Author: AUTOCRYPT

1 August, 2020 . 4 mins read

Infographic: Global Regulations on Autonomous Vehicles

In 1939, the idea of the autonomous vehicle (AV) was brought to life by Norman Bel Geddes when he introduced the concept of a self-driving car in a futuristic exhibit hosted by General Motors (GM). Geddes conceptualized the car to be able to “drive” by radio-controlled electromagnetic fields generated with magnetized spikes that were embedded in the roadway. Although it may have been a bit early for realizing his AV dreams, the actual technology used in building vehicles with the potential of reaching full autonomy has developed rapidly in the past decade. Although we are yet to produce fully autonomous vehicles (level 4 or above), the AV landscape is expanding at a faster-than-ever pace. With this growing landscape comes wider adoption – more and more countries are allowing AVs on the roads, though they vary in terms of regulation and guidelines. Here are some global regulations on autonomous vehicles.

South Korea

South Korea allows AVs with government issued licenses to operate on public roads. As one of the leading countries in the AV industry, it announced the opening of K-City in 2017, which is an unpopulated town model built solely for autonomous-driving testing. The test-bed is the first of its kind in the nation and the second largest in the world. AUTOCRYPT is the security leader of the ITS-project, and the security company also manages V2X security for smart roads in Sejong, Yeoju, Seoul, and Jeju.

United States

The United States has a unique governing system where each state can publish its own legislation; as such, each US state is responsible for its own autonomous driving laws. There were no set rules about driver-less AVs operating on public roads before 2018 when California and Arizona passed legislation allowing for AV operation. Many other states have followed since then.

China

China has released a then-updated road safety laws that cover driver-less vehicles on a nationwide scale. The Ministry of Industry and Information Technology, the Ministry of Public Security, and the Ministry of Transport created regulations on the “Administration of Road Testing of Autonomous Vehicles.” In addition, local governments added their own regulations accordingly.

Germany

As one of the leading countries in autonomous transportation, alongside China, the US, and South Korea, Germany has a strategy in place for AVs on a national level and allows autonomous driving on public roads. Additionally, it allows companies to test drive autonomous cars on public roadways. However, the new transportation legislation requires all AVs on public roads to have a black box equipped, a counterpart data recorder.

The Netherlands

The autonomous transportation laws of the Netherlands allow for autonomous driving on public roads, and it also opened the public roads to large-scale tests with autonomous passenger cars and trucks. In the future, the Netherlands will allow experiments with driver-less AVs.

Sweden

Sweden, too, allows autonomous driving on public roads. Moreover, The Swedish Transport Agency can authorize permits and supervise trials at all levels of automation on Swedish roads. To ensure the issue of trial permits, however, the trial activity should be governed by a specific act and comply with numerous conditions specified further on the agreement form.

Australia

In Australia, each state and territory has its own road safety laws, and this has resulted in some inconsistencies across state lines in the past. The National Transport Commission introduced Australian Road Rules (ARRs) for nationwide implementation.

Many more countries have introduced AV regulations, but with the rise of level 3+ autonomous vehicles, we also see an increase in the reported number of accidents caused by and involving vehicles that are put on the autonomous-driving mode. With such differing regulations across the world in terms of testing and driving regulations, jurisdiction, or even liability, it brings up the question of whether a centralized regulatory system needs to be implemented.

Global regulations may continue to change as technology evolves and develops. What are your thoughts?

27 July, 2020 . 6 mins read

Top 6 Security Threats for Modern Vehicles

Modern vehicles have a lot of advanced safety features that keep us safe on the roads. Blindspot detection, lane keep assist, and forward-collision assist with automatic emergency braking (AEB) are some of the standard features that we take for granted. Moving a bit upward, a typical high-end vehicle today has face detection capabilities that would send all kinds of warnings when it sees the driver drowsing. If the driver fails to wake up, the car would slowly park itself on the roadside.

Very soon in the future, we are likely to see a significant decrease in traffic accidents when older cars get phased out. However, not everything is as rosy as it seems. Modern cars are essentially sophisticated computers on wheels. The more sophisticated they are, the more weak points they have, and the more possibilities for high-tech attackers to exploit them.

Indeed, modern cars are keeping us safe. But who keeps cars safe? (Hint: AUTOCRYPT)

We need to understand where the threats come from and take the correct measures to prevent them. Here we take a look at six of the top security threats for connected vehicles.

1. Attack on Smart or Digital Keys

Smart keys commonly referred to as “keyless entry”, do not require the driver to push any buttons on the key to unlocking the doors. Doors unlock automatically when the key fob is near the car. Smart keys mostly utilize infrared radiation (IR) technologies to transmit signals to the car. Digital keys built-in mobile applications work in a similar way, except that they transmit signals via Bluetooth or NFC technologies.

Under situations where the key is nearby a locked vehicle, a hacker could break into the car by gaining access to the IR communication with a brute-force attack, by using a relay box to scan and reflect the communication signals, or by manipulating the Bluetooth communication between the smartphone and the vehicle. Automakers have started to make keys with much shorter signal transmission ranges, in which the key fob or smartphone needs to be right beside the doors for them to unlock.

2. Attack on Embedded Software

Modern cars have up to 80 electronic control units (ECUs) that keep the vehicle functioning. The embedded software in these ECUs is not only growing in numbers but is becoming increasingly complex. Critical functions like the anti-lock braking system (ABS) and electronic injection lineup are all controlled by ECUs. The embedded software analyzes data such as temperature, engine speed, and accelerator position to determine the optimal behavior of the fuel injectors, hence delivering the optimal results depending on the driver’s settings (e.g. eco, comfort, sports, etc.).

Attackers can inject malware into the ECUs to manipulate their state and actions, posing a significant threat on the functioning of the vehicle. To protect these built-in software from external threats, automakers need to provide prompt software patches and invest in a reliable in-vehicle firewall.

AutoCrypt IVS is an advanced firewall optimized for automotive communication protocols. With two decades of experience in intrusion detection, AutoCrypt IVS effectively blocks all malicious traffic from entering the vehicle system. Click here to learn more.

3. Attack on Software Applications

In-vehicle infotainment systems have become just as important as the engines. Other than the built-in applications, Android Auto and Apple Carplay are now offering an increased number of vehicle-compatible mobile applications from a wide range of categories, including navigation apps, payment apps, media apps, social networking apps.

Similar to embedded software, built-in software applications need to be constantly updated and patched, as well as protected by an in-vehicle firewall. To prevent threats coming from mobile applications, vehicle-to-device (V2D) security measures should also be deployed.

AutoCrypt V2D is a security solution that protects the communications between vehicles, mobile devices, and cloud service providers. Click here to learn more.

4. Attack on Sensors

The majority of modern cars have certain degrees of autonomous driving capability, ranging from SAE Level 1 to Level 4. (Click here to see SAE’s automation level definitions.) To provide such driving assistance and autonomous driving features, a wide range of sensors must be built within the cars to help them detect road conditions, lighting conditions, obstacles, moving objects (e.g. cars and pedestrians), and inertia. Cars also rely on GPS data to locate and navigate with high precision.

Threat actors could exploit vulnerabilities in these sensors to undermine their range, detection capabilities, and reliability. They could also manipulate GPS data to provide wrong directions and control the route of the vehicle (for Level 4 automation). State-backed APT groups could hack into the sensors of multiple vehicles to cause mass-scale collisions and destruction.

5. Attack on Cloud-based Servers

After the sensors collect all the data, they transmit that information to the cloud database to enhance the autonomous driving experience, and also to enable communications between the vehicle and the transportation system. Thus large amounts of data are sent to the cloud database.

Sophisticated threat actors could compromise the cloud databases to steal sensitive information about the vehicles and the drivers. These data could be used to identify weaknesses of a vehicle, which could be exploited for future intrusions and phishing campaigns.

6. Attack on Networks

Modern vehicles are all part of the vehicle-to-everything (V2X) network. The V2X network consists of countless numbers of vehicle-to-device (V2D), vehicle-to-grid (V2G), and vehicle-to-infrastructure (V2I) communication messages. These communications would increase substantially once cooperative-intelligent transportation systems (C-ITS) roll out on a large scale. As such, a car is exposed to hundreds of endpoints that could serve as entry points for hackers.

To protect the car in a V2X network, an in-vehicle firewall is not enough. An authentication framework must be put in place to verify every user before allowing them to connect to the vehicle system.

AutoCrypt V2X utilizes user authentication and data encryption technologies to secure all sensitive information related to the vehicle. AutoCrypt PKI supplements V2X by offering a certificate-based authentication system for external users like vehicles, pedestrians, and road infrastructure. Click here to learn more.

Safety is the Number One Priority

Safety has always been paramount in transportation. We expect seatbelts and airbags to work in the event of a collision, and expect the car to not catch on fire after crashing. But as we transition into this new era of connected vehicles, we as consumers do not seem to have any clear expectations yet.

This is why AUTOCRYPT is not only providing the most complete vehicle security solution for the industry. It is also working with automakers and other security experts to establish an international security standard that would help shape expectations, set up high standards, and keep our roads safe in the era of automation.

22 July, 2020 . 4 mins read

Why COVID-19 Has Made Vehicle-to-Grid (V2G) Security Even More of a Necessity

When the concept of Vehicle-to-Grid (V2G) began and companies and organizations began their research and implementation into EV systems, the main aim was to have an optimal energy management system. EVs, when charging bidirectionally, would not only maintain a minimum charge but balance the grid and minimize emission. The system’s goal is twofold: to increase efficiency in terms of renewable energy sources and costs, and simultaneously balance the demand for electricity on the grid. While no one could have imagined the paradigm shift that would occur worldwide through COVID-19, industries, and even new technologies are now trying to shift and evolve in order to meet the demands of the millions whose lives must go on in terms of their household, career, and transportation. With work-from-home (WFH) and social distancing deemed “the new normal,” there’s an increasing number of people who have no choice but to work and communicate remotely, meaning, technologies like V2G and consequently V2G security may now be more necessary than ever before.

V2G for Customers and Businesses

From March to April 2020, 30 million Americans filed for unemployment. The growing figures are an obvious sign of how many are facing financial strain due to COVID-19. However, at least for EV owners with Plug & Charge (PnC) capabilities, their electric bills may be minimized by using smart charge systems. For bi-directional PnC users with charging points in their homes, because their vehicles are spending more time parked in the garage than driving on the road, their batteries have more of the capacity to be used to power the grid. This can be good news for clients who are spending more time at home powering their laptops, entertainment systems, and home appliances while WFH, but do not necessarily have the financial means to be beholden to surge pricing.

For businesses with EV charging points, management of their services during the COVID-19 pandemic remains crucial – with an unbalanced supply chain (weakening demand in some industries with skyrocketing demand in others) and increasing financial pressures, PnC allows for businesses to set limits on energy consumption and avoid surge pricing, allowing them to maintain operations. Especially for start-ups or small businesses, minimizing operations costs is crucial: estimates show that more than 100,000 small businesses have permanently closed due to the pandemic.

Both customers and businesses can enjoy the benefits of PnC, as most offer real-time data available through an app or online platform. This can further allow users to optimize their charging during off-peak hours and maximize financial returns.

V2G Security

However, as with all connected technology, the technology itself is only half of the equation. With increased usage comes even more temptations for tampering. All parties involved from manufacturers, Mobility Operators (MO) all the way to Charge Point Operators (CPO) must ensure that the connections that the charge points are safe from intruders — because like it or not, owning a connected vehicle comes with social responsibility.

The most obvious damage that uninvited “guests” may wreak is through tampering with the payment systems. PnC allows for easy, streamlined payment, which means everything is done through payment methods and membership registration information already in the system. With loose security regulations, this could mean that payment systems could be hijacked without anyone ever knowing. During a critical time such as this, it is definitely not in anyone’s best interest to be hacked, left with an even thinner wallet than before. This is why AutoCrypt, in accordance with the international ISO 15118 Standard ensures that encryption and digital signatures are implemented to protect vehicles during charging.

The second concern is one that may fly under the radar, but EVs and V2G focus on the exchange of data – the time of day, the amount of charge, the pricing, and the payment methods for the vehicles and the charging points. Data monetization is becoming more and more lucrative as more EVs and connected cars hit the market and the economy suffers further due to COVID-19 — and in the wrong hands, this could mean loss of privacy and even in worst-case scenarios, data terrorism.

These are just a couple of reasons why AUTOCRYPT not only provides a comprehensive security solution, but is constantly working with manufacturers, MOs, and CPOs to ensure that customers on and off the road are able to keep safe in this connected car era. In a time where things are unpredictable, perhaps it would be safe to say that no one wants the security of your vehicle and wallet put into that group as well.

Stay safe, wash your hands, and keep your connections secure.

15 July, 2020 . 3 mins read

Welcome to the World of V2G

Electric Vehicles are no longer a future premise… In fact, from 2012 to 2018, global plug-in vehicle deliveries grew by 46-69%, and it’s likely that this growth will continue. We see EVs on the road and charging points in parking garages, and while the concept seems to be comparable to charging a mobile phone—plug it in, wait, and go… is the process really that simple?

In reality, charging a car involves several parties:

1. The OEM manufacturer who made the vehicle

2. The CPO that provides the Charge Point, similar to a gas pump for non-electric vehicles

3. The MO that registers members to be users for the charging service

This MO does not own the charging point itself, but builds the interface and the system required to use it. The MO is the party that has contact with the actual customers, and receives and maintains their charging data and information. The CPO, who owns the charge points, relays the operations of its station to the MO, and pays the network usage fee.

Users need to be certified by the OEM, MO, and CPO and then deliver the certificates to the V2G infrastructure in order to have the ecosystem ready for charging.

cpo mo oem process

While this may sound and look to be quite complicated, for the end-user, it’s quite simple. Plugin the charger at a nearby charging station, and then go—Plug & Charge (PnC). Just like a mobile phone, the process has been streamlined. All the certification, verification, and payment processing happen in an instant behind the scenes, and AUTOCRYPT V2G keeps those processes secure.

But what happens when the security landscape is always changing? From the early stages of the EV, AUTOCRYPT has been ready to bring solutions and products to the table, taking on the future era of EVs.

This also means that it has been and continues to be crucial to continue testing for compliance with not just domestic, but international standards, manufacturers, and guidelines around the world as this is an era that is constantly evolving. AUTOCRYPT has participated in several testing symposiums to meet international standards, and we continue to conduct interoperability testing with various companies. AUTOCRYPT has also been invited to share its unique V2G technology all over the world, as industries and organizations worldwide are increasingly eager to get into the conversation about EVs and the need for security, standardization, and quick integration.

AUTOCRYPT V2G ensures that your EV experience is a seamless one, letting you spend more time on the road without compromising your safety and security. For more on how the V2G experience works with AUTOCRYPT, click to watch our video below!

28 June, 2020 . 3 mins read

Infographic: All You Need to Know About Electric Vehicle Fill-ups

2020 is set to be the year of Electric Cars, according to numerous automotive analysts around the world.

More and more global manufactures are joining the wave of launching new electric vehicle products in hopes to lower the carbon dioxide (CO2) emissions level.

As a result, Electric Vehicle (EV) charging points are noticeably increasing on streets, highways, and parking spaces around all continents.

Now you can get a bird’s eye view on what you need to know about the new trend of vehicles including tips on electric vehicle fill-ups and charging.

(Accessibility version below)

electric vehicle fill-ups infographic

All You Need to Know About Electric Vehicle Fill-Ups

1. How far can I go on 1 hour of charge?

The distance your vehicle can go after an hour of charging depends on your vehicle model and the embedded battery type. The unit of measurement for charging is kilowatt-hours. Regular 120v power outlets allow for a distance of 6.5km per hour of charge, 240v residential chargers allow for 40km, Commercial chargers for 40km, and Fast-charge commercial chargers can allow for distances up to 300km.

2. How long does it take to charge?

Based on the time it takes to charge to 80% of a 63kWh battery (standard sized battery of a US BEV model as of May 2019), a 120v power outlet can take up to 42 hours, a 240v residential charger 2.6-15 hours, commercial chargers 20-60 minutes, and fast-charge commercial chargers 8-20 minutes.

3. Am I able to charge my EV at any charging point?

Unfortunately, no. Manufacturers have different models for plugs depending on the region, speed of charge, and the manufacturer brand. For example, the SAE Combo Coupler System (CCS), CHAdeMO, and Tesla are the three most common plug types.

4. How often should I charge my EV?

While frequency does depend on your driving habits, if you are a daily user of your EV and drive long distances each time, it’s recommended that you charge your EV battery each night. However, on average, EV users tend of charge about 2-3 times a week.

5. Where can I find the closest charge station?

Charge stations are marked clearly on most maps, but visit websites like PlugShare to find out more details. This site also indicates which plug types are supported by the charge points.

6. How much is the cost of an electric vehicle fill-up?

Costs vary greatly depending on the country and model of vehicle, but the national average rate for the USA is $0.13/kWh, for the UK 0.14pounds/kWh, and the EU at 0.21 euros/kWh. It also depends on the time of day (peak/off-peak), for example, for a 2018 Tesla Model 3, would cost about $1.56 for 50 miles, if you charged at an off-peak hour of 11pm. However, it would cost four times as much at $6.37 during peak hours.

For more information about EVs, security, and other automotive technology, visit autocrypt.io.

25 June, 2020 . 2 mins read

No Safety without Security: AUTOCRYPT to Showcase at Shanghai AutoCS 2020

SHANGHAI, CHINA: Autocrypt Co., Ltd. will be exhibiting at this year’s Automotive Cybersecurity (AutoCS) conference, taking place in Shanghai from 18-19 June, 2020. As well as showcasing a booth at the much-publicized AutoCS event, Shanghai PanQi Information Technologies CEO Clark Jin will also be hosting a presentation detailing real-world cybersecurity scenarios in the automotive industry.  The theme of the 2020 event is “No Safety without Security,” highlighting the growing need to prioritize cybersecurity before vehicles hit the road.

With the ever-growing landscape of autonomous and connected vehicles, leading minds and corporations are seeking to collaborate and discuss crucial automotive cybersecurity regulations, latest testing methods, good practices and real applications. Autocrypt has established a joint venture with Shanghai PanQi Information Technology Co., Ltd. and the two corporations will move forward to navigate these issues in China.   

Autocrypt and PanQi bring forward the solutions these situations require through security offerings ranging from V2X (Vehicle-to-Everything), V2D (Vehicle-to-Device), V2G (Vehicle-to-Grid) security, as well as Fleet Management. As leading players for automotive cybersecurity in Asia, the two companies prioritize progressive action in bringing these offerings to market, and will be showcasing the solutions at Shanghai AutoCS.  

Autocrypt CEO and co-Founder, Daniel ES Kim remarked, “We are very much looking forward to exhibiting at AutoCS because the private and public sector must work collaboratively to move past the status quo when it comes to automotive cybersecurity. As the number of connected and autonomous vehicles increases in China, so must the discussions on security regulations and implementation of security measures. It is essential that we not only minimize, but also negate the risks involved and put safety first, and Autocrypt brings forward a comprehensive set of solutions to the table to negate those risks.” 

To find out more about AUTOCRYPT and its offerings based in China, contact china@autocrypt.io
For partnership inquiries, contact marketing@autocrypt.io