China’s Tencent bags BMW Group’s digitalisation and IT research award

The BMW Group has honoured China’s Tencent Keen Security Lab with its first-ever Digitalisation and IT Research Award. Keen Security Lab, a professional security research lab under Tencent Holdings, is a globally renowned security research team whose highly specialised researchers have more than 10 years of experience in cybersecurity for PCs and mobile devices.

The company is actively involved in internal research and the development of security enhancement recommendations for the portfolio of online services, including social, payment, games and cloud, provided by its parent company, Tencent Group. 

In recent years, Tencent Keen Security Lab has expanded its capabilities in new research areas including connected/intelligent cars, IoT products, cloud computing and virtualisation, as well as AI.

One of its major research focus areas is automotive security, a field in which the company has partnered up with leading players. The company supports the advancement of security features of intelligent connected cars by publishing substantial research and supporting automakers in technological and technical development matters. Tencent Keen Security Lab believes its research objective and results will be beneficial to improving road safety for hundreds of millions of drivers, passengers and pedestrians in many countries.

“We want to contribute our comprehensive expertise and in-depth understanding of vehicle technologies to improving the development processes and security guidelines in the automotive industry, providing a shared benefit for OEMs and customers,” says Sen Nie, lead researcher of Vehicle and IoT Security Research. 

The award-winning research
Between January 2017 and February 2018, Tencent Keen Security Lab experts conducted comprehensive tests with various BMW models. In doing so, they focused on head unit and T-Box components of different generations.

“BMW belongs to the top 5% in automotive IT-security, which made it a highly challenging task for our sophisticated team,” says Samuel Lv, Director of Tencent Keen Security Lab. After 13 months, the team of researchers informed the BMW Group about their comprehensive findings on 14 different vulnerabilities directly (Responsible Disclosure). Nine of the attack scenarios required a physical connection in the car or a location in the direct vicinity of the vehicle. Five attack scenarios were based on a remote connection using the mobile telephone network.

After gaining access to the head unit and T-box components, Tencent Keen Security Lab executed specifically developed exploits and in this way was able to gain control of the CAN buses to trigger arbitrary, unauthorised diagnostic vehicle functions remotely. The tests were always run in a controlled environment on the premises of Tencent Keen Security Lab. Identifying, preparing and implementing attack scenarios via mobile network requires comprehensive expertise.

The Tencent Keen Security Lab team managed to implement these complex and sophisticated exploit chains. The BMW Group is convinced that the study presented constitutes by far the most comprehensive and complex testing ever conducted on BMW Group vehicles by a third party. 

Promptly after the internal verification of the findings, the BMW Group’s Automotive Security Team contacted Tencent Keen Security Lab to confirm the findings and started developing measures. Subsequently, these upgrades were rolled out in the BMW Group backend and uploaded to the telematics control units via over the air connection. The BMW Group develops additional software updates, which as usual will be made available for customers at BMW dealerships. With the collaboration of the two parties, the security updates developed by BMW Group improve the security level of BMW’s products and services for the customers’ benefit.

For this outstanding research work, Tencent Keen Security Lab has been selected as the first winner of the BMW Group Digitalisation and IT Research Award. “With this award, we want to honour the experts who support us in the transformation towards digitalised mobility,” said Christoph Grote, senior vice-president, Electronics BMW Group, when he presented the award to the research team of Tencent Keen Security Lab at BMW Group China’s offices in Beijing.

“We thank Tencent Keen Security Lab for their tremendous effort, their sophisticated research and the highly professional collaboration.”

Tencent Keen Security Lab will make a summary of the research findings available. A joint technical report detailing the vulnerabilities, exploit chains and implemented measures will be published by the two parties next year.

Future cooperation
In an increasingly digitalised and connected world, security is key. The merging of interfaces between different consumer devices, as well as between devices and their surroundings, generates new advantages for customers and even significant benefits for society. At the same time, however, these interfaces open up the potential of access and manipulation for illegal malicious attacks.

Based on the successful cooperation, Tencent Keen Security Lab and the BMW Group are discussing options for joint in-depth research and development activities. Talks on the design of a future cooperation were held at the award ceremony. The joint research will focus on the security of Android embedded systems, and on autonomous driving security and testing. Additionally, consulting services on security in over-the-air software update mechanisms are within the scope of future collaboration.