In general, you would probably look into questioning faces if someone told you that it can take days, weeks and months to implement cybersecurity in a bicycle. But that’s exactly what this client success story is all about. Read on to learn how Brose E-Bike and CYRES Consulting are redefining cybersecurity for e-bikes. Learn about the challenges, solutions and lessons learned. Let’s get started.
As one of the world’s largest automotive suppliers with several million electric motors delivered each year, Brose stands for the highest level of expertise in innovative drive systems. A related market that Brose E-Bike has been serving for over ten years is the development and production of drive units and systems for electric bicycles.
While development work in the automotive industry is subject to a number of regulatory frameworks (UN R155, UN R156, et al.) and specific standards (ISO/SAE 21434, ISO 24089, et al.), the bicycle industry is not confronted with such far-reaching requirements in terms of cybersecurity.
So, what is this actually about?
Cybersecurity challenges for Brose E-bike
Brose E-Bike was faced with the challenge of developing a new complete e-bike system. The teams involved made the decision early on to include the best possible protection against cyber threats in the development work right from the start and, above all, holistically.
Quite clearly a task for the consulting teams at CYRES Consulting, who are international pioneers in the strategic support and operational implementation of cybersecurity in vehicle development.
Specifically, it was the drive unit, a battery system, a display/HMI system, an end-user app and maintenance tools for which cybersecurity had to be adequately taken into account during development.
Getting started with the project
At the start of the project, it was first necessary to gain a complete overview of the system. As always in the field of security, it is the small details that are crucial in order to ultimately guarantee a secure product. For the subsequent Threat Analysis and Risk Assessment (TARA), it was essential to have a precise idea of the systems in order to be able to realistically assess risk scenarios and potential attacks.
What is all too often neglected when carrying out a TARA is the need to take a closer look at very different risk factors. When analyzing possible damage scenarios, it was therefore important not only to examine the consequences of an attack for the rider of the e-bike, but also to clearly map the consequences that could arise for Brose as a manufacturer as an important part of the TARA.
The careful analysis of the risks was followed by the creation of the Cybersecurity concept, in which the points of attack found in the TARA were closed by carefully selected countermeasures
The challenges of cybersecurity in e-bikes
In terms of cybersecurity, the architecture of e-bikes poses new challenges in contrast to vehicles such as cars and trucks.
While components in a car are usually permanently installed and can only be replaced in the workshop, individual parts of the e-bike system can be replaced by the user at will. For example, it is common practice to carry a second battery and be able to replace the empty battery with a full one on the road to double the bike’s range. Spare parts, such as a new HMI, can also be ordered and commissioned independently by the user.
To enable this interchangeability of components, the associated security system must be designed to be flexible but still offer sufficient protection.
This makes secure communication between the components a particular challenge.
On the one hand, it should be possible to replace any components, while on the other, an attacker must be excluded from the communication. The cybersecurity system must therefore be able to accurately distinguish a legitimate replacement part from an attacker.
To enable this recognition, each Brose original component has a cryptographic certificate that can be used to confirm the authenticity of the component. This certificate can be verified beyond doubt by the communication partners, thus ruling out the possibility that the communication partner is an attacker. With the help of this mechanism, protected communication with any Brose hardware is possible, but components from third-party manufacturers or malicious hardware are excluded.
E-bikes and other vehicles from a cybersecurity perspective
Despite the obvious differences between classic vehicles and e-bikes, the architecture of the systems is relatively similar.
Communication buses, protocols and solution approaches can be adopted from the automotive industry with moderate adaptations. The processes and methods for risk analysis and the development of a Cybersecurity concept were adopted directly from automotive development along the ISO/SAE 21434 standard in this project without any changes.
A special feature compared to the usual cybersecurity projects for the automotive industry was that the entire e-bike system was considered here and not just a single control unit.
This enabled the integration of all components into the security concept and the use of solutions tailored to the specific application.
In addition, the effects of the various threat scenarios considered in the TARA could be analyzed much more precisely by looking at the overall system than in a project that only relates to a single control unit.
Generally speaking, this makes TARA easier on the one hand, as all the connections between the systems are known, but on the other hand, the large number of components also brings with it a large number of threat scenarios and attack paths that need to be taken into account. Careful planning and conceptualization are therefore required to ensure that the scope of the TARA is not excessive. In the end, it was possible to map the entire complete system in a TARA while still maintaining a high degree of clarity and completeness.
From TARA to the Cybersecurity concept
The first iteration of the TARA, in which the system was considered without security mechanisms, was followed by the creation of the Cybersecurity concept, which describes the system’s security strategy. The TARA was then repeated with implemented security mechanisms to ensure that no unwanted risks remained in the final product. This second iteration makes it possible to determine the impact of the measures taken as part of the Cybersecurity concept very precisely.
The risk values of the threat scenarios resulting from the first iteration without security mechanisms were significantly reduced in the second iteration for the same scenarios due to the countermeasures taken.
This approach ensured that the Cybersecurity concept achieved the desired security objectives.
Sum up
In summary, this project has demonstrated that the knowledge and methodology from the automotive industry can certainly be transferred to an overall e-bike system. With the help of TARA, it is possible to reliably analyze threats and risks and secure a system with suitable countermeasures.
The result is a holistic concept in which the cybersecurity of the e-bike is at the forefront and is not given insufficient consideration as an additional burden.
Learn more: E-bikes from Brose E-Bike
Jan-Peter Von Hunnius is Associate Partner and Head of CYRES Consulting Austria. He is an expert in automotive cybersecurity, with a proven track record of experience in engineering and quality management in the automotive industry, as well as a TÜV-certified Automotive Cybersecurity Expert.
Comments are closed.