Built-in security needed for safety-critical ADAS applications

Safety-critical advanced driver-assistance (ADAS) functionality is one of the fastest-growing requirements in automotive systems, driving the need for intelligent, deep learning vision processing, according to John Koeter, Vice President of Marketing for IP at Synopsys.

“Synopsys is enabling the next generation of applications for computer vision by providing the ARC EV6x Vision Processor with SEP, which integrates hardware safety features that enable SoC designers to meet these performance requirements and more easily achieve ASIL D certification,” said Jeff Bier, founder of the Embedded Vision Alliance, on the presentation of the Alliance’s “Best Processor” 2019 award to Synopsys. Synopsys is the world’s leading provider of solutions for designing and verifying advanced silicon chips, and for designing the next-generation processes and models required to manufacture those chips. In June 2019 Synopsys announced the expansion of the automotive Center of Excellence collaboration with Infineon to speed the development of automotive electronic systems and deliver Synopsys Virtualizer™ Development Kits (VDKs) for Infineon’s third-generation AURIX™ microcontroller family, further building their portfolio of VDKs for leading automotive MCUs and SoCs.

Automotive Industries (AI) asked Art Dahnert, Automotive Practice Lead, Synopsys, how the company is helping OEMs to secure their ADAS systems.

Dahnert: Synopsys has dedicated an Automotive Security Group that will assist customers with hands-on testing and design guidance. It is part of an entire business unit dedicated to helping its customers with their security-related issues. This includes products such as Coverity, a static analysis tool; Defensics, which is often used to fuzz test applications; and Black Duck, an industry-leading software composition analysis tool. In addition to the products we develop we have 300+ security professionals around the world to help guide the product development team through their security related challenges.

AI: How important is testing for security weaknesses in automotive systems?

Dahnert: Security is just as important as safety. Security testing must be incorporated into the entire overall product development lifecycle, in addition to other best practices such as threat modelling and training for the engineers. The Synopsys Automotive Security group helps its customers look at the big picture and works to develop proper testing strategies that make sense for the technology involved. Synopsys also integrates advanced threat modelling into the process in order to find design flaws that testing alone cannot uncover. And finally, security training Is applied to make sure that the mistakes do not repeat themselves.

AI: What do OEMs need to do be ready for 5G?

Dahnert: The connected car and self-driving vehicles of the near future will need ubiquitous connectivity and 5G is the technology expected to handle it. Designed from the beginning to support V2x technologies and services it will be part of the first large scale implementations. It also means that it will be part of a first “missteps”, including security vulnerabilities. This means that the automotive industry as a whole will need to incorporate security best practices, such as security design reviews, early into the development process. It is important to build security into the various components first and not try to bolt it on after the fact. This will necessitate engaging security leaders, such as Synopsys, to find the weaknesses in the engineering assumptions and design them out.

AI: How do mobile technologies impact vehicle security?

Dahnert: Allowing the integration with devices of unknown provenance requires a significant amount of rigor in order to prevent a malicious attack through that device. Since the OEMs cannot be held responsible for keeping connected mobile devices up to a relevant security level, it must be assumed that there would be some that are significantly insecure. This is a similar problem that exists in the enterprise networks of today’s businesses. Users download and install mobile apps of all differing types and some smart phone providers terminate support after a couple of model years, thereby making the attack surface very large. This is compounded by connection technologies that may also be insecure, such as Bluetooth and Wi-Fi. Vehicles will have to be hardened specifically against this type of attack surface, which definitely includes separating user accessible features from other parts of the vehicle. Additionally, as vehicles connect to other services, infrastructure and other vehicles that technology will be mobile based. Having the supporting protocols properly secured will be vitally important. Tools such as Defensics understand these protocols and can help verify their proper implementation.

AI: Tell us about Synopsys’ solutions for app-based technologies.

Dahnert: More and more, vehicles are moving to open source or FOSS-type solutions in order to reduce the cost of licensing and support. This means there is a need to determine if the software or code that an OEM is planning on integrating into the various components has any vulnerabilities or licensing restrictions. The Black Duck tool is designed for this specific purpose and finds the issues before the code makes it to production. Today’s code base is growing at a significant rate, which means that being able to automate tasks is a key part of delivering software on time. Integrating static analysis into the SDLC as early as possible means that the entire process doesn’t get slowed down prior to shipping the application. The Synopsys’ Coverity static analysis tool is designed to work with modern codebases, including those with millions of LOC (Lines of Code). From a pure code analysis perspective, Coverity has the industry leading security checking features, including support for the latest MISRA guidelines. This lets a team building software find security issues before the app gets installed into a vehicle.

AI: How well are OEMs managing cyber security?

Dahnert: The entire industry is improving, but it still has a way to go. OEMs need to demand that their suppliers develop their components using the best security industry practices of today. This is something Synopsys has been helping a number of OEMs with recently. The Synopsys BSIMM (Build Security in Maturity Model) helps identify those areas where an organization is not meeting the expectations or performance expected by the security team. BSIMM allows an OEM to compare its security practices and the organization’s maturity against what the rest of the industry is doing. It also allows them to determine how to prioritize the different areas where security needs to be addressed. This has the overall effect of improving the product development process, which will also help the entire supply chain improve. In a nutshell, security needs to move to the start of the development process.

AI: How can OEMs and Tier 1 suppliers protect their products from security attacks?

Dahnert: The best way is to improve the overall security of the vehicle, down to the smallest component. This is done foremost by changing the culture. As vehicle safety improved over the last few decades, the culture in the industry changed to one where safety was Priority One. This is what needs to happen with regards to vehicle security. OEMs and their suppliers need to believe that security is just as important as safety. This cultural shift will facilitate the changes needed to improve security by moving the resources and earlier in the design and development processes. More effective procedures can then be implemented that will yield improvements in securing current and future technology. In addition, we can start looking at the standards and guidelines being written and start applying them to the product development lifecycle as soon as possible. Incorporating those tools and concepts that help with the security checks and balances will go a long way toward building an automotive supply chain that is more robust and resistant to state-of-the-art cyber-attacks.