i3 - May/June 2016 - 17

vehicles sold worldwide last year. (A single
vehicle may contain more than one hardware security module.) "It's a cost issue for
the car manufacturer, so until the risk has
been exposed publicly or there's been some
sort of accident, usually there's no action
taken," Menting says. And when HSMs are
integrated, they're normally in higher end
vehicles, not inexpensive models.
"Ideally you'd like all manufacturers to
have HSMs in all new cars, but there's no
law right now that mandates that," she says,
suggesting that connected car cybersecurity
will become a much more prevalent concern
once the "driverless society" is realized-
when cars are widely communicating with
one another as well as with transportation infrastructures. It will be even more
important that cybersecurity is engineered
into vehicles from conception, rather than
patched on afterward, she maintains.
According to Menting, automakers that
have integrated HSMs in their newest

connected to the Sprint cellular network.
This past February, a researcher in Australia demonstrated remotely hacked into a Nissan Leaf owned
by a colleague in England, taking control of features
such as the climate control system through an Internet-connected computer. The attack leveraged the
specific vehicle identification number (VIN) and open
and unsecured APIs that had been factory-installed
in the car to accommodate a dedicated mobile app
that Nissan offers for Apple iOS and Android devices,
intended to provide owners with remote access and
control for convenience.

A H O L I ST I C A P P ROAC H
To be sure, there are solutions to the problem of
remote hacking that automakers can implement, and
some already have.
The most basic step is threat modeling, which
means learning from hacks and redesigning in-car
networks to fill the discovered security holes, says
Smith, who heads Theia Labs, a Seattle, WA-based
security analysis firm that counts automakers and
auto industry suppliers among its clients. But Theia
is hired to work on new prototype vehicles, not older
vehicles already in consumers' driveways, and therefore it's only "hobbyists" who will find the security
holes in those, Smith says.
Once a fix is devised, another tactic is patching
those holes via over-the-air software updates, which
Tesla has employed.
A more concrete step is integrating hardware
security modules (HSMs) or cryptographic accelerators that encrypt communications or data inside a
vehicle's network architecture, says ABI"s Menting.
Automakers have been able to do this since 2006,
when the first automotive standard for these devices
was set in Europe. But they began doing so only in the
past couple of years, she says, and now ABI estimates
the devices were installed in one million or fewer
of the 78 million cars and 15 million commercial
C TA . t e c h / i 3

"THE AUTOMAKER AND A COMPANY LIKE
N V I D I A , W H I C H I S R E A L LY D E S I G N ING COMPUTER SYSTEMS, (MUST THINK
ABOUT) THE WHOLE ARCHITECTURE OF
THE CAR FROM A SINGLE UNIFIED PERS P EC T I V E R AT H E R T H A N H AV E A D OZ E N
DIFFERENT COMPONENT COMPANIES ALL
TRYING TO CONNECT THINGS TOGETHER.
T H E D AY S O F T H I S D E C E N T R A L I Z E D ,
H I G H LY D I S T R I B U T E D M O D E L J U S T
D O E S N ' T W O R K ."
- D a n n y S h a p i r o, N V I D I A

MAY/JUNE 2016

17


http://www.NVIDIA.com http://CTA.tech/i3

Table of Contents for the Digital Edition of i3 - May/June 2016

Contents
i3 - May/June 2016 - Cover1
i3 - May/June 2016 - Cover2
i3 - May/June 2016 - Contents
i3 - May/June 2016 - 2
i3 - May/June 2016 - 3
i3 - May/June 2016 - 4
i3 - May/June 2016 - 5
i3 - May/June 2016 - 6
i3 - May/June 2016 - 7
i3 - May/June 2016 - 8
i3 - May/June 2016 - 9
i3 - May/June 2016 - 10
i3 - May/June 2016 - 11
i3 - May/June 2016 - 12
i3 - May/June 2016 - 13
i3 - May/June 2016 - 14
i3 - May/June 2016 - 15
i3 - May/June 2016 - 16
i3 - May/June 2016 - 17
i3 - May/June 2016 - 18
i3 - May/June 2016 - 19
i3 - May/June 2016 - 20
i3 - May/June 2016 - 21
i3 - May/June 2016 - 22
i3 - May/June 2016 - 23
i3 - May/June 2016 - 24
i3 - May/June 2016 - 25
i3 - May/June 2016 - 26
i3 - May/June 2016 - 27
i3 - May/June 2016 - 28
i3 - May/June 2016 - 29
i3 - May/June 2016 - 30
i3 - May/June 2016 - 31
i3 - May/June 2016 - 32
i3 - May/June 2016 - 33
i3 - May/June 2016 - 34
i3 - May/June 2016 - 35
i3 - May/June 2016 - 36
i3 - May/June 2016 - 37
i3 - May/June 2016 - 38
i3 - May/June 2016 - 39
i3 - May/June 2016 - 40
i3 - May/June 2016 - 41
i3 - May/June 2016 - 42
i3 - May/June 2016 - 43
i3 - May/June 2016 - 44
i3 - May/June 2016 - 45
i3 - May/June 2016 - 46
i3 - May/June 2016 - 47
i3 - May/June 2016 - 48
i3 - May/June 2016 - Cover3
i3 - May/June 2016 - Cover4
http://www.nxtbook.com/nxtbooks/manifest/i3_20200304
http://www.nxtbook.com/nxtbooks/manifest/i3_20200102
http://www.nxtbook.com/nxtbooks/manifest/i3_20191112
http://www.nxtbook.com/nxtbooks/manifest/i3_20190910
http://www.nxtbook.com/nxtbooks/manifest/i3_20190708
http://www.nxtbook.com/nxtbooks/manifest/i3_20190506
http://www.nxtbook.com/nxtbooks/manifest/i3_20190304
http://www.nxtbook.com/nxtbooks/manifest/i3_20190102
http://www.nxtbook.com/nxtbooks/manifest/i3_20181112
http://www.nxtbook.com/nxtbooks/manifest/i3_20180910
http://www.nxtbook.com/nxtbooks/manifest/i3_20180708
http://www.nxtbook.com/nxtbooks/manifest/i3_20180506
http://www.nxtbook.com/nxtbooks/manifest/i3_20180304
http://www.nxtbook.com/nxtbooks/manifest/i3_20180102
http://www.nxtbook.com/nxtbooks/manifest/i3_20171112
http://www.nxtbook.com/nxtbooks/manifest/i3_20170910
http://www.nxtbook.com/nxtbooks/manifest/i3_20170708
http://www.nxtbook.com/nxtbooks/manifest/i3_20160102
http://www.nxtbook.com/nxtbooks/manifest/i3_20160304
http://www.nxtbook.com/nxtbooks/manifest/i3_20160506
http://www.nxtbook.com/nxtbooks/manifest/i3_20160708
http://www.nxtbook.com/nxtbooks/manifest/i3_20170506
http://www.nxtbook.com/nxtbooks/manifest/i3_20170304
http://www.nxtbook.com/nxtbooks/manifest/i3_20170102
http://www.nxtbook.com/nxtbooks/manifest/i3_20161112
http://www.nxtbook.com/nxtbooks/manifest/i3_20160910
http://www.nxtbookMEDIA.com