Connected Cars. Security Certification Schemes. (M21a)
Smart Cars can be defined as systems providing connected, added-value features in order to enhance car users’ experience or improve car safety & security. Basically the smart car architecture consists of a set of sensors and computers (ECUs) interconnected among them by internal networks and providing also external connectivity. Most car architectures distinguish between different components interconnected by a central gateway: Powertrain control, Infotainment control, Communications control, Diagnostic and maintenance systems, etc. All these components may cause risks, should they be compromised. The impact of these risks may vary between safety, security or privacy concerns. For this reason, components of a smart car are described as assets and require appropriate protection. Protections are coming from the familiar cryptography implementations, trusted channels, access control policies, etc. This presentation addresses the definition of these assets/threats, security functions implementing protection mechanisms and proposals for their security certification.