Every year, vehicles become even smarter and more connected than their predecessors. This is due to an increasing number of products from Tier 1 suppliers being integrated into vehicles by manufacturers. Many of these components communicate with other components or with external networks, which opens numerous attack vectors in both the vehicle and the OEM’s network.
With many new vehicles containing more than 150 ECUs (and growing), establishing a secure supply chain is challenging. Without a trusted process in place, OEM’s, vehicles, and consumers’ lives are at risk.
This solution brief outlines a distributed method to secure access to the vehicle’s (private) PKI without requiring strict controls in the OEM manufacturing environment while providing flexibility for Tier 1 suppliers.