Safety first. Quality assurance for connected cars

Connected Cars - Networked Vehicles

When we hear about "Connected Cars," it’s almost impossible not to imagine self-driving cars in our mind's eye; Connected Cars: an example of reality imitating science fiction. But while many are celebrating the technological progress being made in this area, others have serious criticisms and concerns about safety and security. Following recent events, the public is very aware of the central role that software already plays in the automotive industry. As a result, the importance of safe and reliable systems is obvious. In this context, self-driving cars can be seen as the symbolic tip of an iceberg which is based on highly complex, networked systems. These systems have to ensure the best possible quality and security.

Fundamentally, Connected Cars products find themselves at the interface between different sets of advanced technologies. As such, they bring together technologies from the IT fields – such as database architectures – with vehicle electronics. Aspects involved include engine control units (ECUs), telecommunications (mobile networks, smartphones) and consumer electronics (in-car hi-fi systems, music and video streaming technologies).

On closer consideration, a modern car has much less in common with a Ford Model-T than with an iPhone. While the external form is still reminiscent of a motorised coach, everything needed to actually move the car forward is based on high-tech elements and the associated software. It's therefore more than merely interesting to note that more than ten million lines of code are built into, say, a Mercedes S500 or a Chevrolet Volt. That’s more than you’d find in an F-35 fighter jet. The market share of Connected Cars has already passed the 50% mark in 2015, and more than 30% are networked with portable devices. As a result, it has become a challenge to ensure that vehicles are compatible with a variety of end-user devices.

The significance of electronics for the automotive sector is hardly new. The innovation, however, lies in the networking of the devices with one another and - this is decisive - with the external world via mobile internet. Today’s cars, in fact, not only constantly record information about their performance, location, and the status of their various systems but are also able to interact with their environment as “cyber-physical” systems. Their sub-systems also communicate with one another and coordinate their various actions to ensure safe and efficient operation. In the future, car makers will see the data generated in this way as increasingly important both for the further development of their products and services and for Customer Relationship Management.

Safety in highly complex systems

The lives of drivers and their families depend on motor manufacturers’ expert workmanship on a daily basis. This is why safety is given absolute priority in the design and manufacture of vehicles. The challenge for car makers in relation to Connected Cars is that, while they do of course have top-notch skills in their core areas of auto mechanics, materials science, aerodynamics and mechanical engineering, for other areas central to the functioning of Connected Cars they need to turn to external sources for skills and expertise. For quality assurance purposes, it is therefore vitally important to find a partner with proven experience in the following fields: system integration, vehicle electronics (infotainment, telematics, ECUs), telecommunications and consumer electronics.

With the aspiration of offering the highest possible level of quality assurance, Concept Reply has proven professional expertise in these areas: from vehicle components to app store ecosystems, from mobile network field-testing to systems integration, from applications, network security over cloud computing to big data and back-end system architecture.

Reply has developed a quality assurance model for Connected Cars that evaluates all aspects in terms of system integrity, compatibility and technological vulnerabilities. It incorporates deep-level penetration testing of software elements and analysis of the functionalities and security of interfaces, as well as physical stress testing.

Reply has developed a quality assurance model for Connected Cars that evaluates all aspects in terms of system integrity, compatibility and technological vulnerabilities. It incorporates deep-level penetration testing of software elements and analysis of the functionalities and security of interfaces, as well as physical stress testing.

When the whole is more than the sum of its parts

Control units, instrument clusters, telematics boxes and infotainment systems are all tested for integrity. Standardised tests and manual pen tests ensure that individual components are protected against external attack and any vulnerabilities are removed. In this field, Reply can call upon its extensive experience in the Internet of Things (IoT) with regard to networked device communication. System validation is carried out before the components are built into the vehicle. To facilitate this, all components are brought together in a specially developed testing facility where, for example, a Controller Area Network is set up to check that components produced by different manufacturers (car makers, third-party electronics suppliers, mobile devices) can communicate with one another correctly.
This phase is critical because motor manufacturers rely on supplied components, including engine control units, and incompatibilities can only be recognized when the components are first linked together within a system: It is clear that in a connected system, the whole is more than the sum of its parts. A thorough evaluation of the interaction between components is therefore an absolute necessity. ×

When trust is not enough

Control units, instrument clusters, telematics boxes and infotainment systems are all tested for integrity. Standardised tests and manual pen tests ensure that individual components are protected against external attack and any vulnerabilities are removed. In this field, Reply can call upon its extensive experience in the Internet of Things (IoT) with regard to networked device communication. System validation is carried out before the components are built into the vehicle. To facilitate this, all components are brought together in a specially developed testing facility where, for example, a Controller Area Network is set up to check that components produced by different manufacturers (car makers, third-party electronics suppliers, mobile devices) can communicate with one another correctly.
This phase is critical because motor manufacturers rely on supplied components, including engine control units, and incompatibilities can only be recognized when the components are first linked together within a system: It is clear that in a connected system, the whole is more than the sum of its parts. A thorough evaluation of the interaction between components is therefore an absolute necessity. ×

The search for the weakest link

Connected Cars are highly complex systems that also have to move around in a potentially hostile environment. All kinds of brought-in devices and software can become the target of an attack. This means that when it comes to safety, the entire system is only as strong as its weakest link. Since the individual components are combined within a network, attackers can succeed in compromising the entire system by targeting an insecure component and thereby gaining control of other components.
Evaluations are carried out on the likely main targets for attack, notably the connection protocols (e.g. Wi-Fi, GSM, LTE, Bluetooth), end-user devices, applications (such as live streaming, social networks, navigation), V2X (also known as Car2X) communication, and in-vehicle elements. Some spectacular cases have shown how attackers, by taking advantage of a vulnerability in the car entertainment system or the tyre pressure controls for example, have been able to gain complete control of a vehicle already in operation.
As well as consulting and testing services, Reply also offers countermeasures for potential threats such as ECU hardening, secure flashing, environment separation, virtualisation and intrusion detection systems. These accelerate the development process for Connected Cars significantly, and vulnerabilities can be remedied without delay. ×

Compatibility and mobile network testing

The testing of brought-in mobile devices encompasses a wide range of functionalities: hands-free calling functions such as call management, address book compatibility, SMS compatibility and voice control, to audio streaming and compatibility with systems like Apple CarPlay, Android Auto and MirrorLink.

Moreover, tests are carried out on apps that run on portable devices. A further important aspect involves testing systems in changing mobile network conditions, such as the switch to a different network provider when a vehicle moves across national borders. The aim of this phase is to advance the progress of connected car ecosystems, in respect of their network environment, towards a situation of what might be termed “coherent heterogeneity”. ×

App certification and end-to-end service validation

Third-party apps can also constitute a serious risk to safety and systems integrity. For this reason, apps need to be tested and certified before they are authorised for use in a Connected Cars networked ecosystem. Even before being released to the public, apps are probed for vulnerabilities and to ensure they are fully compatible.

Only after successfully passing a thorough testing procedure is an app certified and authorised for connection with on-board systems. If there is even the smallest degree of doubt about the safety or security of an app, it will be not be allowed access to Connected Cars' systems. ×

Reply Value

As an experienced partner of the automotive sector, Concept Reply has extensive experience in all areas of relevance for Connected Cars, including telecommunications, consumer electronics, vehicle electronics and IT system architecture.

As well as a team of highly qualified and experienced engineers, Reply offers practical and cost-effective near-shoring options within Europe, which can help clients to control the costs of developing Connected Car concepts. All test procedures can be carried out either in Reply’s ISO17025-certified test labs or on the client’s premises – or using a combination of both options. Reply’s testing facilities include an electrical lab, a mechanical lab, an audio lab and an optical lab, where all relevant aspects of connected cars undergo comprehensive testing.

As part of the Reply Group, Concept Reply can call upon the knowledge of other experts in the fields of cyber-security, app development, IoT and systems integration where necessary, thereby offering maximum value to its clients. Its deep knowledge of the automotive industry worldwide helps ensure that the final product complies with all relevant standards and local regulations, whether these are manufacturer-specific, EU, US or Chinese standards.