The security system shouldn’t be geared towards the IoV only, but should offer an integrated solution that covers the overall information security, as well as the enterprise process management (EPM) and personnel management of the OEM.
From Nov. 20 to 21, the “2019 China Safety Industry Conference & the Third Traffic Safety Industry Summit”, hosted by cheyun.com and co-organized by diandong.com, was held in Foshan, Guangdong Province. Themed “Secure Mobility & Connect Future”, the Summit consisted of three sessions, namely the NEV Safety Session, the New Technology Safety Session and the Smart Traffic Safety Session. Representatives from IUR (industry-university-research institute) and mobility safety related enterprises gathered in Foshan to jointly discuss the emerging safety issues arising from the automotive industry in the context of CASE (Connected, Autonomous, Shared and Electric) vehicles. During the Summit, Tang Yan, R&D Director of Cloud Platform Department, PATEO Group, delivered a speech titled PATEO Security Solution for Intelligent Connectivity.
The following is the transcript of his speech:
Hello everyone! I’m Tan Yang from PATEO Cloud Platform. I joined PATEO in 2013. Thanks a lot to the host for offering such an opportunity for PATEO to share some of our ideas about intelligent connectivity security.
(My speech) is mainly divided into five parts. First of all, an introduction to PATEO: PATEO was founded in 2009, and has just celebrated its 10th anniversary on Oct. 20, so it can be called an IoV company that enjoys a long history. PATEO values user experience, and as an innovative company, we attach great importance to intellectual property rights (IPRs). Our business covers the overall in-vehicle data, automotive electronic hardware & OS, as well as vehicle software, voice AI & map integration, telematics service operations offered by TSP, and PaaS & SaaS cloud services, etc., with a total of 1,000 employees and several branch offices across the country. Moreover, PATEO holds full qualifications for the IoV service.
It needs to be stressed that PATEO has delivered a relatively good performance in the domestic IoV field when it comes to the IPR. According to the official statistics in 2018, PATEO had obtained 655 IoV patents, ranking number one domestically and number five internationally. According to plan, we had already filed 3,420 patent applications by this Oct., and are set to increase this number to 5,000 by 2020. Although this target seems rather radical, in fact we are all making great efforts to achieve it. PATEO offers very generous patent rewards, so if any of you are willing to make innovations together, I hope you can join PATEO.
PATEO clients basically cover the low-, mid- and high-end OEMs in China, including the domestic, joint venture and luxury brands.
The overall environment of the IoV industry is very complicated and needs to be integrated with the OME’s system. On the terminal, this includes the integration of vehicle hardware, automotive OS, IVI apps, voice AI and various vehicle apps such as map; and in the cloud, it includes the SaaS / PaaS platforms, communication protocols, as well as the integration of, payment for and access to third-party resources. PATEO is even doing such things as connected car owner operations.
We have briefly collected the security incidents in the IoV field last year. Before 2018, it was the security research institutes and sophisticated hackers that were studying the vulnerabilities in cars. Till 2018, several significant incidents happened: one was an IoV user data breach, and the other was a hacker stealing a vehicle via the IoV. Apparently, the security situation is becoming more and more severe.
In terms of policy, the US has passed the first automotive cybersecurity standard, i.e., the SAE J3061, while China is drafting the security standard system construction plan, with domestic OEMs paying more and more attention to security construction.
When it comes to the automakers, the IoV project-related requirements laid down by OEMs back in 2018 have already explicitly mentioned the various needs for security testing and security guarantee, which represents a very unusual change.
Regarding the platform itself, we keep working on various security protections, including internal security, internal vulnerability protection, external attack protection, system stability and penetration testing across cloud.
At the end of the day, the IoV attack surface never moves beyond the three aspects of terminal, channel and cloud. As for the cloud platform, the attack surface includes security authentication, user entry, remote control, scheduling and management. With regard to the channel, it includes mobile communication, near field communication and various communication protocols, with such attack types as counterfeiting and interception. Concerning the attack surface on the IVI terminal, it wasn’t so dangerous when the IVI only functioned as an infotainment system, but now since the IVI is connected to the CAN bus, the complete vehicle will be subject to influence. There are Wi-Fi and Bluetooth interfaces in a complete vehicle. For the mobile terminal, the security requirements were not so high in the past, but now more and more phone app features are more closely intertwined with the vehicle, including virtual key and remote control, so the attack surface on the mobile phone has also greatly increased in number.
Lastly, I’d like to introduce some of the efforts PATEO has devoted to security. Qing OS is the automotive operating system developed by PATEO. To realize in-vehicle payment, PATEO has developed a full set of security architecture. The Qing OS imposes strict security requirements on the whole system, so as to meet the security requirements for payment. First is the implementation of a safe and secure boot loader to make sure that the ROM is not tampered with. In case that the specific files and resources at the Linux level are damaged, the access can be restricted to a certain area without affecting the rest. The PKI (Public Key Infrastructure) that enables unified identity authentication is a core architecture for all security systems. Every device launched now has its own certificate, and so does the server. Every application comes with a signature, and the user also has their own certificate. All our communications adopt mutual authentication process / technology.
The TEE (Trusted Execution Environment) is able to address the secure storage of client keys and the secure payment in the vehicle. PATEO is now in cooperation with UnionPay on facial recognition payment, which is also executed in the secure TEE. Not everything needs to be placed in the TEE. After all, its execution capacity is limited, in addition to the consideration that the entire technology solution for sensitive data encryption requires some necessary conditions.
For the app itself, we are now also working to harden it in an all-round way, including the hardening of the app itself, as well as runtime environment (RTE) protection and business scenario protection. The security issue is not just limited to the technical level. We also need to provide corresponding security designs at the business level. Taking remote control for example, we request the user to perform 2 Step Verification (also known as “two-factor authentication” (2FA).
Cloud security is relatively mature, and all PATEO systems are deployed in the public cloud, with some security protections relying on the partners, just as in the case of our cooperation with Baidu. So, we may not be responsible for physical security, but we do have a complete set of corresponding solutions for network security, host data and application security.
What also needs to be highlighted is security audit, covering all security incidents and prevention. The security system is not isolated. It is not geared towards the IoV only, but should offer an integrated solution that covers the overall information security as well as the process & personnel management of the OEM. At the beginning of the year, we communicated with several OEMs and found that they often said, "You find me a supplier to help solve the security issue", but in fact the security issue cannot be solved by one supplier alone. There’re dedicated enterprises deeply and intensively cultivating each of the technology areas that I mentioned earlier, while PATEO is ultimately an integrator.