Securing the AI-Enabled Software-defined Vehicle
With a billion lines of code expected in the AI-enabled software-defined vehicles (SDVs) of the future and substantial increases in connectivity, the automotive attack surface continues to grow and evolve. As I discussed previously in this blog, the larger attack surface has profound implications for automotive cybersecurity. New automotive vulnerabilities are continuously reported to the MITRE Common Vulnerabilities and Exposures (CVE) database, with the number increasing every year.To avoid being incapacitated by security flaws, the automotive industry is already reacting and building security defence-in-depth across the entire SDV.
Recently, Arm announced new automotive technologies that are designed to meet the greater levels of performance, safety, and security for AI-enabled SDVs. As part of this announcement, Arm launched a range of new Armv9-based Automotive Enhanced (AE) IP processors, with the latest Arm security features at the heart of these designs. These address the most common security challenges associated with automotive use cases including:
- Increasing software complexity;
- A highly diverse software supply chain;
- Feature enablement hacking;
- Ransomware;
- Securing high-speed communication;
- Managing privacy (for passengers and across different environments); and
- The consolidation of vehicle functions onto fewer systems-on-chips (SoCs).
Common automotive security challenges
Scalable software attacks in other markets have exposed significant vulnerabilities, with this being no different for automotive. Historically, much of the software stack in vehicles would be proprietary, so vulnerabilities in the code would have been less well-known and harder to find. However, similar software that is used across adjacent markets, like consumer technology and IoT, could be leveraged and exploited in the vehicle, leading to further vulnerabilities. This is one of the reasons behind the US Governmentβs Presidential Executive Order 14028, which requires strengthening the software supply chain security by maintaining an SBOM (software bill of materials), so that vulnerabilities, once discovered in a piece of software, can be located in all the places that the software has been adopted.
Consumer behavior impacts both security and commercial revenues. Firstly, consumers could look to bypass security controls and enable features without paying for premium, which commercially impacts the vehicle manufacturers through a loss of revenue. Secondly, if consumers use cheaper βnon-genuineβ parts that are not officially approved, then this could lead to software in automotive applications being compromised and controlled by an unknown third-party, increasing the risk of ransom attacks. This could have a direct impact on vehicle safety through third parties being able to take control of the car. Using non-genuine parts also leads to a loss of commercial revenue.
Security challenges also exist in the automotive supply chain due to its sheer scale and diversity, with the systems-on-chips (SoCs) of modern vehicle being required to run software from multiple and mutually distrusting entities running side-by-side. Overcoming these supply chain complexities will require hardware-supported software management and isolation technologies and frameworks.
Finally, secure communication β which is a fundamental security goal for connected devices β will also be imperative for the automotive industry, as SDVs are essentially big, connected devices. One unique issue for vehicles is achieving security over high-speed communications that capture sensory data from multiple sources, like LiDAR, radar and cameras. There will need to be high-performance security mechanisms that protect latency-critical sensor data. Additionally, secure update is essential in the ongoing maintenance and enhancement of SDVs via over-the-air (OTA) software updates.
Security considerations for three key SDV use cases
Alongside the broad industry-wide security challenges, there are specific automotive use cases that have significant security implications for SDVs. These include digital cockpit/ in-vehicle infotainment (IVI), advanced driver assistance systems (ADAS) and autonomous driving (AD), and microcontrollers (MCUs) and zonal architectures.
Digital cockpit/ IVI
Within the SDV, digital cockpit and IVI are becoming increasingly integrated, which is making the creation and subsequent management of these systems more complex. Due to the increasing connectivity features and demands across these systems, attack surfaces are becoming larger.
The digital cockpit has the largest attack surface as it covers multiple vectors, including cloud connectivity, connectivity to personal devices like smartphones, USB plug-in and the ability to download applications. There are also various motivations to hack the digital cockpit, with this containing personal data that could be valuable to hackers, like payment details. For IVI, the main security risk is offering a gateway to the rest of the vehicle for theft or control of the vehicle. This provides a route for ransom or denial of service attacks.
Digital cockpit and IVI also have advanced functional safety requirements, namely ISO 262262 and typically ASIL B safety use cases, which also require additional security measures. Both systems integrate safety and non-safety multiple displays, as well as single physical displays that combine safety requirements with other relevant information for passengers and drivers. This leads to a mixed-critical safety environment that needs to be managed effectively from a security perspective.
ADAS and AD
The integration of ADAS has increased the amount of data and value of the assets in the vehicle. These include sensor and actuator data, AI models and algorithms used for perception and object classification, graphic-intensive computing like 360-degree camera and various mixed-critical considerations. The security threats are then amplified further due to the increasing attack surface from the large amount of software and high potential impact of an attack since both ADAS and AD directly influence vehicle control.
MCUs and zonal architectures
Historically, the vulnerability of automotive MCUs has been restricted to attacks from inside the vehicle against specific automotive electronics, like car door mirrors. However, as the automotive industry moves to vehicle architectures that have higher levels of integration and connectivity, entire systems can be attacked remotely from outside the vehicle via increasingly connected components. This means that all MCUs require security measures, such as secure boot, secure communication and attestation support in order to protect the vehicle. Even areas of the SDV that do not offer a substantial direct threat, like automotive MCUs, need security protection, as these could be the weak link that provides access to other higher-risk computing systems in the vehicle.
The role of Arm
Arm has been providing security-focused architecture features for almost three decades, enabling our industry-leading technology ecosystem to protect businesses, individuals and devices. This work is being extensively deployed by the automotive industry where we are working with the ecosystem to deliver the latest Armv9 architecture security features alongside continuous collaborations on standards and open-source software.
The latest Arm AE IP adopt key Armv9 defensive execution technologies and architecture features that protect against the consequences of vulnerable or malicious software. Pointer Authentication (PAC), Branch Target Identification (BTI) and Memory Tagging Extension (MTE) help to overcome the risk exposed by growing lines of code through protecting the integrity of the software control flow and reducing the impact of memory safety bugs. This is important for automotive markets because there are still vast amounts of legacy code written in memory unsafe languages, like C, which can be ported into future SDVs.
Additionally, Arm follows state-of-the-art product security practices and standards, like ISO/SAE 21434, to ensure that security risks are managed during the idealization, development, and post-development of all products. Arm provides a set of supporting security materials for automotive partners to simplify the integration of our off-the-shelf components into ISO/SAE 21434-compliant designs.
Also built into the Arm architecture are scalable isolation technologies that segregate diverse workloads with minimal performance impact. A trend in the automotive industry is the need to run mutually distrusted software components from varied sources of origin on the same computing platform. Isolation technologies support this aim through offering a strong enforcement of well-defined trust boundaries. Examples of these technologies include Arm TrustZone, S-EL2 and Realm Management Extension.
However, security is not something that can be achieved in the hardware alone. Through frameworks and API solutions, Arm is helping the software ecosystem to deploy the architecture features listed previously and achieve the very best functionality.
Arm co-founded and continues to contribute towards standard security APIs, such as the PSA Certified Crypto API, to work as a contract between firmware developers and hardware vendors. This allows developers to focus on designing firmware rather than having to understand proprietary hardware rules with each new integration. Meanwhile, for hardware vendors, standard APIs are a way to remove barriers to entry, helping them to instead focus on valuable commercial differentiation.
Frameworks and standards help to establish a robust root-of-trust (RoT) as a minimum requirement for security in vehicles. A good way to achieve this is through PSA Certified, which provides an efficient certification process widely recognized as a metric of cybersecurity quality across the IoT market. PSA Certified is now starting to be used to increase visibility and communication around security robustness within the automotive supply chain. This provides built-in foundational security through established best practices and a RoT that can be used across the entire ecosystem.
Securing the automotive industry
Securing the worldβs data and the integrity of computing will be one of the greatest technology challenges over the next decade of computing. This is especially the case in the automotive industry that is undergoing unprecedented transformation.
With more software and increasing computing complexity coming to SDVs in the age of AI, the security challenges have never been greater. However, through a combination of innovative architecture features in Armβs new AE IP and software and standard collaborations across our industry-leading ecosystem, Arm places security and safety as the highest priorities across our automotive technologies. This will deliver the robust security protections needed to secure the future of the automotive industry and the billion lines of code on SDVs.
Any re-use permitted for informational and non-commercial or personal use only.
Editorial Contact
Latest on Twitter
Arm CFO Jason Child was at Phoenix Global Forum last week where he spoke about the future of the semiconductor industry.Β
π He talked about our long history in power-efficient compute and how this is the key to unlocking AI at scale in a sustainable way.Β
#PHXGlobalForum
Arm Neoverse-based Axion processors from @GoogleCloud
β Arm's hardware and firmware interoperability standards
π° Quick and easy deployment of Arm workloads on Google Cloud
πͺ Hear from Mark Lohmeyer on why this is key to the deep partnership between Arm and Google Cloud.
Meet the SpiNNaker2, @SpiNNcloud's brain-inspired hybrid AI processor powered by Arm Cortex-M4.
It's delivering algorithms 10x more efficient than conventional AI, with our Arm Flexible Access for Startups Program helping to make this a reality: https://okt.to/jCyUc3
AI π€ IoT
As AI touches a growing number of connected applications, developers are turning to our software ecosystem for innovation and a consistent experience.
@pnwilliamson shares insights into AI in the embedded space at Embedded World.
We've done it again with record revenue in Q4! π
As we build upon our power efficient CPU, Q4 saw us unlock new levels in royalty revenue and licensing growth. With 280+ bn Arm-based chips shipped to date, the future is built #onArm.
In April, we celebrated Neurodiversity Awareness Month with internal events including a session on parenting children with neurodiverse needs.
This is part of our ERGs efforts to create a supportive community that allows everyone to thrive and reach their full potential.
π€ We're taking our partnership with @GoogleCloud to the next level.
Axion processors, built #onArm Neoverse V2, are the newest example of how we're working together to optimize for workload performance and efficiency.
@AwadMo shares the details. π
π Get started with ExecuTorch Alpha for optimal performance of LLMs on the CPU, alongside delegation to GPU and NPU.
With LLMs already running on our efficient CPUs, our close partnership with @PyTorch is making this easier on @Metaβs Llama 2, 3 and other broad models.
We recently released the first episode of our new 'In Conversation With...' series.
Hear from renowned computer scientist and engineer Sophie Wilson as she discusses co-designing the first Arm processor and the importance of 'making things'.
Watch nowΒ π https://okt.to/5ozcsy
'@Simprints fingerprint scanning solution, SimprintsID makes it easier to verify individual vaccinations using digital records rather than physical ID.
With 850M people without formal ID, this solution, built #onArm, is game-changing for healthcare equity.Β
#HealthierTogether
π
Β Join us on Wednesday May 8 for our financial results conference call.
Β
After market close, we'll report our results for the fourth quarter of fiscal year 2024, followed by an audio webcast discussing our business outlook.
Β
DetailsΒ β‘οΈΒ :Β https://okt.to/58GW2q
"Hello World, I am ARM"
39 years ago today, the first Arm microprocessor introduced itself. We've since enabled advanced, efficient computing in 280+ billion chips, with the patents to prove it.
These foundations make us the AI platform the world relies on, today & in theβ¦
By building #onArm Neoverse, @GoogleCloud's Axion processors are well-suited for the age of AI, benefitting from:
β‘Β Higher performanceΒ
πΒ Lower power consumption
β¬οΈΒ Greater scalability
Β
@AwadMo shares why.Β π
Β
Full interview: https://okt.to/0LPnpo
As the number of connected devices grows, so does the need for more edge compute solutions. π
This is where @LinaroOrg's ONELab comes in.
Designed as a collaborative initiative, it's making it easier to build cloud-native edge deployments #onArm:
Our graduate scheme produces many exceptional engineers. Omar Ali is a great example. His impact goes far beyond his technical skills.Β
So, it was no surprise he was a finalist for the Rising Star Award at the @targetjobsUK National Graduate Recruitment Awards.Β Congrats, Omar!
Congratulations to Tamika Curry Smith, our Chief DEI Officer who has been chosen as one of @SavoyNetwork's Most Influential Executives in Corporate America for 2024. π
The honor recognizes Tamika's commitment to community, leadership, and success: https://okt.to/2NvDOZ
This #EarthDay, we're celebrating our collaboration with @UNICEF, to unlock the life-changing potential of technology in Malawi.π§
Our investment has helped UNICEF install two water supply systems, helping provide 11,000 people with access to safe water and sanitation services.
ISA parity isΒ accelerating silicon and software deploymentΒ in automotive!Β ππ¨
Β
πΒ At #ew24 we showcased what this looks like in practiceΒ via virtual platformsΒ with our Neoverse-based cloud instances and new Arm AE IP, which brings almost 100% ISA parity. https://okt.to/cjVaFN
The future of automotive is here.Β π
Β
Hear from Dipti Vachani on @IBDinvestors as she shares details on the game-changing performance and functional safety features of our new Armv9-based AE processors and server-class Neoverse technology:Β https://okt.to/WVtw58
AI is expected to increase data center power consumption 3οΈβ£x by 2030.
To offset this, hyperscalers like Amazon and Google turn to Arm Neoverse to reduce power without compromising performance.
That's why the future of AI is built #onArm. https://okt.to/LPVFWd
We're working with our partners @Simprints, @Gavi and @_GHSofficial to enable healthcare equity in Ghana.
Built #onArm, Simprints technology is enabling vaccine equity by making it easier to verify vaccine delivery by individual:Β https://okt.to/MIcgxu
If Arm technology is in there, then the future will be too.
Our energy-efficient compute platforms are foundational to the world's technology and AI computing, shaping how we work, play and connect.
That's why the future is built #onArm. https://okt.to/M9wqc8
Here's to a fantastic week at Embedded World! π
From lightning talks and speaker sessions to demos of our latest automotive and IoT technologies, we brought our vast ecosystem together to showcase what's possible when you build #onArm.
Thank you to everyone that joined us. π
πΒ Software-defined vehicles (SDVs) are the future of automotive and they're being built #onArm.
Robert Day joins @Sonatus and @MotorTrend on the latest podcast to talk all things SDVs and where the industry is headed.
ππ Listen below.
