[Overview]
Panasonic Automotive Systems Co., Ltd. (Representative Director, CEO: Masashi Nagayasu, Head office: Yokohama City, Kanagawa Prefecture) developed VERZEUSE™ for Virtualization Extensions, a virtualization security innovation to cope with cyber-attacks against next-generation vehicle cockpit systems.
Next-generation cockpit systems are seeing a trend toward consolidating meters, infotainment systems, and other functions that are generally equipped in multiple electronic control units (ECUs) into a single ECU using a virtualization platform*1, such as a hypervisor. Introduction of information and communication technologies to utilize third-party applications and consolidation of advanced driver assistance functions are also expected. However, this increases the risk of threats and attacks that an application could be attacked by unauthorized access, and then used as a point to attack other functions such as advanced driver assist functions.
Applying this solution to a virtualization platform for next-generation cockpit systems makes it possible to protect next-generation cockpit systems from new threats and attacks. Specifically, VERZEUSE™ for Virtualization Extensions enables monitoring of the communication data of networks and storages controlled by the virtualization platform, which provides security measures against unauthorized access and attacks that misuse other functions.
*1: A virtualization platform is software technology that runs multiple operating systems on a single ECU.
[Features]
VERZEUSE™ for Virtualization Extensions provides the following three features.
- Security: The security functions added as a plug-in to the virtualization platform monitors the communication data on the virtualization platform. This function detects and blocks unauthorized attack data from cyber-attacks, protecting next-generation cockpit systems from new threats and attacks.
- Robustness: Locating the security functions in a safe area on the virtualization platform makes it difficult for attackers to disable or bypass the security function, increasing the system’s robustness.
- Extensibility: Interfaces are defined to retrieve various communication data that flows on the virtualization platform. This allows security functions from other suppliers to be added as plug-ins, offering extensibility that further enhances security.
[Sample configuration of next-generation cockpit system adopting VERZEUSE™ for Virtualization Extensions]
[Overview of technology]
Panasonic Automotive Systems developed a virtualization security innovation that protects next-generation cockpit systems in cooperation with a virtualization platform and demonstrated these technologies in an experimental environment, which runs automotive hypervisor.
In the next-generation cockpit system running on the virtualization platform, various functions are executed as virtual machines. The virtual machines use virtual commands (e.g., virtual machine communication instructions) and virtual devices (e.g., network and storage devices) provided by the virtualization platform to realize the functions.
When a virtual machine on a next-generation cockpit system is under cyber-attack, virtual devices and virtual commands can be misused, and the damage of the cyber-attack may extend to other virtual machines. This innovation provides two different interfaces to retrieve communication data for finding misuse of virtual devices or virtual commands.
The native interface provides virtual commands, and the extension interface provides the communication data of virtual devices. Extension interface is independent of the virtualization platform, which allows for collaboration with any virtualization platform and a wide range of security functions. This makes it possible to protect next-generation cockpit systems from the myriad cyber-attacks that will continue to increase in the future.
The risk of cyber-attacks targeting automobiles is increasing every year alongside the development of automated driving technology, the progress of digitization, and the increase in the number of vehicles connected to network, which are referred to as connected cars. The automotive industry urgently needs to build asystem to monitor and protect against cyber-attacks on vehicles. VERZEUSE™ for Virtualization Extensions, a virtualization security innovation developed by Panasonic Automotive Systems, protects next-generation cockpit systems in vehicles from new cyber-attack threats and will contribute to the development of safe and secure mobility society.
Comment from Masashige Mizuyama, Executive Vice President and CTO of Panasonic Automotive Systems Co., Ltd.:With the trend toward Software Defined Vehicles (SDV) becoming more apparent, those with the ability to rapidly evolve software can garner decisive competitive advantages. At the same time, one of the biggest concerns in large-scale software development is responding to escalating security risks. Security measures are a challenge that must be addressed by the automotive industry as a whole.
VERZEUSE™ for Virtualization Extensions enhances security of virtualization platforms, a key SDV technology, and contributes to ECU consolidating. We believe that the VERZEUSE™ series, which will be continuously upgraded, will be a solution that plays an important role in security measures, a major challenge for the automotive industry.
Panasonic Automotive Systems Co., Ltd. will market VERZEUSE™*2 globally as a brand of cybersecurity technologies and services that combat cyber-attacks, which will become a social problem as connected cars with advanced driver assist and automated driving systems become more prevalent. At Panasonic Automotive Systems, engineers who worked together in the development of security technologies in various Panasonic Group products, including TVs, recorders, mobile phones, smartphones, payment terminals, and semiconductors, have turned their expertise toward developing cybersecurity technologies since 2014, drawing on their individual strengths to apply these technologies to automotive products. To benefit society with technologies underpinned by an abundance of knowledge and experiences, Panasonic Automotive Systems will further develop the branding of our security technologies while responding to the diverse needs of our customers through the series starting with VERZEUSE™ for Virtualization Extensions.
*2: VERZEUSE™ was coined by combining the Spanish word “ver” meaning “look” and the god Zeus. It is infused with the meaning of looking over the safety of society like the god of the sky from high above.
SOURCE: Panasonic
