Car infotainment

Connectivity in the car

PSA Peugeot CITROEN wishes to provide a connectivity access point in the car. This access point will allow the customer to use his phone (or similar nomadic device) to manage car interior functionalities.

The use of a connectivity system will open the car to new external communications and potential threats:

  • Confidentiality of information

    • Some information exchanged between the nomadic device and the vehicle is confidential (user contacts, phone numbers, etc.). This data must not be stolen by an untrusted party. The supplier of the demonstrator must provide mechanisms to ensure the confidentiality of the exchanged data.

  • Integrity of information

    • The application developed and downloaded on the nomadic device. The supplier of the demonstrator must provide mechanisms to ensure that the downloaded application (PSA application or supplier application) is trusted

    • Information (requests, data, etc.) exchanged between the nomadic device and the connectivity system will have to be trusted (not modified by an untrusted party). The supplier of the demonstrator must provide mechanisms to ensure that the data sent to the vehicle are not modified.

    • Erroneous or malformed data sent to the connectivity system and/or the vehicle can be misinterpreted and cause failure in control units. A hacker can use these failures to try to get internal data of the vehicle or try to get the control of parts of the car. The supplier of the demonstrator must provide robust mechanisms to avoid the exploit of vulnerabilities.

  • Safety

    • The application of remote control on the nomadic device should only be able to control functionalities for which it has been developed (for example, safe control units on the vehicle will not be able to be remote controlled)

    • Some functionalities should only be remote controllable by an authenticated user (for example, the seat of the driver must not be controlled by another person without the agreement of the driver)

  • Availability

    • The connectivity system should always be available. The supplier of the demonstrator must provide robust mechanisms to ensure that the connectivity functionalities is always available, i.e. at least when the users will request them.

The main building blocks required for this use case include encryption, access control, identification of smartphone and app including app signatures and integrity protection.

Furthermore, in case of an attack on the smartphone, the PSA app should not be affected; connectivity to the vehicle needs to be maintained.