- Economy
- Education And Career
- Companies & Markets
- Gadgets & Technology
- After Hours
- Healthcare
- Banking & Finance
- Entrepreneurship
- Energy & Infra
- Case Study
- Video
- More
- Sustainability
- Web Exclusive
- Opinion
- Luxury
- Legal
- Property Review
- Cloud
- Blockchain
- Workplace
- Collaboration
- Developer
- Digital India
- Infrastructure
- Work Life Balance
- Test category by sumit
- Sports
- National
- World
- Entertainment
- Lifestyle
- Science
- Health
- Tech
'Strong Encryption, Cryptographic Management Reliable Defense For EVs'
Ruchin Kumar, Head of Business and Vice President - South Asia, Futurex talks on role, scope of IoT in Electric Vehicles (EV) and what EV makers should do to safeguard connected devices including EVs. Excerpts:
Photo Credit :
What role does IoT play in electric vehicles? Why is it considered the future of electric vehicles?
Electric vehicles (EVs) can be equipped with internet-of-things (IoT) devices that make them safer, more efficient, and more convenient. Some of these devices perform telematics, which means they monitor and report the vehicle’s battery performance, speed, maintenance needs, location, and more. Other IoT devices monitor power consumption; these can perform vehicle-to-grid (V2G) communication and interface with charging stations. IoT devices also perform safety functions, alerting drivers when they leave their lanes, detecting sudden changes in nearby vehicles, and remotely locking/unlocking the doors. Safety, efficiency, and convenience all contribute to a better experience for drivers, making IoT devices important to modern vehicles.
What kind of vulnerabilities do EVs face due to growing penetration of the IoT-enabled applications in the auto industry?
IoT devices rely on networks to communicate. Wherever there’s a network, there is also the need to secure it from cyber threats. This is especially true when you are dealing with devices that regulate the safety features of an EV. As such, the best practice is to use strong encryption to secure the data transmitted by IoT devices. This includes using asymmetric encryption for digital signatures, certificates, and authentication.
What are the cyber-security challenges EVs may face from the perspective of firmware security, vehicle charging safety, and powertrain control security, etc. as it replaces conventional ICE vehicles?
After reliable cybersecurity measures are put in place, the challenge becomes managing them. As the number of IoT devices multiplies each year, and the amount of EVs on the market increases, organizations must be prepared to manage their cryptographic solutions on an enterprise level. Good key management and cryptographic infrastructure management solutions help accomplish this. And what makes for good key/infrastructure management? Aside from comprehensiveness—the ability to fulfill any use case—a cryptographic platform ought to be centralized. In other words, the best way of meeting the challenge is to use a cryptographic platform that allows you to deploy and manage everything from a central location.
What can be done to shield the Indian EV industry from cyber threats?
Organisations should look for solutions that can fulfil their needed use cases without creating management issues. This means that your organizations should look at the providers that offer centralized cryptographic platforms that offer a wide range of use cases. Centralization is the key to effective cryptographic management, which in turn is the key to maintaining trust throughout your organisation and among your partners and customers.
What cybersecurity measures are imperative for EVs to address the threats emanating from IOT attacks that compromise security?
Deploying strong authentication and encryption measures is a great way to protect networked devices. Even if one device is compromised, the attacker’s ability to vertically move across your network will be very limited. One way to do this is to use HSMs (either on-premises or in the cloud) to deploy asymmetric encryption, public key cryptography (PKI), certificate authority (CA), and digital signing.
What are the cybersecurity considerations for EV chargers to reduce the vulnerability of IOT as it spreads across India.
It is true that, as technology becomes more sophisticated, so do cyberattacks. As always, strong encryption, key management, and cryptographic management are a reliable defense. EV chargers should use encryption to secure communications between the charger, vehicle, and network. This can help prevent attackers from intercepting and accessing sensitive data. EV chargers also benefit from authentication measures to make sure only authorized users access the charger and its data. Of course, this is in addition to physical security features that prevent (or at least respond to) tampering
Where does India stand in terms of adherence to UNECE WP.29 cybersecurity regulation guidelines?
India is not a member of the UNECE World Forum for Harmonization of Vehicle Regulations (WP.29), so it is not bound by the regulations developed by that forum. However, India has its own automotive industry standards and regulations, and there is some overlap with those of the WP.29, in terms of risk assessment, cybersecurity management, and other best practices.
Futurex is a world leader in providing enterprise data security solutions including. What is your advice to EV companies to build a robust security architecture?
The more encryption, the better. And as you add encryption solutions, be sure that you’re implementing cryptographic management solutions as well. For example, you might be using strong encryption solutions for several different applications, but unless you’re effectively managing keys, you’re only creating more vulnerabilities.