening all possible points of attack and implements cyber security solutions on multiple levels and layers: On the first level, the individual electronic system components are protected; on the second level, communication between the in-vehicle systems is protected; on the third level, all the vehicle’s external interfaces are protected; and on the fourth level, data processing outside the vehicle is protected against theft and manipulation. This level also includes cloud and backend solutions. All of these offerings have now been significantly augmented with the multiple end-to-end solutions provided by Argus Cyber Security, an automotive cybersecurity specialist company, which has been recently acquired by Continental.

Individual security key for maximum security

The technology major states that all its future products – including the MK C1 – will contain cryptographic functions that can be used to introduce security keys. These keys generated individually for each product will ensure maximum security because even if one car is hacked, a second one is still protected. “The keys can be used for various operations and cannot be read externally – just like the PIN for your smartphone,” said Dennis Kutschke, cybersecurity program manager at Continental. When it comes to cyber security, the Germany major says it also learns from the experiences and technologies in other industries. Cyber security is relevant to vehicle systems not only when they are integrated but also during the loading of software and digital keys, which is why a special production security concept valid for all locations is being introduced worldwide. The concept based on a risk analysis conducted to identify weaknesses, which will also benefit automotive manufacturers from being able to transfer their own keys to the system via the secure Continental network.

Quick Response

Continental has to keep its eyes on dozens of systems, all hackers need to do is identify a single weakness. “It’s like a never-ending race between the people who want to protect the systems and those that want to hack into them. This is why it is so important to act as quickly as possible whenever any weakness is identified,” said Kutschke.

For this reason, Continental says it has introduced an incident response management system, which is an additional layer of security that responds immediately if there really is an attack. Developed with the expertise of the Israel-based startup Argus Cyber Security, which Continental acquired last year and has become part of the subsidiary Elektrobit. Together with Elektrobit, which specialises in embedded and connected software solutions, the security experts have already unveiled an all-in-one solution for over-the-air software updates. This solution will ensure that millions of cars can be instantly upgraded to the latest security level without having to visit the auto repair shop. Continental states that a very important requirement for ‘Vision Zero’ – will be a future without road deaths, injuries or accidents.