Protecting update systems from nation-state attackers
The list of companies that have suffered successful attacks on their update systems is long, Cappos began; it is something that happens all too frequently. Often these attacks are carried out by governments; he listed compromises that have been attributed to North Korea and Russia. The Stuxnet attack exploited the Windows update service as well, he said. Nation-state attackers can launch complex attacks; if you are defending against them, you have to worry about holding off a dedicated team of professionals — the best attackers in the world — who command massive resources and who are focused on your company in particular. It is a scary scenario, he said.
It is even scarier when one is dealing with the software that makes a modern automobile run. An attacker who gains the ability to install new software on cars could create no end of mayhem, up to and including large-scale loss of life. Clearly, we all want our cars to be well defended against even the most sophisticated intrusion attempts.
Protecting update systems
There are four general approaches to addressing these attacks. Prevention, obviously, is focused on making attacks harder to carry out. Detection, instead, is about knowing quickly when a compromise happens. The automotive industry, he said, has emphasized these two approaches, but there is far more that can be done.
The third approach is transferring the risk to somebody else, described as "have insurance and claim that all regulations were followed". Transferring risk is not really an option in the automotive industry, though, where the price tag for a compromise can start at $100 million — and go up from there. He cited the case of Fiat Chrysler being penalized $300 million for emissions cheating, even though nobody was directly hurt; imagine what would happen in a case involving a loss of life. Nobody will want to insure against losses at that level.
Finally, there is mitigation — reducing the impact of a compromise,
preferably to something close to zero. That is where Uptane comes in, he
said. Other update systems "give up everything" in the case of a
compromise; Uptane will often be able to hold the line and prevent even a
![[Justin Cappos]](https://static.lwn.net/images/conf/2019/ossj/JustinCappos-sm.jpg "Justin Cappos")
successful attacker from loading hostile software onto an automotive
system.
Traditional solutions, he said, do not provide this sort of compromise resistance. For example, one common approach is for the target systems to authenticate the repository using TLS before accepting any updates from there. But that means that the private key has to be on the repository server itself; if that server is compromised, then the game is over.
Another common approach is to sign the updates themselves, keeping the key away from the repository. That requires the client systems to trust the key, which must be used for every update and thus must live on the build farm somewhere. If an attacker gets into that system, they can sign malevolent updates themselves. This has happened to some prominent Linux distributors in the past, he said.
In 2008, Cappos created The Update Framework (TUF) to address software-distribution issues in the cloud. It is now widely used, and has been adopted by the Cloud-Native Computing Foundation. TUF is built on the assumption that people will manage to break into servers and steal keys; its goal is to reduce the amount of damage that can be done when that happens.
TUF is built on the idea of separation of responsibilities. One responsibility, for example, would be to indicate that a given update is valid; that could require developers and quality-assurance personnel all to sign-off on it. But that is separate from informing clients that a new update is available; that is done by somebody else with a different key. In such a system, stealing a single key is not enough to get a client to accept an update. Key revocation is yet another role, separate from the others. The needed keys do not have to (and indeed should not) live in the same place, so multiple compromises would be required to obtain them all.
TUF also has a robust mechanism for key revocation. Cappos asserted that revocation in systems like PGP is "a mess"; it was not designed with any thought about how things should actually work. The same is true of the "bolted on" revocation mechanism in X.509. TUF, instead, had revocation designed in from the beginning. The "implicit revocation" mechanism will automatically revoke keys that have not been explicitly refreshed within a given time window. Explicit revocation of known-compromised keys is also supported as a first-class feature.
Uptane
TUF, though, is intended for cloud distribution; the requirements for automobiles are a bit different. Meeting those needs led to the creation of Uptane as an enhancement to TUF. The code on the server side is identical, he said, but the client side has to be able to work on "tiny embedded systems" that lack direct connectivity to the update server. A typical automobile has a primary client that obtains updates from the server and stores them locally. The other, secondary clients then obtain those updates from the primary.
One cannot assume that the automobile network is secure; indeed, an attacker having access inside the car is a common case. They can get in by way of the car's network connectivity, or just plug into the OBD socket inside the car itself. This sort of compromise is "just going to happen", so Uptane has to take it into account.
Deploying Uptane involves starting with the existing update mechanism used by the manufacturer. A list of update types is created, and a set of signature requirements is created for each type. This can, for example, require signatures from both the supplier and the original equipment manufacturer. The in-car units must then perform the validation of updates to ensure that the required signatures are there.
These units are divided into "strong" and "weak" categories, with only the strong ones having the CPU power to fully validate updates. Weak units perform a lower-level of validation that exposes them to more risk. Still, Cappos said, the system is strong enough to tolerate an attacker having access to a car's network with "no severe consequences". Server compromises can lead to more unpleasant consequences, but nothing that might, for example, lead to a loss of life. The only time that severe problems are possible is when multiple, offline keys have been compromised.
There are multiple open-source implementations of Uptane available. It has now been mandated by several manufacturers, but he was not allowed to name them. It meets or surpasses all of the existing proposals for update security, including upcoming regulations that require compromise resistance. There is a standardization effort around Uptane that is funded by the US Department of Homeland Security, rather than by the vendors. The system has been through a number of security audits as well. Uptane has been integrated with in-toto, a mechanism for supply-chain security that has been adopted widely, including by Debian, Arch Linux, and the reproducible builds project.
This code, he said, can be expected to ship in about one-third of all new cars on US roads in the near future.
Cappos closed by saying that, regardless of the work he and others have done, some groups will use insecure designs and car companies will put lives at risk. Attacks will happen, and appeals to weak regulations for cover will not suffice; people will die and (seemingly worse for manufacturers) big lawsuits will result. Systems like Uptane are meant to prevent that from happening.
[Your editor thanks the Linux Foundation for supporting his travel to the
event.]
| Index entries for this article | |
|---|---|
| Conference | Open Source Summit Japan/2019 |
Posted Jul 24, 2019 15:09 UTC (Wed)
by SEJeff (guest, #51588)
[Link] (5 responses)
Posted Jul 24, 2019 16:03 UTC (Wed)
by LtWorf (subscriber, #124958)
[Link] (4 responses)
Uh, emissions are going to kill on a massive scale.
Posted Jul 24, 2019 16:43 UTC (Wed)
by rgmoore (✭ supporter ✭, #75)
[Link] (1 responses)
Emissions kill, but they do so indirectly. That's distinct from, say, disabling the brakes or the steering, which will kill people very directly.
Posted Jul 30, 2019 22:25 UTC (Tue)
by naptastic (guest, #60139)
[Link]
(*I'm assuming you're referring to all the Chrysler vehicles that could be remotely disabled if you figured out the car's IP address?)
Posted Jul 24, 2019 17:01 UTC (Wed)
by excors (subscriber, #95769)
[Link] (1 responses)
But even in the less-cared-about case, the car makers still got fined a few hundred million for cheating on emissions and killing thousands indirectly, and it's probably worth investing in good software engineering to prevent an attacker causing similar amounts of harm that could be attributed to the company's negligence, before even considering the extreme case of an attacker causing cars to crash.
Posted Jul 25, 2019 15:25 UTC (Thu)
by hkario (subscriber, #94864)
[Link]
it's not even that most people don't care about. Statistics is something the the US Supreme Court is actively and severely "allergic" to: https://fivethirtyeight.com/features/the-supreme-court-is...
Posted Jul 24, 2019 16:39 UTC (Wed)
by jmclnx (guest, #72456)
[Link] (1 responses)
1. 10 year + Autos, will updates be still available and will they be free
I can easily see this becoming a subscription service were people will be charged a monthly fee. When that happens you know as well as I do people will stop allowing updates.
Maybe we should hold on to pre-internet enabled cars, those could become rather valuable :)
Posted Jul 25, 2019 2:07 UTC (Thu)
by tdwebste (guest, #18154)
[Link]
There needs to an off network operating mode.
Posted Jul 24, 2019 18:40 UTC (Wed)
by mb (subscriber, #50428)
[Link] (2 responses)
Oh come on.
Posted Jul 26, 2019 17:34 UTC (Fri)
by brouhaha (subscriber, #1698)
[Link]
If the manufacturer IS still providing updates, they also will still be refreshing the key, so it won't get auto-revoked.
If a bogus key gets installed, it won't live forever, even without being explicitly revoked.
Posted Jul 30, 2019 19:59 UTC (Tue)
by k8to (guest, #15413)
[Link]
They simply live in a world with much higher requirements for following through. I'm willing to believe they could handle updating a key periodically until shown otherwise.
This is coming from someone who was unhappy about addon signing before it was even deployed.
If you wanted to address the auto maker ceasing to issue updates problem, then you'd need a system where trusted third parties could also update, which seems like it would be a pretty big attack vector against the problem this system is attempting to solve.
Maybe I missed something here.
Posted Jul 24, 2019 18:57 UTC (Wed)
by jcm (subscriber, #18262)
[Link]
Posted Jul 24, 2019 20:42 UTC (Wed)
by Kamilion (subscriber, #42576)
[Link] (4 responses)
Why does this work? Because they're freaking dedicated microcontrollers, running a "single" code loop.
The only practical way to achieve that is through minimalism, simplicity, and a trusted message bus, such as the ECU CAN bus in a vehicle; which is kept (mostly) separate from the entertainment CAN bus.
I do, however, understand that the head unit ("Radio"/"CD player"/"GPS Touchscreen") bridges most of the busses in the vehicle, and as such, presents a security hazard, as if it can listen on the ECU CAN bus, it can transmit. (In fact, it must, to request a OBDII PID reply)
Telematics systems have been more or less standard in american vehicles for a while, to the point where there's at least a few million OnStar vehicles that have gone autistic because their analog 2G modems are so old they have no towers to connect with anymore.
I also don't personally consider ADAS/Radar/Ultrasonic/Camera sensors (which all may require periodic field updates) as "Safety Critical" like airbag sensors, controllers, deployment charges, that will likely trigger either NEVER (ideally) or less than three times in the vehicle lifetime (If it's gotten impacted that many times, it deserves to retire already, sheesh) during accidents. Though, to be fair, all of the sensor-types I just mentioned are better served by a high bandwidth connection, such as automotive ethernet, not CAN, and should be partitioned on dedicated redundant links alongside a more 'trusted' bus like CAN.
One of the electric vehicle busses I worked on personally had the front and rear of the vehicle linked with three redundant bus linkages in case of a sudden impact severing one or more. (T-bone'd)
I don't think I'm particularly old-school or new-school, I got into the EV bus game very late around 2010. Automotive ethernet was already showing up back then, with wide-temperature ethernet switch chips costing quite a pretty penny.
To all my fellows at Ames that worked on those EVs with me and watched the boss take a $60,000 battery pack out in the rain only to leave a very evident soot stain on the runway, thanks for all the wonderful memories.
Posted Jul 24, 2019 21:12 UTC (Wed)
by excors (subscriber, #95769)
[Link] (1 responses)
It does seem fair to make a distinction with microcontrollers where the software is simple enough to be essentially bug-free, so the risks and costs of supporting updates outweigh the benefits. But "Safety Critical" doesn't sound like the right way to make that distinction.
Posted Jul 24, 2019 22:08 UTC (Wed)
by Kamilion (subscriber, #42576)
[Link]
Anyone who's tried to service a vehicle using the ODB-II port to reflash a bus member knows it must be done at a full stop, and can take several minutes during which the bus is saturated and the bus member is unavailable for normal services. Definitely not something that should be done at a 100km/h cruise.
There are *some* ECUs that allow you to flash new mappings without downtime, but that's considered a configuration change, and generally you only see it in the fancy modded performance/race gear.
The steering actuator for Lane Control; however, I'd probably consider that to be a 'safety critical' component that should be more or less some kind of hard ladder logic design; not a software interrupt controlled microcontroller running FreeRTOS and LwIP bridged onto automotive ethernet without rate control or bandwidth reservation.
It's a $25,000+ vehicle. Dang well better have dedicated logic at those prices. This isn't a Electra Meccanica Solo EV for $15k, after all. Even if it has a CAN controller, I don't expect to find a $5 wifi light bulb controller like Espressif's ESP32 running even a 'cheap' commercially produced EV's backbone -- it's going to be some $50+ Automotive temperature grade NXP part. I don't even think TATA would cheap out that bad; they're more likely to go back to analog-engineering.
Posted Aug 5, 2019 7:59 UTC (Mon)
by sammythesnake (guest, #17693)
[Link]
Please don't use terms that apply to smart humans to refer to broken machines, it's not kind and hurts people who don't deserve it.
Posted Aug 12, 2019 15:31 UTC (Mon)
by Wol (subscriber, #4433)
[Link]
depends on the bus ... certainly the ability to listen does not necessarily imply the ability to transmit. Some logging systems on cat-5 have the transmit wires cut ...
Cheers,
Posted Jul 26, 2019 9:09 UTC (Fri)
by DigitalBrains (subscriber, #60188)
[Link]
That is, assuming the attacker really wants a different firmware and isn't content just to cut the brake line; let's assume they want to modify the firmware, which is the domain of Uptane. Nice wordplay, btw :-). Update, obtain, octane, it's all there. Clearly the best name possible for a vehicle firmware update mechanism.
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
Uh, emissions are going to kill on a massive scale.
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
A class-action case against auto-makers for causing those 20K-50K deaths has a snowflake chance in hell of winning the appeal process, and you can bet any amount of money that it would be appealed – big car has the pockets deep enough.
Protecting update systems from nation-state attackers
2. it is 100% free for the life time of the auto 'forever'
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
This obviously is a very bad idea.
Anybody remember the recent Firefox plugin certificate issues?
Will my car also stop working, if the manufacturer "forgets" to provide new keys?
What if the manufacturer deliberately decides to not provide updates/keys anymore?
That's Planned Obsolescence at its finest.
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
We've had airbag sensor/controllers for decades now without network-applied updates.
They don't do anything else. And a lot of the time, the automotive manufacturer had to prove as formally as they could that the system was free from defect.
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
Protecting update systems from nation-state attackers
Thanks.
Protecting update systems from nation-state attackers
Wol
Protecting update systems from nation-state attackers
The only time that severe problems are possible is when multiple, offline keys have been compromised.
Or when this local attacker with physical access to the car that was mentioned has a bit more time and opportunity, and swaps out the ECU for a comprompised one they brought with them. Pop the hood, disconnect some cables, work some clamps; reconnect and done.