Modernizing Authentication — What It Takes to Transform Secure Access
The company has announced enhanced SYNC functionality and a range of new in-car network security features to match for the 2011 model year.
Ford Motor Company recently announced a suite of security features to complement upcoming enhancements to its SYNC in-car technology system. A range of new functionality, and security to protect that new functionality, will arrive with the launch of the MyFord Touch system for the 2011 model year.
Jim Buczkowski, Fords director of global electrical and electronics system engineering, says the company turned to its own experts to ensure the systems security. The IT people inside of Ford, the people responsible for protecting the Ford enterprise assets, helped us develop the security architecture we would use on SYNC, he says.
The Ford SYNC system, Buczkowski says, uses the Microsoft Auto platform, which is based on Windows Embedded CE and while the company is confident of its security, he says, We certainly dont want to challenge people to try to hack it, because someone will do it just to prove us wrong but I think that what we have in terms of the combination of hardware and software does make it pretty challenging.
Since 2007, the SYNC system has allowed users to connect mobile phones and digital media players to the vehicles entertainment system and operate them with voice commands and with the arrival of MyFord Touch, new functionality includes everything from improved voice recognition to the addition of Wi-Fi connectivity.
Wi-Fi, Buckzkowski says, will enable the user to download media to the vehicles hard drive for use on the road. Well allow them to make a wireless connection between their vehicle and a hotspot, say at a Starbucks or if they have a Wi-Fi hotspot at home, so that they can download things like RSS feeds to their vehicle and get access to additional information wirelessly, he says.
The user can also connect a USB broadband modem to the vehicles USB port and turn the car into a mobile hotspot. Our strategy on this is that we continue to give customers options, Buckzkowski says. So rather than build a 3G connection into the vehicle, we allow you to bring a USB device of your choice and plug it in to create that mobile hotspot. It gives you the ability, while youre going down the road, for passengers (not the driver, but passengers) to access the Internet.
All of that new functionality brings with it a new set of security concerns and among other measures, the company has set default security to Wi-Fi Protected Access 2 (WPA2) for every Wi-Fi connection. The methods that were using are taken from the best practices within the IT world to protect those Wi-Fi connections, Buckzkowski says.
The system also now offers a valet mode, which locks all programmed destinations from view until a four-digit PIN code is entered. It protects the information from the valet porter, or whoever might be driving the car to the parking lot you dont want to give them access to anything that is stored on the system, Buczkowski says.
Still, Buczkowski notes that theres an easy way to protect your identity on any in-car GPS system, with or without that level of security activated. It is generally good practice for folks not to put their home address directly in should the car be taken, the person that steals the vehicle could know exactly where you live, he says. You dont really need to have the destination be the exact address: a local street corner is probably good enough, and you can find your way back from there.
The in-car Jukebox, which allows users to download music from CDs onto an in-car hard drive with a capacity of up to 2,400 tracks, also includes unique encryption features for digital rights management. We abide by DRM rules and requirements, and make sure that whats recorded on the disk is only playable on that unit and cant be transferred off the unit, Buczkowski says.
Ford also protects the vehicle itself with additional security in the ignition key. Not only does the key have to be cut to the right mechanical cut if its a key-based system, but theres an RFID tag in there thats paired to the vehicle as well, and that has to be present for the key to start, Buczkowski says.
The larger aim of all of these enhancements, Buczkowski says, is to take advantage of the best practices for security that have already been established in the enterprise space. As we create new connectivity solutions for the vehicle, we try to use the best of whats already there [security] is not an afterthought: its something that were thinking of right off the bat, he says.