Understand the need for cybersecurity image sensors in ADAS and cabin monitoring systems
Time:2024-05-30
Views:117
Source: ON Beauty Author: Ludovic Rota
It‘s not easy to get people to realize the importance of automotive cybersecurity. As vehicles transition to semi-autonomous driving, automotive Oems (Oems) are increasingly focused on automotive cybersecurity. The rationale for imposing controls on the car network is clear: the purpose is to ensure that no one other than the driver (or the driving system that replaces the driver under specific and restrictive conditions) can control the vehicle.
In 2021, the United Nations Economic Commission for Europe (UNECE) working group published UN-R155, a cybersecurity regulation for Oems aimed at addressing growing cyber threats. From July 2022, the regulation is binding on the approval of new models produced in UNECE member States. This means that automotive suppliers must comply with ISO 21434 to ensure that all their cybersecurity related components are compliant with the standard. Of course, sourcing parts that meet cybersecurity standards does not guarantee that Oems meet UNECE standards. However, this is a significant step in that direction and puts Oems in a much stronger position to achieve this goal. This paper explores cybersecurity issues from the perspective of advanced driver assistance systems (ADAS) and image sensors used in cabin monitoring applications.
Why do I need to secure my image sensor
There are obvious places in the car where cybersecurity should be implemented, including gateways, interconnects, infotainment systems, or any other vehicle subsystem connected over a network. However, you may wonder why image sensors also need to be cybersecurity. With today‘s emphasis on safety and driver assistance, image sensors are the "eyes" of a vehicle. They are used for a variety of ADAS functions, such as lane departure warning, pedestrian detection, and automatic emergency braking (AEB). They assess the environment around the car and provide input to the fusion system to make decisions. In the future, they will assist in identifying and verifying the identity of car users and monitoring the user‘s vital signs. If the driver is incapacitated, the onboard computer will be able to take over control. In these cases, the car image sensor must have excellent performance (high dynamic range, low illumination capability, tone discrimination, etc.) and remain functioning properly, especially in the most extreme situations the vehicle may encounter. Since a car‘s security will increasingly rely on image sensors, the car‘s central computer will need authentic parts that are authorized to interact with it. Moreover, it is also necessary to ensure that any image frames transmitted have not been tampered with and that all frames are generated by genuine image sensors. In addition, the image sensor should only accept configuration changes from the car system and not from any other party. The following use cases illustrate why the automotive industry cannot afford to ignore the threat posed by the use of counterfeit image sensors that are vulnerable to third-party tampering.
Threat 1: Image sensor is replaced with counterfeit parts
The AEB system relies on image sensors behind the windshield to detect objects or pedestrians in front of the car. If the driver does not react in time, the system can decide to apply braking to prevent a collision. AEB systems operate on the premise that their image sensors have specific characteristics (such as high dynamic range, low illumination performance, etc.) and that the system has been calibrated to these specifications. If the original image sensor is replaced with a non-genuine or counterfeit part, system performance may be compromised. While the replacement may look exactly the same as the original, its performance and characteristics may be quite different. Because the AEB system is optimized for the original image sensor, the different characteristics of the replacement will change the performance of the system. This means that the system may not be able to detect objects or pedestrians in front of the car until they are several meters away, giving the system no time to react appropriately, with potentially tragic consequences. Replacing genuine image sensors with fake ones is like letting a driver with poor eyesight drive without glasses.
Threat 2: Image sensor Settings have been modified
The vehicle system is calibrated and programmed to optimally configure the image sensors to always present the scene in front of the vehicle as realistically as possible. However, if someone (or something) modifies the configuration of the image sensor, its performance will suffer to the point that it may no longer be possible to guarantee that the car‘s system correctly, completely, or optimously perceives the scene the car is facing, which is the equivalent of throwing dust into the human driver‘s eye.
Figure 2: Consequences of tampering with image sensor Settings
Threat 3: The image sensor is bypassed
Image sensors feed raw video data to an image processor, which then uses this data to extract critical information about obstacles ahead so that the car can respond appropriately. For example, an image processor can detect an approaching vehicle and then choose whether to brake or steer the car away from danger from a safety-first perspective. However, if an unauthorized party tries to tamper with the system by modifying or bypassing the image sensor, the image processor can no longer get the raw video data that reflects the real scene. In this case, the system may no longer be able to detect an approaching object. Instead, image-processing elements may only receive a looping image of a clear road with no obstacles, and the consequences can be as unbearable as a human driver taking their eyes off the road entirely.
onsemi‘s image sensors meet cybersecurity standards
Figure 3: Consequences of an image sensor being bypassed
On began incorporating cybersecurity features into its image sensors in 2018, even before the ISO 21434 cybersecurity standard was published. Initially, this was done to meet the needs of early customers, but it has evolved over time into a pool of valuable cybersecurity expertise. As a result, On‘s image sensors are ready for cybersecurity. One of the key features is authentication, which allows them to prove to the host that they are genuine, using certificate chains and pre-shared keys in the process. Another important function is that they can ensure the integrity of the video data, proving that the video data flow between the sensor and the system has not been tampered with. This integrity is provided through message verification codes (MAC). In addition, the use of MACs on embedded data video lines via specific key registers prevents sensor control and configuration data from being tampered with.
The network security component is the first step to achieve automotive network security
Cybersecurity compliance is a must for automotive image sensors to prevent image sensors from becoming Trojan horses for outsiders to hack into complex automotive electronic systems. For Oems, to ensure cybersecurity compliance requires more than just adding cybersecurity control circuits to image sensors, but they are essential for ADAS and cabin monitoring systems to achieve full cybersecurity compliance.
|
Disclaimer: This article is transferred from other platforms and does not represent the views and positions of this site. If there is any infringement or objection, please contact us to delete it. thank you! |
Business consulting
13823761625
Mail me