Securing the cars of tomorrow is a concern for car makers, Tier-1 suppliers, and consumers alike. As a matter of fact, a 2015 consumer survey showed that 62% of people questioned feared that cars of the future will be easily hacked. Lawmakers in the US have already passed bills to address and calm these fears, bringing regulatory requirements into the picture as well. To help our customers address these needs, Reliance Velocity (formerly Tuxera Flash File System) now ships with automotive security features. But before we go deeper into the new security features, here’s a short overview of how Tuxera fits in to the connected car security framework.

To protect consumer safety and privacy, connected cars must be secure at all levels – from the hardware and software inside, to the connections to the network and cloud. Andy Birnie and Timo Van Roermund of NXP Semiconductors refer to this holistic perspective on automotive security as the 4-layer Security Framework. Their framework illustrates how security must be addressed at each level within the car including the interfaces, gateways, the network, and processing deep within the car.

Where Tuxera fits in 4-layer automotive security framework
Where Tuxera fits in 4-layer automotive security framework. Article continues after this image.

As an embedded software and services provider, the majority of what we do at Tuxera is situated at the core of this framework, “secure processing.” Reliance Velocity and our other file system implementations are embedded into various processing units within the car to provide reliable data storage management.

Security features in Reliance Velocity flash file system

Reliance Velocity has security features that help Tier-1 suppliers and car makers meet regulatory requirements and gives peace of mind to consumers. These file system security features include:

  • Verified boot support
  • Encryption
  • Metadata checksumming
  • Quotas
  • Secure delete

Here’s a high-level description of each of these security features and why they’re valuable at the file-system level. 

­­­­­Verified boot

Verified or secure boot support is handled through the device-mapper-verity (dm-verity) kernel feature. Initially developed by Google for Android, dm-verity uses a cryptographic hash tree, calculating an SHA256 hash for every data block. Dm-verity ensures that the file system has not changed states – or been hacked – from the last time the car was used. 

Encryption

Encryption is commonly used to prevent unintended access to information. With several people using the same car – think car sharing, lending, or rentals – securing information such as contacts, web browsing, or credit card information is essential.

Encryption as implemented in Reliance Velocity follows the existing encryption model used by the Linux file system ext4. Reliance Velocity uses AES256 industry standard encryption to encrypt file data, file names, and symlinks.

Metadata checksumming

This security feature is primarily for protecting data integrity. Checksumming is used by the file system to detect if the metadata has been modified between operations. Modifications might mean the storage is corrupted and therefore the metadata is no longer where the file system expects to find it. But it could also imply a malicious attack, for example, where a hacker bypassed the file system and altered something straight on the raw disk. Reliance Velocity uses CRC32 algorithm for checksumming.

Quotas

Quotas allow you to limit the amount of storage space available to a user or group. This is a beneficial deterrent for Distributed Denial of Service attacks (DDoS), for example. If hackers were to get access for one of the users in the system, an assigned quota prevents them for uploading large, malicious files to the car, or blocks the hacker from simply filling the whole system’s storage, rendering it unstable.

Secure delete

Going back to the case of car sharing or rentals discussed above – if a person enters a shared car, they need peace of mind that when they stop using the car, any data collected or exchanged about them will be completely removed. Contrary to popular belief, deleting a file does not remove all traces of the file entirely from the storage. The data remains until the blocks containing it are completely overwritten by other data. Until that overwrite happens, even a novice hacker could successfully recover the deleted files. Secure delete, however, ensures that the data in a deleted file cannot be recovered.

To summarize:

  • Verified boot ensures the system has not been changed since the last start-up.
  • Encryption guarantees that data is not misused and/or altered.
  • Metadata checksumming detects data corruption on disk, during file copy, or possible malicious tampering.
  • Quotas ensure that storage space is managed adequately, while also removing the risk of DDoS attacks.
  • Finally, secure delete securely removes unneeded user data.

All the features detailed above – when used together – provide the secure processing needed in the cars of tomorrow. Along with these security features, we are continuously rolling out new functionality for Reliance Velocity to meet the growing demand for reliable, fail-safe, and secure edge storage solutions in the automotive market.

Car makers and Tier-1 suppliers, find out how Reliance Velocity makes connected cars secure down to the core.

Go to Reliance Velocity