June 2015
32
I
NTERNET
-O
F
-T
HINGS
– S
ECURITY
In automotive software security
is the new guard dog
By Philip O’Hara,
Rogue Wave Software
This article describes
the problems of developing
software for connected devices for
the Internet of Things,
such as in Internet-connected cars,
and offers a solution.
n
So ware development teams across indus-
tries and disciplines are under more pressure
than ever. Under pressure by consumers to
develop new, better bells and whistles quickly.
Under pressure from industry and govern-
ment to ensure their code adheres to critical
coding and safety standards. And under pres-
sure from senior management and sharehold-
ers to make sure their applications are free of
defects that are costly, both nancially and to
their company reputation. From multimillion
pound medical devices with sophisticated
so ware to visualize data, to credit card read-
ers at our local grocery store, to the infotain-
ment systems in our cars that we all take for
granted, virtually everything needs so ware
to make it work these days. We’ve become
accustomed to everything we touch being
connected and optimized for our convenience.
ese days, we call this convenience the Inter-
net of ings (IoT). e term is new but the
concept isn’t. In fact, we’ve been trying to get
the Internet to do our bidding since way back
in 1990 when John Romkey invented a toaster
that could be turned on and o over the Inter-
net. We’ve come a long way since then, but the
general idea – and challenge – is just about
the same, only now with much higher stakes.
e question is, what do manufacturers need
to do to ensure the security of their code and
ultimately the safety of the consumers of
their products? Especially in the automotive
industry the Internet of ings intersects with
connected cars –automobiles that are largely
operated by so ware.
Code security and product safety rarely inter-
twine where automobiles are concerned, but
the industry is quickly realizing correlations
between the two. So ware security is any
action taken to protect the code from mali-
cious attacks -attacks that can lead to safety
issues with the device the code controls - any-
thing from annoying and harmless issues
(think spam nding its way into your email
inbox) to potentially fatal safety concerns,
such as creating a malfunction in a car cruise
control system.
is type of car hacking, made possible by
security weaknesses in code, may be sensa-
tionalized in the media, but is unfortunately
becoming a reality. Although automobile
hacks have yet to become commonplace, they
do happen. Recently in Canada, authorities
attributed phantom car break-ins to hack-
ing, and found that a simple program could
be written in a matter of hours that jammed
the message from the key fob to the car, dis-
abling the locking system. In a more sensa-
tional example, BMW recently learned how
seemingly small coding errors can become
monumental and costly problems for a com-
pany. Over two million of the luxury vehicles
were identi ed as at risk in January 2015, six
months a er the German automobile club
ADAC intercepted network tra c from cars
to send commands telling them to lower
windows or open doors. In many reviews
of the issue, the culprit is being identi ed as
the simple di erence between using an open
HTTP protocol rather than the encrypted
and secure HTTPS protocol. A static code
analysis and review tool, such as Klocwork
static code analysis solution alongside com-
prehensive threat modeling, is able to mit-
igate these types of mistakes, although it is
important that these fundamental changes
to the mindset of development teams are
adopted.
e good news is that the automotive industry
has some precedent it can lean on rather than
inventing secure development processes com-
pletely fromscratch. Telecomcompanies faced
a similar challenge several years ago when
the potential rami cations of their devices
being the only thing standing between the
consumer and complex, embedded so ware
code became evident. e inherent challenge
to this IoT problem is, how do manufactur-
ers ensure that the so ware, deeply embedded
and intertwined with their hardware, is secure,
even when there are countless potential con-
sumer environments that their product could
