Security in the Automotive Industry

Introduction

This paper looks at the use of digital security as it applies to the automotive sector with respect to the interaction between trading partners. A summary of the most common security techniques is provided; discussing both the key concepts and the core underlying technologies. The paper then attempts to identify inhibitors to the adoption of security and tables a series of possible recommendations with respect to the most suitable way forward for the automotive industry.

Requirement

The requirement is to securely transfer documents such as Orders, Invoices, Technical Drawings, Design specifications and Contracts between companies and the departments, individuals or functional entities which comprise the companies.

The needs of the Automotive Industry

A Secure protocol that meets the needs of the automotive industry

OFTP2 has been designed specifically to meet the security requirements of the automotive industry, whilst retaining the existing features of the first version of OFTP that has been in widespread use amongst the automotive industry for decades.
 
The OFTP2 has already reached RFC status (an agreed and documented internet standard) and has been adopted by a number of software vendors; the security aspects of OFTP2 are already proven and accepted by the industry.
 

Certificates that meet the needs of the automotive industry

Certificates are needed that meet the requirements of OFTP2 and that are issued by a Certificate Authority which is trusted by all automotive standards organisations, OEMs and suppliers.
 
The remaining issue is for the automotive community to adopt a suitable set of requirements for the issuing of certificates.
 

Why do OFTP2 users need certificates?

The security capabilities within OFTP2 utilise the PKI security mechanism which is widely regarded as the most secure mechanism that can be used for the exchange of data electronically, therefore the provision of security certificates is an intrinsic necessity for the operation of OFTP2.
 

What does the Odette community require from a CA?

OFTP2 specific certificates

Certificates can have many uses; typically certificates are available for SSL/TLS, for email signing and for data encryption. But many existing CA’s do not offer certificates that cover the full breadth of features that may be employed via an OFTP2 server.
 
An OFTP2 server application caters for all aspects of security and therefore requires a certificate which has been created with a wide set of usage parameters. The certificate usage attributes of an OFTP2 certificate should ideally be set to include digital signature, non-repudiation, key encipherment, data encipherment, server authentication and client authentication.
 
This rich set of attributes therefore presents a problem for existing CA’s and further illustrates the need for a CA which is able to specifically issues certificates for the use of OFTP2 applications.

What certificate key usage is required by OFTP2?

OFTP2 users require a flexible mechanism that will allow different certificates to be used for different purposes. For example, it may be desirable to utilise session security, but it should not be possible for the same certificate to be used to sign data.
 
It is quite likely for an OFTP2 server to be configured to cater for session security on a company wide basis using a single certificate, but it should not be possible to use that certificate to sign data and should be possible to utilise any number of other certificates to sign data files.
 

Competent CA Operation

The business community requires the knowledge that an OFTP2 CA is run and managed to high standards of professionalism and security. Many existing CA’s are simply providing basic SSL and email certificates requiring little or no validation, which is totally unacceptable for the automotive community.
 

OFTP2 knowledge

Current CA’s have little knowledge of the OFTP2 protocol or the business requirements of the automotive community. Any CA that decides to offer OFTP2 certificates must be fully capable of handling both the technical and commercial questions related to the acquisition of certificates for use within OFTP2 applications.
 

Extended verification of certificate subscriber

The current level of subscriber verification employed for most certificates is unacceptable to the automotive community and provides little benefit compared to using self-signed certificates.
 
The OFTP community requires that any CA’s offering OFTP2 certificates should adhere to a specified minimum level of applicant verification before a certificate may be issued. This will result in a period of days before a certificate can be issued, but ensures the integrity of the OFTP2 community.

Affordable pricing structure

Many OFTP users are small companies with comparatively small IT budgets. It is therefore necessary for the CA’s to restructure their pricing for extended verification certificates to ensure that they are affordable to the average automotive supplier.

How does OFTP2 solve the problem?

OFTP2 allows reliable, automated exchanges of business documents. OFTP2 provides three security levels:
  • Session security (Network and computer to computer)
  • File security
  • Secure authentication (digital signatures)

OFTP2 Session Security

Session security encrypts an entire communications session between two trading partners so that it is not possible for a third party to view the original documents being exchanged. All protocol data units are encrypted so it is not possible to understand what protocol units are being exchanged or to examine their content. The mechanism employed by OFTP2 is the same as is used when making a secure connection (SSL/TLS) to a web site over the public internet.
 

OFTP2 File Security

File security provides an additional level of security by allowing a file to also be encrypted. This, in conjunction with session security, means that it is possible for a file to be securely exchanged between two companies, but for the file to remain encrypted until it reaches its ultimate destination such as a specific department or individual inside the recipient company.
 
The exchanged files can also be signed by the originator to prove the authenticity of the files.

OFTP2 Authentication

Secure authentication uses certificates to authenticate two communicating entities to each other. This security prevents malicious users from connecting to an EDI server and attempting to send viruses to it or attempting to hack it.
 
Every trading partner uses a digital certificate, similar to the concept of someone’s passport, to identify themselves. The certificate proves the holder is who they say they are, and it is up to the recipient of the communications session to accept or reject the connection based upon the credentials supplied.