Security at All Levels: Continental Protects Components and Production against Hacker Attacks

• Cyber security technology safeguards systems and safety-relevant components in vehicles against hacker attacks
• Security begins in the production plant: Production sites worldwide are set to receive a security upgrade
• With the purchase of the Israeli startup Argus Cyber Security, Continental is further expanding its expertise in the field of automotive cyber security

Frankfurt am Main, Germany, March 20, 2018. The trend towards digitalization, connectivity and automated driving means that cars are becoming part of the Internet of Everything. At the same time, however, today cars are already potential targets for hacker attacks, which is why the security of data and safety-relevant components is currently a burning issue throughout the automotive industry. The aim is to protect vehicles against hacker attacks. Of particular importance, for example, is the protection of safety-critical components such as the brake system. After all, to achieve the vision of accident-free driving (“Vision Zero”), cars and the infrastructure have to be able to communicate with each other through, for example, digital connectivity. This, however, potentially opens doors for hackers, meaning that digital systems must not only be functionally reliable but also resistant to external attacks. Therefore, the technology company Continental uses cyber security technology to ensure comprehensive protection against possible hacker attacks on both: safety-relevant vehicle components and in production plants.

All future products from Continental – including the MK C1 – will contain cryptographic functions that can be used to introduce security keys. These keys are generated individually for each product, which ensures maximum security because even if one car is hacked, a second one is still protected. “The keys can be used for various operations and cannot be read externally – just like the PIN for your smartphone,” explained Dennis Kutschke, Cyber Security program manager at Continental. When it comes to cyber security, Continental also learns from the experiences and technologies in other industries. However, cyber security is relevant to vehicle systems not only when they are integrated but also during the loading of software and digital keys, which is why a special production security concept valid for all locations is being introduced worldwide. The concept is based on a risk analysis conducted to identify weaknesses. Automotive manufacturers, too, benefit from being able to transfer their own keys to the system via the secure Continental network.

Cyber security is an asymmetric challenge. While Continental has to keep its eyes on dozens of systems, all hackers need to do is identify a single weakness. “It’s like a never-ending race between the people who want to protect the systems and those that want to hack into them. This is why it is so important to act as quickly as possible whenever any weakness is identified,” said Kutschke.

For this reason, Continental has introduced an incident response management system, which is an additional layer of security that responds immediately if there really is an attack. This was developed with the expertise of the Israeli startup Argus Cyber Security; which Continental acquired last autumn and has become part of the subsidiary Elektrobit. Together with Elektrobit, which specializes in embedded and connected software solutions, the security experts have already unveiled an all-in-one solution for over-the-air software updates. This solution will ensure that millions of cars can instantly be upgraded to the latest security level without having to visit the auto repair shop, an important requirement for “Vision Zero” – a future without road deaths, injuries or accidents. Continental is also utilizing this knowhow to support OEMs in all matters relating to cyber security.