Episode 4 — Don’t hack MAC One
Because a cyberattack could cause the loss of physical integrity, cybersecurity is paramount in our case. We all heard about the famous attacks on Tesla and Chrysler where attackers were able to take control of the connected vehicle remotely. Therefore, we kept cybersecurity in mind from the beginning, and we want MAC One to be as secure as possible.
To secure MAC One, our team divided our efforts in three different streams. Let’s have a look!
- Secure the connections with the vehicle
In this first stream, we wanted to secure the communications between the vehicle and other devices as we want to avoid the possibility of man-in-the-middle attack.
What is the man-in-the-middle attack?
A man-in-the-middle attack, is a scenario where the attacker secretly relays and possibly alters the communication between two parties who both believe they are communicating with each other directly.
We want to avoid this vulnerability and secure communications by using asymmetrical cryptographic methods (in our case, we will use TLS protocol relying on RSA 2048 certificates).
2. Authenticate the user
The second stream will deal with user authentication. We want to make sure that the user who is driving the car is who he pretends to be. For that, we will implement an authentication method consisting of a login, a password and a third factor (SMS code in this case). The following schema explains what a strong authentication is:
Here we have three authentication factors. Now, only a well-known person will have access to the vehicle.
3. Manage the user permissions on the vehicles
The project team wants to set up a booking system for the vehicle where only the person who booked the vehicle would be able to drive it.
To manage user permissions, we will implement a solution based on the OAuth2 protocol. It is an open standard for access control, used to authorize web sites, applications or software to access protected resources in behalf of the end-user.
The schema below depicts how OAuth2 works with the Resource Owner Password Credentials flow:
Thanks to OAuth2, we will know with certitude that the user has allowed the application to send commands to the vehicle on his behalf.
It will also let us implement granular access control based on the reservation schedule of the vehicle.
We are taking cybersecurity very seriously in this project, so we are taking it into account from the beginning. Those three work streams are the basis on which a secure vehicle will be built.