The evolution in the automotive field has made it possible to open the doors to the advent of new smart technologies, the so-called smart cars.
They are connected and accessible from mobile devices and web connections, complete with remote control diagnostics and multimedia systems with wireless connections and protocols. This makes everything more usable but also more exposed to increasingly targeted threats that exploit the vulnerabilities of network systems to access and control the car.
The new solutions therefore have to be custom designed and must take into account the installation inside the car: this is the case of ECU (i.e. Electronic Control Unit, embedded systems that include all those devices equipped with microprocessor, microcontroller and memory).
Since many attacks can compromise not only the systems connected to the network but the traveler's own safety, involving driving control systems, it is necessary to carry out an assessment that can assess the degrees of vulnerability in order to "patch" them (as has also happened in some recent cases in Tesla). Threat Analysis and Risk Assessment, known as T.A.R.A. it is a procedure that accurately determines the categorization of threats. The identification of critical points of the vehicle effectively leads to the definition of defense strategies. Today's solutions involve the use of firewalls built into the vehicle.
Some types of attacks also claim tampering through processor "glitches" using voltage variations on the power supply of the device that affect the operation of the processor. Precisely for this reason, permanent monitoring of the vehicle's system status increases safety, as it must be reported regularly to a safety operations center, so that vehicle fleets can be checked for security flaws.
This leads to much faster development and deployment of security patches, which can be imported quickly via over-the-air updates and without the need for a visit to the support center. Such an ecosystem of safety-relevant elements allows developers to use both basic software components and application software when building the safety architecture for electronic control units so that the system can be secured.
