carsecurity.tech

Fast-track analysis of automotive cybersecurity.

Tag: Network Architecture

  • Network segmentation in automotive architectures

    1–2 minut
    , , ,
    Source: https://storage.googleapis.com

    The concept of network segmentation in automotive architectures is well-established, traditionally using gateways to separate functional domains such as powertrain, telematics, and comfort. However, in an era of Software Defined Vehicles and hyper-connectivity, partial implementation is no longer sufficient. Segmentation must evolve from a architectural preference into a rigorous, industry-wide standard, from the OEM down through the entire Tier-N supply chain.

    Enforcing standards down the supply Chain

    The most critical security gaps often originate not within the OEM’s high-level design, but at the supplier level. A Tier-1 component that unintentionally bridges two segments—for example, a connectivity module with undocumented access to a safety-critical bus—can undermine the entire vehicle’s security posture. This „lateral movement” is exactly what attackers exploit to move from a non-critical breach (like Infotainment) to a safety-critical system.

    Zero Trust at the hardware level

    Segmentation must be treated as a compliance standard. To move forward, OEMs must demand:

    • Verified Isolation: Formal proof of isolation capabilities from every Tier-1 and Tier-2 supplier.
    • Zero Trust Integration: Ensuring that „Zero Trust” principles—where no communication is trusted by default—are embedded into both hardware and software long before components reach the assembly line.
    • Architectural Rigor: Moving beyond simple physical separation to include logical isolation (VLANs) and strict firewall rules within the vehicle’s backbone.

    We can no longer rely on „security by obscurity” or the assumption that sub-components are intrinsicaly isolated. Resilience requires a top-down approach that leaves no room for unintentional bridging.

    Kamil Gapiński

  • CAN Bus – a legacy protocol in a connected world

    1–2 minut
    ,

    The CAN protocol was designed for efficiency and reliability in closed, automobile systems, certainly not for security in connected environments. In its classic form, it lacks encryption and authentication. If a malicious actor gains access to the bus (e.g., via a connected ECU), they are implicitly trusted in the network by default.

    Modern security applications (like AUTOSAR SecOC or Secure Gateways) introduce additional defense layers. However, these are not a universal fix that fits perfectly for the car environment. All security implementations add latency and complexity that such legacy architectures cannot handle efficiently.

    The most critical gap pertains to logic, not syntax. An ECU, here understood as a node in a bus, validates a frame’s structure (ID, checksum) perfectly but fails to validate the operational context. So, if the architecture focuses only on the transport layer and ignores contextual validation, the vulnerability remains. This can mean, for example, that the information on your dashboard or IVI screen will be false or suggesting safety issues, while in reality, everything is fine.

    Kamil Gapiński