BMW has been criticized for putting some of its car’s features behind a paywall, requiring customers to pay more to access certain features, such as heated seats.
Most of these features come standard on many modern vehicles on the market, leading to accusations that the company is exploiting customers. Depends on vehicle age and previous owners.
These features are already installed during vehicle production, so the driver may take the vehicle to another location and pay a fee to “turn it on.” However, this exposes the vehicle to the risk of cyber-attacks.
We spoke with Mira Horiba, Chief Engineer and Head of Vehicle Resilience, about why paywall vehicle functionality has unintended consequences and creates cyber vulnerabilities.
Just Auto (EN): Can you tell us a little bit about your role and background at the company?
Ant-Martin (AM): I have been involved with HORIBAMIRA for over 20 years. I went through the roots of electromagnetic resilience. In 2018, he became Head of Vehicle Resilience covering cybersecurity, functional safety and electromagnetic resilience. These are his three key pillars.
Essentially, what we do is look at threats to features, capabilities, and operations within vehicles and the infrastructure they require to operate.
There are other demographic groups within Horiba Mira and within automakers that are actually considering implementing the feature. Their job is to ensure that the ride and handling are correct, and that connectivity with autonomous functions is implemented in the vehicle. And once those features are implemented correctly, it’s our job to make sure they’re safe, reliable, and robust from that point on for the entire life of the vehicle.
When it comes to cybersecurity, it is somewhat different than some of the other vehicle attributes. Modern regulations require vehicles to be monitored, to detect attacks of all kinds, to understand them, and then to respond appropriately throughout the vehicle’s life, until it is completely off the road.
BMW has been criticized for putting certain features behind the paywall. Why might this decision lead to an increase in cyberattacks?
As part of Rule 155 requirements for cybersecurity, one of the specific things we have to do is TARA, Threat Assessment and Remediation Analysis.
Essentially, what this means is that all known scenarios should be considered. There are some things we don’t know and they are called unknowns. We can try to do everything we can to reduce the unknowns, but what we have to do is consider every scenario and everything we want to protect in the car. .
Next, we need to look at the vehicle’s attack surface and how attackers can gain access to what appears to be a high priority from a protection standpoint. Then you need to find out who is trying to hack or attack your vehicle, all the data in that vehicle and why they want to do it.
We have to go through that process, and one area of concern is that there are already models for owners and tuners looking to get the full performance and full feature set out of their vehicles. For example, remapping an engine’s electronic control unit (ECU) has long been big business. Some people say, “This is my car and I can do what I want.” In fact, the Computer Misuse Act says otherwise, modifying the software in the ECU is not legal for the owner or owner to acquire a tuner.
Tuners and owners are motivated by the fact that they may complain about value, feel compelled to buy a vehicle because they need to move it from one place to another. can be attached. It can itself be turned on and off and is hidden behind a paywall.
Those with enough motivation and enough ability will either pay someone or try and release those features themselves and feel they are getting more value. seems like a motive.
The biggest problem we see is that it’s no longer just a feature set inside an ECU that’s not connected to other ECUs, so you can do all sorts of things while you’re there.
What we have now is a very large scale of computing capabilities covering a huge number of features and functions. While you’re fiddling with one feature, you realistically don’t know what you’re doing with the other.
These vehicles have gone through millions of pounds worth of validation and being able to implement the feature is a very important process and from the vehicle manufacturer’s perspective enough work to release that feature. You can be sure that you have done road.
Have you seen any new trends in the cybersecurity space as you look at the threat landscape?
There is no doubt that the attack surface of vehicles has increased significantly, as has the complexity of software. As you begin to compromise threat actors with significant capabilities, begin extracting firmware from vehicles, and examine firmware to find vulnerabilities and weaknesses, the complexity of software creates more flaws for attackers to attempt. It means that there is and leverage.
For example, in our work in the automotive industry, we take pride in the fact that we are tackling about 1-3 defects per 1,000 lines of code on a typical luxury car, which has about 100 million lines of code. That means working with the assumption that your code has 100,000 to 300,000 defects.
These flaws can open up opportunities for attackers that can cause security, safety, or functionality problems. , you’re essentially opening up more opportunities.
Another problem we have to deal with is the increasing complexity of software. So it’s getting harder and harder to contain 1-3 defects per 1,000 lines of code.
What other challenges do you face as an industry?
There is a significant skills shortage in cybersecurity, especially in automotive cybersecurity. So in terms of implementing safety features and having employees and teams around or in-house to do it, not only from a car manufacturer’s point of view, but also from an independent company like ours. You need a team and people to implement secure features. Necessary to keep up with growing needs, this is a big challenge. There is a real need for a call across education that this is a large and growing field and that young engineers should be encouraged.
Also, there are not enough women in the area. Cybersecurity engineering is a great field for everyone to work in and the opportunities are huge. Complexity and threat scenarios are all growing. So this is a growing field, a good field to get a job and learn more, and a great opportunity.
Added to this is a real need for variety. From a cybersecurity perspective, there are algorithms, science, physics, and more, but what we believe stands out among the other attributes is the human element. You need to understand the human thought process of the attacker. You need to put yourself in the shoes of the attacker and understand what their motives are. That way you can understand why paying per feature is a problem because of the motivation.
Also, if you don’t have a diverse team, how can you fully understand risks, assess those risks, analyze those risks if you are just one person with one background? Does it? It narrows our scope.
Looking at this cybersecurity problem, what do you think the future holds?
You don’t necessarily pay per feature, but you certainly pay for pumps and such services.
you have to be open minded. If you’re not in the industry or do this type of work, the attacker’s thoughts might be someone wearing a hoodie and sitting with a laptop trying to get this information.
Likewise, when looking at this, you have to look at the complete life cycle of the vehicle. Someone could be involved in building vehicles with ergonomics, and he could have implemented firmware in the ECU in order to be blackmailed or even rewarded.
It’s not necessarily the people you think. You put yourself in the shoes of a car owner and don’t see yourself as a bad guy in a hoodie, probably if he spends £200 to unlock features in the vehicle, A tuner is also not considered that type of person. With so many attackers out there, I think the key issue will be around financial transactions from vehicles.
Also, it should be understood that attackers within this area are not only monitoring the vehicles themselves, but also the infrastructure. From car to car, car to roadside, and so on. If you can spoof this kind of message, you can trick the vehicle into thinking that what’s there, such as a green light at a traffic light, is actually something else. They will be more seriously motivated attackers targeting such areas.
