Vehicle Life-Cycle Management

TrustCentral’s technology, built on PKI, offers many benefits for the automotive industry.  These become possible through the use of these proprietary tools:

Secure Communications Lines

  • Authenticated relationships established between paired endpoints using an Inviter-Invitee Protocol
  • A PKI certificate is issued for each authenticated, paired communication line
  • Encryption and digital signing are supported between endpoints

PKI-Enforced Whitelisting

  •  IoT devices only talk to previously authenticated endpoints and no others

3-Dimensional IoT

  • Helps devices maintain their own security in hostile environments
  • Supports device collaborate only with authenticated devices
  • Supports the coordination amongst devices for the execution of sophisticated use cases

Faster, improved TLS setup with DDoS protection

 

  • A fundamental principle of TLS, as well as other communication protocols, is “Trust on First Use” (TOFU) because the endpoint requesting a communication session is unknown.  Therefore the “first use” of the communication protocol must assume to be trusted.  Such trust is virtually always justified and the communication session is fine.  Rarely the endpoint requesting communication is untrustworthy and abuses the communication protocol in some fashion.  Hence the source of DDoS attacks.
  • Secure Communication Lines can introduce a new principle to the establishment of communication protocols: “Trusted Before First Use”.  The requesting endpoint is known and trustworthy as supported by a secure communication line certificate.
  • This certificate-based trust model may provide both faster TLS setup and DDoS protection for devices in vehicles and elsewhere.  When adopted within a network of supported IoT devices, DDoS attacks on such devices will be greatly mitigated.

Vehicle Identities Support Secure and Flexible Remote Access

Each vehicle’s communication lines are characterized with context-specific identities that are governed by end-to-end digital agreements established during Inviter-Invitee processing.  Context-specific identities are dynamically customizable, and communication lines can be revoked on demand and/or via automated procedures tied to digital agreement enforcement.  Identity profiles may differ for each of a vehicle’s many communication lines, such as:

Vehicle owner (e.g., via smart phone): “Sam’s car”

Vehicle’s Passive Keyless Entry and Start (PKES) fob: “Sam’s car fob”

OTA (Over The Air) update for telematics: “Unique vehicle telematics identity”

OTA update for operating components: “Unique vehicle operating components identity”

OTA update for regulatory purposes: “Unique vehicle regulatory identity”

Maintenance access: “Unique vehicle maintenance identity for authorized dealers”

Thus a vehicle may have multiple identity profiles and communication lines.  Each communication line is authenticated and then validated with a unique certificate with its unique rules, business logic, etc. Different authenticated external endpoints (e.g., above) may have their own communication line with the same vehicle, each with its own rules.  Each communication line certificate will support unique authorization and access privileges for the device using that line.  These are centrally established and modifiable.


Sale of a Vehicle

The technology can support the transition of vehicle ownership through the sales process.  For example, a digital certificate (with all vehicle information) may be created for each vehicle at sale.  The sale transaction itself can be supported for the buyer and dealer including digitally signing capability being provided to each party for sales contract execution.  The vehicle’s informational digital certificate ideally will become associated with the vehicle’s digital sale record (plus any financing record), with both being associated with the buyer.

The vehicle’s Passive Keyless Entry and Start (PKES) fobs would be provisioned as an IoT device per an Inviter-Invitee Protocol.  The security ecosystem will also support a custom secure app on a buyer’s mobile device.  Once the app is provisioned on the buyer’s mobile device, it can then be authenticated with the buyer’s vehicle.  The authenticated buyer, vehicle and PKES can be associated together in a distinct secure group. As regards the communication exchanges between the fob and the vehicle, a high level of authenticated security supported by encryption and digital signing will be established in order to eliminate  hacking vulnerabilities of some PKES systems.

A dealer and/or manufacturer may optionally establish a secure communication line with the buyer via the mobile app.  Thus a dealer or manufacturer may gain a useful direct, secure communication line for priority communications with the buyer.


Vehicle Maintenance and Support

The security ecosystem may continue its support of a vehicle through the maintenance and ownership period.  Authentication may be provided for maintenance personnel who need to establish authorized, secure access to vehicles.  For example, in the case of automobiles, approved maintenance user groups could include: automobile dealers; manufacturer representatives; or other specified entities.  For example, prior to gaining maintenance access to a vehicle, an authorized automobile dealer maintenance worker would be authenticated as a member of the dealer “group” given access to the “IoT Devices Group” of individual automobiles (initial registration of a worker would be a one-time setup occurrence).  Such users may be granted controlled access to components within a vehicle. Specific rights may be customizable for each individual maintenance worker.  Different dealers and different mechanics may be assigned different authorization privileges (e.g., “Bob” may be authorized to complete minor service, but only “Sam” may replace a braking system).

Through the management and use of certificates and their associated attributes, all relationships and privileges will be visible and auditable.  Membership in groups may be manageable in real-time (e.g., a dismissed employee or terminated dealer will immediately lose the ability to establish access vehicles).