The topic of automotive security is hot today in light of Chrysler's recall of more than 1 million vehicles after security researchers were able to hack a Jeep remotely. That incident has inspired many, including Intel, to look at automotive security more closely.
Intel Security today is announcing an Automotive Security Review Board (ASRB) that will focus on advancing vehicle security. As part of the ASRB effort, Intel Security is also releasing a white paper today that details its view on best practices for automotive technology security.
Although Intel is backing the ASRB, "the efforts to document and improve automotive security best practices will be technology-neutral in terms of encompassing the complete car as a system, which includes many non-Intel components," Lorie Wigle, vice president and general manager of IOT Security Solutions at Intel Security told eWEEK. "The platforms that the ASRB receives will be Intel-based."
With the ASRB, the actual board will be made up of individuals from multiple vendors. Wigle explained that the ASRB will draw on top talent from the security industry to research and collaborate on continuous improvement of automotive security technologies and products. She added that Intel is working with IOActive, iamthecavalry.org and opengarges.org to identify members.
"We are in discussions with individuals like Marc Rogers [Tesla hacker] and Karl Koscher [who hacked Corvettes], who have hacked a few vehicles, among others," Wigle said. "There will be a car awarded to the researcher who makes the strongest contribution."
Security professionals who are interested in joining the board can visit www.intel.com/automotive/asrb to find out more information.
The initial Intel Security white paper on automotive security is a 17-page document that includes multiple suggestions, including an approach to looking at the challenge overall.
"Automotive security must be approached from a system-level perspective, and not from a single attack surface or platform ingredient alone, and requires ecosystem collaboration and contribution," Wigle said.
Security begins with the design of the car where hardware, software and network security technologies can be deployed, Wigle said. Institutional processes, such as security development lifecycle and secure supply chain management, are also critical. Security isn't just about things done on the assembly line; the car must be protected while it's in operation as new threats emerge over its lifetime, she said.
Intel has various products and technologies across processors, and its Wind River and Intel Security businesses that contribute to automotive security, Wigle said. "Our collective sales engagements will entail working with our customers to ensure those technologies are implemented correctly to provide the intended protection."
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.