HOTLINE: 0086-021 52710299
Partners Partners & Customers
News Delegates’Testimonials

PATEO Intelligent Connected Vehicle Security Solutions

日期: 2019-10-09
浏览次数: 13

At “The 4th Annual China Automotive Cyber Security Summit” organized by GRCC. Mr. Zhelei Shen, the Senior System Architect from PATEO introduced its intelligent connected vehicle cyber security solutions.

 PATEO Intelligent Connected Vehicle Security Solutions

 

First, in terms of policy, the United States announced the first automotive network security standard, which is the SAE standard, and the security situation of the Internet of Vehicles is becoming increasingly serious. Relevant departments in China are actively carrying out cross-departmental collaboration, organizing guidelines for the construction of safety standards system for vehicle networking networks, and clarifying the standards related to vehicle network safety. The safety requirements have attracted the attention of the car manufacturers and put forward new requirements for the supplier's safety capabilities.

 

In the platform's own needs: 1, anti-internal vulnerability: software and hardware, process execution may have loopholes, human weakness, negligence, knowledge level differences may cause defects; integration defects or scenarios may be introduced imperfect blasting points are required Systematic self-examination and perfection 2. Anti-external attacks: interest attacks, malicious and bona fide attempts, unconscious attacks; need multiple levels of interception, identification, monitoring, and involve multiple terminals, multiple scenarios, multiple networks surroundings. 3 Stability: Provide stable service, not interrupted for various reasons, have quick response and quick recovery ability. 4. Reliability: Under the perfect management system, continuous security can build credibility.

 

                      PATEO Intelligent Connected Vehicle Security Solutions

On the attack surface, there are cloud attack surface, pipe end attack surface, vehicle end attack surface and mobile terminal supply surface. The cloud attack surface is mainly TSP, including security authentication / user portal, remote real-time control, scheduling management, remote data reading / diagnosis / monitoring, vehicle data storage / use / management, application store management, upgrade management (firmware / software) , key management, third-party service interfaces, etc. On the pipe end attack surface: 1, cellular network APN, for example: 2G / 3G / 4G / 5G (voice / SMS / data) base station. 2, short-range V2X, such as DSRC (short-range communication), LTE-V (workshop communication), VANET (vehicle network). 3. Communication protocols, such as TLS, SSL, VPN, etc. On the vehicle end attack surface mainly includes body components / CAN BUS, Android system-level applications, original / post-install APP, HMI interactive interface (touch screen, button), device interface (USB, MIC, OBDII, HDMI), onboard interface (Jtag, Uart), midfield network (WIFI hotspot), near field network (Bluetooth, NFC, PFID), in-vehicle network (CAN, FlexRay, LIN, MOST). Mobile attack surface Mobile, such as entertainment system control, virtual key, driving record, vehicle condition diagnosis, remote car search, door lock control, operation log, etc.

PATEO Intelligent Connected Vehicle Security Solutions

 

Finally, Mr. Shen gave us some relevant cases of Botai.

 

 


Copyright ©2010 - 2016 

GENESIS RESOURCING CONSULTING CHINA

犀牛云提供企业云服务