At present, the automobile industry is accelerating the intelligent transformation from the inside out. Smart electric vehicles have become the mainstream choice for the new generation of automobile consumers when purchasing transportation tools. By increasing R&D investment and quickly following up user needs, new energy vehicle companies have built a dual-drive engine of “technology + user experience”, and achieved a sales counter trend in 2020 under the overall decline of the Chinese passenger car market Growth, the total sales volume reached 1.367 million that year, an increase of 10.9% year-on-year. As consumers’ attention to the mechanical properties of automobiles has shifted to intelligent and electrified properties, the logic of automobile manufacturers has undergone profound changes.
The core of network security is the endogenous security issue
Wu Jiangxing, director of the National Digital Switching System Engineering Technology Research Center and academician of the Chinese Academy of Engineering, believes that the core and common problems of intelligent networked vehicle safety are endogenous safety issues. The so-called endogenous security issues are inherent, innate, and common security issues that exist at the genetic level. An intelligent networked car is essentially a “computer on wheels”, a typical cyber-physical system, and its software scale exceeds 300 million lines of code.
In such a large system, I don’t know if there are software and hardware vulnerabilities. Calculated based on the average of 15-20 vulnerabilities in the industry’s thousand lines of code, the vulnerabilities can be imagined. I don’t know if there is a “back door”. With the existing scientific and technological capabilities of mankind, it is impossible to exhaust the “back door” behavior of software and hardware in the open industrial environment; the boundary between traditional functional security and network security is not known because of random failures. The security problems that arise are still those caused by software and hardware design flaws. It is difficult to distinguish and assign responsibilities; how to quantify the security function is not known, whether the software and hardware are 99% safe or 99.9% safe and cannot be calibrated. In layman’s terms, we don’t know how many risks are in the current smart connected cars? We don’t know whether these risks are at the network level or can penetrate to the physical level? We don’t know how to measure safety? These basic problems constitute endogenous Security Question.
Traditional security paradigm is difficult to solve endogenous security problems
In the field of cyber security, there are roughly three technical paradigms: The first paradigm is “the functional safety development paradigm based on redundant configuration and voting”, which focuses on solving the problem of physical or logical failure of network space terminals, nodes, and software and hardware of network systems; The second paradigm is a security development paradigm based on encryption and authentication and authorization, and authorization management is used to protect legitimate users from using software and hardware facilities or information services or data resources safely; the third paradigm is a “network security development paradigm based on detection and analysis”, mainly The goal is to check and kill virus and Trojan horses, find and repair software and hardware vulnerabilities, and sense and block attack behavior characteristics.
Academician Wu Jiangxing told reporters that these three paradigms all face the same common technical problems. In the absence of prior knowledge, how to deal with unknown endogenous security threats in cyberspace based on unknown vulnerabilities, backdoors, viruses, and Trojan horses. That is to say, the foundation of security defense technology is prior knowledge. You must know the basic characteristics of “criminals” in order to form an effective defense plan based on the characteristics. If there is no effective sample, sufficient data, and no prior knowledge, a security defense system can be constructed. It’s just useless. For intelligent networked vehicles, the existing technology can neither explain the risks nor guarantee network security. How can users rest assured that they can use them?
Change the traditional thinking mode with new technological paths
Facing the situation that traditional security paradigm is difficult to deal with the increasingly frequent network security risks and problems, how to solve the common endogenous security problems? Academician Wu Jiangxing believes that it is fundamental to promote paradigm innovation. A few days ago, at the “Cyberspace Common Security Technology Seminar” hosted by Fudan University, it was proposed that a new security paradigm should embody the “three news”, construct new universal theories, establish new practice norms, and open up new technological paths. Through scientific and technological innovation, we have stepped out of the traditional security model based on “killing viruses and eliminating horses”, “repairing the sheep” and “reinforcing the walls and clearing the wild”, and constructing the “fourth security paradigm” in cyberspace.
As artificial intelligence replaces the human brain as the main body of decision-making in transportation, the hands, feet, and eyes of the driver will be released from the driving process, making entertainment, social interaction, consumption, work and other scenes completely opened during travel.
In the future, autonomous driving technology will promote the innovation of traditional car bodies, make the space and layout of the car more imaginative, and create a mobile third space that caters to different scenarios.