Using blockchain to manage automotive cybersecurity
Explore five ways that blockchain can help both smart car owners and manufacturers about five possible solutions - from forensic auditability and massive-scale integrity to real-time monitoring and complete attribution.
Let's suppose that, after Tesla released their patents in 2014, your company picked up the ball, and started designing the next generation of smart cars.You’re the Chief Security Officer (CSO), and your job is to make sure your cars are as safe as possible.
Connected car security solutions
What could a proper data security solution do to help you? Let's examine five possibilities:
1. Complete attribution
Know for sure where all the data is coming from, and that it is secure. A car may variously pull data from wireless telco (while driving), your home Wi-Fi (while parked in your garage), or Bluetooth (from your phone). Each of these networks needs to be secure, and the level of security needs to be consistent across service providers. Getting a new phone, switching telco providers, or using your neighbor’s Wi-Fi shouldn’t compromise the security of the data in your car. If it does, it shouldn’t be possible for that particular connection to be made, even accidentally.
2. Massive-scale integrity
Every system involved—the Wi-Fi connection, the software update application, the custom settings for how a certain driver likes the air conditioning and seat position—should be veri able for the absence of compromise.
3. Forensic auditability
It should not be possible, after a breach, for an analyst to say, “Eh, there are so many interlocking systems here, it could have been any combination of things.” Every part is secure in itself, and every organization involved uses a transparent process that can be vetted and examined at any time.
4. Real-time monitoring
Real-time monitoring with integrity instrumentation prevents data loss and enables the observation of changes to state, access, custody, and identity. In other words, all the data coming in and going out is continuously scrutinized to verify that it changes only when it should, it’s going where it’s meant to go, and it’s arriving from the right sources, with the best security practices intact.
5. Service lifetime extension
Legacy systems that can’t supply the proper integrity themselves— such as a user’s outdated cell phone—can still be integrated, with additional provisions made to ensure the integrity of the data going to and from those systems.
Connected cars and blockchain
How does all this relate to blockchains? Well, it’s through a blockchain that the security provider confirms the integrity of the data.
Every moment that the car is activated, all its data can be hashed. Those hashes are sent to a secure server communicating with a private blockchain. A newly arrived hash is compared to a hash from the previous moment. If the only thing that has changed is the timestamp, then the integrity of the data is assured.
If other parts of the hash have changed, then an instantaneous evaluation is done as to what changed, and whether that’s something that should have changed. Then the hash for the new data and timestamp is added to the blockchain, and the process begins again.
Blockchain benefits for connected car owners and manufacturers
Let’s talk about how all this affects the bottom line.
For the car owner: insurance premiums can be lower. The insurer can know that the software and sensor data is secured and can factor that into calculating a premium.
For the car manufacturer: data and insight translate into many opportunities beyond the sale of the car itself. The customer becomes an end user who generates data. That data can be brokered, and also used to improve supply chain logistics and to facilitate troubleshooting. The data can be aggregated across other business segments, such as nance, insurance (assuming insurance will even exist in its current form), parts, supply chain, after-market, and road authorities.
To read more about how blockchains can bring integrity assurance to the IoT, including connected cars, please read our e-book: