Safeguarding the Code That Drives Modern Vehicles
By Soujanya Ain is a Product Marketing Manager at GitGuardian
The automotive landscape has evolved dramatically, from mechanical marvels to sophisticated platforms on wheels driven by intricate computer systems. Surprisingly, these vehicles are governed by over 100 million lines of code, running across 50 to over 100 independent processors known as electronic control units (ECUs). To put this into perspective, the Ford F-150 Lightning, a marvel of modern engineering, operates on 150 million lines of code, surpassing even the Boeing 787 Dreamliner, which relies on a comparatively modest 6.5 million lines of code.
This intricate code is the lifeblood of modern cars, responsible for tasks ranging from lane-keeping assistance to seamlessly connecting with our mobile devices and playing our favorite tunes. It’s often said that cars nowadays are essentially rolling computers. This sentiment is not without reason. Since 1996 for American vehicles and 2001 for European ones, standardized connectors (OBD/EOBD) have been mandated to interface with the local vehicle computer network (CAN bus).
Moreover, embedded LTE connectivity has been integrated into vehicles since 2014, allowing manufacturers to collect performance data and implement remote controls, such as lock/unlock and remote start functions.
However, this technological leap has its own set of challenges. With an extensive codebase, the risk of code leakage becomes a pressing concern. Unlike a software company, where an exposed AWS API key may result in unauthorized access to vital AWS resources, the stakes are much higher in the automotive world. Imagine hurtling down the highway at 70 miles per hour and losing control of your vehicle remotely. This isn’t just about data, it’s about the lives of every individual in and around the vehicle. This underscores the reality that automobiles have evolved into valuable assets susceptible to threats from both physical and remote adversaries.
The Era of the Software-Defined Vehicle (SDV)
The SDV market is projected to grow significantly, from a $43 billion market size in 2023 to a potential $150 billion by 2030. Pioneered by Tesla, automotive companies are shifting towards becoming software-first entities. Ford’s recent launches of electric vehicles, the F-150 Lightning and Mustang Mach-E SUV, underscore this transformation. However, it’s imperative to recognize that code security practices must evolve in tandem as technology progresses.
Beyond flashy infotainment systems and seamless navigation experiences, the bedrock of any vehicle’s security lies in its underlying security infrastructure. For instance, in-vehicle infotainment (IVI) systems, which operate on embedded Linux, store sensitive information like personally identifying information (PII). These systems are often interconnected with vital subsystems, like the engine, brakes, and sensors, which create a broad attack surface in conjunction with the embedded LTE connection, This implies that if hackers target the infotainment system, they might gain access to sensitive information and potentially gain control over vital vehicle functions. Robust security measures here are non-negotiable.
The Grim Reality of Source Code and Secrets Leaks
One of the most critical concerns revolves around the leakage of hardcoded credentials. Unlike traditional attacks, where bad actors must identify and exploit vulnerabilities, hardcoded secrets can be exploited with minimal effort. This can lead to customer data breaches, intellectual property theft, company-wide systems manipulation, and even unauthorized access to mobile apps for controlling vehicles.
Manufacturers accumulate vast data lakes containing a wealth of information on consumer behavior. While this data is invaluable for refining products and enhancing user experiences, it poses a significant security risk. Any breach in these data lakes could have far-reaching consequences, affecting individual drivers and entire user bases.
The automotive industry faces the dual challenge of ensuring data privacy (GDPR and California Consumer Privacy Act (CCPA) compliance) and securing its assets against cyber threats. A breach here could result in customer identity theft, financial fraud, and hefty regulatory fines. The recent breaches involving major automakers are stark reminders of the urgent need for an improved secrets management posture. Daimler, Nissan, Toyota, and others faced incidents where sensitive customer data was inadvertently exposed due to misconfigurations and exposed secrets.
This should be no surprise, particularly for those acquainted with the alarming revelations from the GitGuardian State of Secrets Sprawl report. The study unveiled a staggering 10 million secrets left exposed on public GitHub repositories in 2022 alone. It’s a concern that casts a broad shadow, touching applications, the entire supply chain, and the backbone of critical infrastructure.
Elevated Risks of Neglecting Secrets Security
Approximately 85% of automotive software comprises open-source code and components sourced from upstream vendors. A breach in one component could impact multiple car models across different manufacturers. So, it’s imperative to scrutinize every link in the automotive supply chain for potential secrets incidents. After all, hardcoded credentials in vehicles aren’t limited to automakers alone; they extend throughout the supply chain. Each component, equipped with its software, may harbor embedded secrets, sometimes lacking robust security measures for safeguarding them.
Within this intricately connected ecosystem, the Telematics server is a pivotal gateway, receiving data from vehicles and executing remote commands. Unfortunately, they are often inadequately protected, leaving vehicles susceptible to unauthorized access. A breach in this system could have dire consequences – from locking owners out of their vehicles to initiating erratic and potentially dangerous behaviors. In extreme cases, attackers could even seize control of a vehicle’s steering, imperiling lives on the road. This underscores the critical need for robust secrets security within Android and iOS applications, and the command and control (C&C) infrastructure.
There has been an ongoing “right to repair” debate in this broader industry landscape. A significant step forward has been taken, granting independent repair shops access to vital vehicle data. However, as this access expands, so does the concern for data security. Protecting important software-defined components becomes paramount, ensuring they don’t inadvertently expose sensitive code and user information. In this regard, secrets detection emerges as a critical layer of defense, guaranteeing that even with expanded access, sensitive data remains secure.
As vehicles increasingly undergo updates via Over-The-Air (OTA) processes, it creates a potential entry point for attackers. Intercepting, dissecting, and manipulating these updates can unveil hidden features, functions, and sensitive information, including “hardcoded secrets,” paving the way for ransomware attacks. This highlights the critical importance of safeguarding sensitive code and user information. As the automotive industry hurtles into the digital age, one thing is abundantly clear: the safety and security of both vehicles and their passengers hinge on robust secrets protection.
Securing automotive software is a multifaceted challenge requiring collective effort from the entire supply chain. Integrating secrets security measures right from the start of the development process is paramount here.
The stakes are high, and the onus is on the industry to ensure that future vehicles dazzle with technology and are fortified with rock-solid code security measures. The road ahead is one of transformation and innovation; we must navigate it with vigilance and foresight.
About the Author
Soujanya Ain is a Product Marketing Manager at GitGuardian. She helps spread the story around application security and the AppSec challenges companies face today.
Website:https://www.gitguardian.com/
Twitter handle: https://twitter.com/GitGuardian