DNP Commences Security Service for In-Vehicle System

Prevents Motor Vehicle Theft and Remotely-Driven Car-Jacking Resulting from Data Leaks

Dai Nippon Printing Co., Ltd. (DNP) will commence provision of a service designed to boost the security of in-vehicle systems. The newly developed service targets the automobile industry and prevents tampering with application software of in-vehicle equipment, or the illegal acquisition of confidential data.

As a first step, the Company will commence provision of a service that takes crack-proof software used to prevent the illegal acquisition of confidential data of in-vehicle system, and a Virtual Private Network (VPN)-driven security service integrated into in-vehicle communications equipment that encrypts communications data, and conducts peer-to-peer authentication and management of communications equipment on a dedicated server.

[Background]

In recent years, we have witnessed an improvement in consumer driving convenience as the digitalization of in-vehicle systems and internet connections allows for the provision of functions for driving, driving aids and sophisticated navigation systems. By way of contrast, the introduction of On-Board Diagnostics (OBD-II) has, in reverse, created challenges connected with the remote operation of motor vehicles by tampering with the applications that read various amounts of automobile data. As a result, the search for measures against cyber-attacks targeting in-vehicle systems has become an urgent task.

In this latest development, DNP has leveraged the technology and know-how accumulated in smart card manufacturing and personalization, along with software and also security product and services development, to commence provision of a service to boost the security of in-vehicle systems.

[Automobile Application of Crack Proof Software]

The crack proof software was developed by DNP HyperTech Co., Ltd., a DNP subsidiary, to prevent illegal application tampering.

The importance of application security measures in control system has increased in line with the move to electronic control of motor vehicles. It is worth noting that motor vehicles are also connected to smart phone applications through the internet, and In-Vehicle Infotainment applications. If control applications are cracked then motor vehicle control data and Engine Control Unit specification data may be leaked, posing the risk of abuse. And cracking smart phone applications with automotive remote control functions may lead to the danger of illegal activities, such as the unlocking of vehicle doors. By making these applications more robust it is now possible to take precautions against potential damage.

[Automobile Applications for VPN Software]

DNP developed VPN systems are comprised of a Software Development Kit (SDK) that encrypts communications data, and a VPN management server installed in a cloud environment or on the premises. The VPN management server not only automatically authenticates multiple communications equipment, but also enables peer-to peer communication between multiple equipment. This makes it possible to prevent the abuse of in-vehicle system remote version upgrades, and to provide peer-to-peer in-vehicle systems communications and a safe communications environment for cloud services.

By embedding the SDK into in-vehicle communications equipment the safety of communications functions will be increased. As a result, it will be possible to prevent command analysis between a vehicle and a server, or on an intra-vehicle basis of in-vehicle system by tapping into the communications routes. It will also be possible to take precautions against the leakage of confidential information.

[Forward Looking Events]

DNP will offer the security products and services to the automobile industry, promote the integration of the products and services into in-vehicle communications equipment at each automobile maker, aiming for sales of 5.0 billion yen in the five years to FY 2020.

 
* Product prices, specification and service contents mentioned in this news release are current as of the date of publication. They may be changed at any time without notice.