Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Digital Trust in
connected critical
systems
Nick Cook, Chief Innovations Officer
What is Digital Trust?
People, machines and organisations need to be able to digitally trust each other.
• Trust is built using layers of controls within an ecosystem
• Secure hardware execution and trusted applications
• Data flow and reaction security
• Physical security
• Strong identity is a key component of trust
• If you can’t determine someone or something is who or what they say they are, you cannot trust it
• Trust isn’t one time; it needs ongoing, sustainable management
What is Digital Trust in the ‘connected
car’?
Importance of Digital Trust to Functional Safety
Connected critical components must be able to trust
each other
• Components are becoming connected – no longer in islands of
connectivity
• Secure maintenance is critical
• In-vehicle radio connections – e.g. smartphone as important to
consider as long range wireless connections
• Need to consider both trust at POST but also ongoing during
operation
• Run time trust is important to establish
Digital Trust: Functional Safety
Being connected emphasizes need for authentication
& signatures
• What authentication / signing is required?
• What / who must check?
• Is there any forensic support required? For what purpose?
• Where are the system boundaries?
• Sensors vs gateways
• What are the constraints on the algorithms that can be used?
• What impact is there on the selected hardware?
Digital Trust: Functional Safety
Being connected emphasizes need for creating secure
managed application silos
• Separation of concerns important
• Architect for different types of service on the same processing
node
• How are the “containers” going to be updated?
• System as a whole needs a clearly obtainable “status” check
capability
So how do we achieve digital trust?
Digital Trust from Silicon to Services
A complex ecosystem made simple
• In-vehicle is the same • Chain of trust critical
Implementation
Cybercriminals are super-sophisticated at exploiting
vulnerability.
• Hardware backed crypto material
• Smart chips
• TPM
• UICC
• TEE
• Execute in protected / silo environments
• Managed apps and outlets
• Create and maintain digital identities
Identity and Credentials Management
The key to achieving trust
• Establish the person or device is who or what it claims to be
• Delivery of identities locally or over the air
• Locking down credentials
• Ongoing lifecycle management
• Transfer ownership securely – temporarily or permanently
• Revoke permissions
• Secure processes and policy must be applied
Hardware container management / Trusted Apps
Trusting the software that is running
• Utilize protected execution environments to run security critical
software
• Have end to end security management of the protected
environment and the apps that run inside it
• Be able to OTA update apps securely
• Make it simple to access – readily available
To conclude…
Summary
If connected cars are to become trustworthy, a new ’normal’ needs to be established
• A three-tier approach must be applied as appropriate (trust the device, trust the person, trust the application)
• Robust, standards-based, security framework
• Strong authentication & signing is important
• Consumer-grade ease of use
• Enterprise-grade security
• Lifecycle management is critical
• Collaboration is required