[MeeGo-ivi] Early video <2sec + Security
Jeremiah Foster
jeremiah.foster at pelagicore.com
Thu Mar 24 06:07:52 PDT 2011
On Thu, Mar 24, 2011 at 12:29 AM, Counihan, Tom <tom.counihan at intel.com> wrote:
> Hi Pavel,
>
> One item on: http://wiki.meego.com/In-vehicle/Roadmap/FeatureScope
> "6.After power-on, the head unit displays the rear view camera output within max. 2 s."
<snip>
> I think we need to handle security in this use case - consider the scenario where you cannot trust the actual rear view display you are being presented? I think the requirement above would need to be augmented to cater for integrity of what is being displayed..
> We're enabling IP access going forward in all sorts of manor, plus the amount of additional interface to the vehicle is expanding rapidly too, so our security risk is exponentially larger than it is for vehicles on the road today.
<snip>
> Have you guys discussed security and can you share thoughts here?
Isn't the main security concern network access? If you can put a USB
stick into the head unit then you have physical access. If you don't
have physical security, you have no security at all. So IVI software
security should most likely focus on access to the head unit through
the network.
In the automotive case it's likely going to be through wifi and radio
interfaces right? The current WPA and other security options for wifi
are pretty weak and that is widely known. There are other security
mechanisms but it seems likely that they will come through mainstream
Linux development. That is to say, what are the specific automotive
security concerns that the current security research in Linux does not
address?
Again, I'm not referring to physical access here since top of the line
armored Mercedes get stolen, how would IVI software help there?
Regards,
Jeremiah
More information about the MeeGo-ivi
mailing list