Architecting a Public Key Infrastructure

Jul 21, 2020

One of the main challenges with operating an automotive-focused cloud computing platform is the need to ensure isolation between datasets originating from different Original Equipment Manufacturers (OEMs). This is because there are various unique identifiers of device information in the data surfaced from these customers requiring strict isolation across datasets, environments, and computing resources to ensure fidelity of data and mitigation of overwrites. We met these unique challenges by implementing strict isolation across datasets, environments and computing resources using public key infrastructure (PKI). As we keep solving these types of challenges at Autonomic, we expect the Transportation Mobility Cloud (TMC) to continuously evolve to become the platform of the future for automotive applications.

The other challenge we encountered with our automotive partners was the need for encryption in transit using a TLS (Transport Layer Security) solution between each device and endpoint that the partner needs to support. The way we addressed this challenge was to implement a modular and flexible PKI to support the needs presented above. Our goal here was to avoid bespoke implementations that would not be reusable across multiple customers. This reduces the operational overhead of onboarding new partners and customers and allows us to more rapidly add devices, and new partners. We built flexibility into the design of PKI because each partner poses a set of continuously evolving requirements derived from multiple model year vehicles. This design choice was also motivated by the need to solve the problem of supporting ever changing connected vehicle hardware and firmware.

Diagram 1: Sample Key ceremony (which generates a unique pair of public and private root keys) using an offline Certificate Authority

Diagram 2: Sample Key ceremony using an online Certificate Authority

Due to the critical function of authentication in the overall flow of device communication with the Transportation Mobility Cloud (TMC), reliability and availability were of paramount concern in our PKI implementation. Our PKI solution is backed by cryptographic Hardware Security Modules (HSM) to protect the integrity of the key materials and prevent the exposure during cryptographic functions such as encryption and decryption.

Architecting and building a cloud platform that is capable of supporting any number of connected vehicle hardware configurations is non-trivial. We need to be able to account for the possibility that a vehicle with previously unknown hardware may need to interface with our platform. Whenever this happens, we need to be able to support platform security and reliability needs. At Autonomic, we have successfully solved several of these challenges as we build the connected vehicle cloud platform of the future. We look forward to discovering and overcoming the next challenge in the rapidly changing automotive industry.