IIC Journal of Innovation | Page 94

More Horsepower with the Click of a Download
needs to be used for software as well, when the software failure would be impacting critical
systems. Automotive Safety Integrity Level D (ASIL-D), for example, refers to the highest
classification of initial hazard (injury risk) defined within ISO 262623 and to that standard’s most
stringent level of safety measures to be applied to avoid an unreasonable residual risk.

2.2

Car Management = Mobility Management

Modern cars are mobile devices on wheels, underpinned by systems of many devices on wheels
that contain dozens and even hundreds of Electronic Control Units (ECUs) which amongst them
run a hundred million lines of code and are connected via vehicle bus systems and gateways. One
endpoint of the busses is the Onboard Diagnostic Port (OBD II), which can usually be found under
the steering wheel. The electronics in cars significantly contribute to R&D and production costs
and, as mentioned before, there is not much reuse in this area. Functionalities such as Navigation,
real time traffic information, Calendaring, and email have over the years been added to the Head
Unit which in the early years were only extensions for the radio and audio systems. This also
explains why these systems are so vulnerable as soon as they connect to the Internet. Software
code for the above-mentioned functions has been added incrementally to an already monolithic
software system and therefore creates a large attack surface4. Without a complete, secure and
modular redesign of the Head Unit software, the best approach for a solution today is to secure
the connection from the vehicle backend to the car in the same way it is done on mobile devices;
with a vir X[