Automotive Cybersecurity: PKI, ECU Protection & Blockchain

In automotive cybersecurity news are AutoCrypt, Karamba Security, Ficosa, Wind River, Blockchain, IBM SafeRide and Airbiquity.

AutoCrypt V2G PKI

Created through cooperation on interoperability and conformance with leading industry organizations including OmniAir Consortium and CharIN, AutoCrypt V2G provides a Public Key Infrastructure (PKI) system for authenticating and authorizing all entities within the e-mobility service infrastructure. This enables the secure deployment of Plug&Charge, which is a method of simplified payments for EV charging via transmission of encrypted data from the vehicle to the charger when plugged in, charging, and processing automated payments. Utilizing OCPP to secure communication between charging supply and backend billing systems, and designed according to the leading ISO/IEC 15118 standard, AutoCrypt ensures essential security technologies, such as encryption and digital signatures, are used to protect EVs during charging.

Starting with Europe, AutoCrypt V2G is set to enter the EV charging market next year via a partnership with smart grid solution provider GridWiz and its Plug&Charge solution, which utilizes AutoCrypt V2G for safe and convenient EV charging and payments processing. This comes following the successful presentation of AutoCrypt at the 31st International Electric Vehicle Symposium & Exhibition (EVS 31) and International Electric Vehicle Technology Conference 2018 (EVTeC 2018), one of the largest international events for electric vehicles, and consistent participation in ISO/IEC 15118 testing symposiums worldwide to ensure the wide applicability of AutoCrypt V2G.

Karamba Onboards Ficosa

Karamba Security,  announced that Ficosa, a top-tier global provider for the automotive and mobility sectors, is partnering with Karamba Security to harden its Telematics Control Unit (TCU) and keep vehicles protected from cyberattacks when communicating with the internet. Ficosa, through Onboard Ventures, its Open Innovation initiative, has identified Karamba Security’s Carwall solution as an effective hardening software that is seamlessly integrated into the vehicle Electronic Control Units (ECU’s), without disrupting the development process or delay the vehicle’s time to market.

Live Car Hacking from Karamba Security

Karamba Security, also announced its presence at CES 2019, January 8-11, 2019, in Las Vegas. At this year’s event, Karamba Security will demonstrate live car hacking, run education sessions focusing on automotive cybersecurity and showcase industry leaders partnering for cybersecurity.

Teaming up with Karamba Security at CES 2019 are leading automotive platform providers Micron, STMicroelectronics, Arm, Wind River, and innovative top-tier global providers Ficosa and Alpine – all companies that are investing to increase cybersecurity protection in today’s vehicles.

End-to-end security of the ECU requires a zero-trust approach to cybersecurity enforcement. Karamba Security and Micron Technology collaborate to leverage the Micron® Authenta™ security architecture for ECU hardening, using standard flash memory form factors. Micron Authenta-enabled flash memory delivers the hardware roots of trust, and security features to lock encryption keys for simplified platform-level security implementations.

Karamba’s Carwall end-to-end protection is integrated on ST’s Modular Telematics Platform, leveraging the security architecture of the Telemaco3P STA1385 Automotive Telematics and Connectivity Processor. Automotive-application developers can use this modular time-to-market accelerator, customize it to test near-final product, and take advantage of the root of trust offered by the embedded Hardware Security Module for image integrity and secure connectivity, and of the Karamba runtime integrity protection, optimized in performance on ST Telemaco3P.

In-Vehicle Security depends on a root of trust that protects the key assets of the security technology. Karamba SafeCAN, running on Arm processors, is offering innovative Authentication Encryption technology for the CAN network that is providing source authentication for each message, with zero bandwidth overhead. SafeCAN key management is simple and intuitive, as it doesn’t require any key exchange over the CAN Bus. In the future, basing Karamba SafeCAN’s root of trust on Arm TrustZone technology will allow the encryption key to be deployed once in a highly trusted secure element, thus increasing the overall security level of the solution.

Karamba and Wind River have collaborated to help original equipment manufacturers (OEMs) and Tier 1 suppliers improve in-vehicle security by hardening ECUs to preserve original factory settings. Combining with Wind River Chassis, Karamba’s runtime integrity technology can help secure in-vehicle systems, from infotainment and TCU to autonomous driving and V2X ECUs. The Wind River Chassis portfolio of automotive software includes the high-performance and market-leading VxWorks RTOS, Wind River Drive which provides Adaptive AUTOSAR-oriented software to support customers in developing ISO 26262 ASIL D–certifiable automotive safety-critical applications, Wind River Linux and other commercial-grade open source technologies, Wind River Diab Compiler, and Wind River Edge Sync that provides a software framework for remote over-the-air (OTA) updates and software lifecycle management

Together with Ficosa, Karamba is showcasing a hardened Telematics Control Unit (TCU) that is leveraging the latest Control Flow Integrity (CFI) technology by Karamba to prevent in-memory cyberattacks. Ficosa’s innovative design was easily integrated with the Karamba Carwall, offering car manufacturers an out-of-the-box solution, securing the future of smart mobility.

Innovative Infotainment systems provide rich interfaces and fast access to the internet. Alpine and Karamba are demonstrating the hardening of this key connected Electronic Control Unit (ECU) with the Karamba Carwall solution, preventing in-memory cyberattacks and assuring secured experience with the industry-leading CFI.

Beyond the interactive demo, show attendees can partake in education sessions focused on securing the future of smart mobility and the benefits of self-protecting vehicles. CES session titles include:

  • Think Like an Automotive Hacker
  • How Cybersecurity Impacts Automotive Innovation
  • Recent Attacks on Cars, Lessons Learned
  • In-Memory Attacks in Today’s Connected Cars
  • The Automotive Security Evolution, ISO and the Regulation Progress
  • What is Autonomous Security and How Prevention Matters

Automotive Execs Believe in Blockchain

A new IBM study estimates that 62 percent of automotive executives believe blockchain will be a disruptive force in the auto industry by 2021. However, the research also finds that only a small percentage of OEMs and suppliers are currently ready for blockchain or have a greater perception that blockchain solutions that are ready for commercial use.

The new study, “Daring to be first, How auto pioneers are taking the plunge into blockchain,” developed by the IBM Institute for Business Value (IBV) in collaboration with Oxford Economics, is the result of a survey with 1,314 automotive executives (OEMs and suppliers) across 10 business areas and 10 countries including China, Germany, India and the United States.

The global data revealed finance, supply chain and mobility services as top areas where blockchain could be beneficial. However, aftersales, the secondary market of the auto industry, concerned with the manufacturing, distribution, retailing, and installation of all vehicle parts, also rated high for OEMs in China, Germany and Mexico. Currently part traceability throughout the lifecycle of a vehicle is very limited, which means counterfeit parts could be used by service centers in some markets. Implementing blockchain-based solutions in the automotive supply chain could solve some of the issues around recalls, fake products and consumer safety.

The report also highlights how blockchain will introduce improvements and operational efficiencies in areas such as financial transactions between ecosystem participants, authenticating access to cars and customer experience and loyalty. It also finds that:

  • 54 percent of executives expect new business models to influence investments in blockchain.
  • At least 50 percent of the OEM executives in each country believe that blockchain solutions will have a high impact on fleet management services.
  • 55 percent of OEMs and 47 percent of suppliers say implementing blockchain will improve imperfect information in their business networks.

Organizations like the Mobility Open Blockchain Initiative (MOBI) are already exploring the use of blockchain to help make mobility safer, more affordable and more widely accepted. Some of MOBI’s initial projects are focusing on secure mobility commerce; usage-based mobility pricing and payments; and vehicle identity, history and usage.


SafeRide Technologies, the first automotive cybersecurity company to offer a multi-layer deterministic and heuristic anomaly detection and threat prevention solution, has collaborated with Ixia, a Keysight Business, to test SafeRide’s vSentry™ vehicle cybersecurity solution using the BreakingPoint applications and network security test platform. The BreakingPoint test platform simulates unauthorized data activity within the vehicle, while SafeRide’s technology detects these attempts, contains the activity, and prevents any interference or data loss.

As the number of connected vehicles grows, cyber threats to the automotive industry are rapidly increasing. It is critical to secure any connection to a vehicle. Without proper cybersecurity measures, OEMs, fleets and customers are left vulnerable to zero-day attacks and financial and safety risks.

SafeRide’s vSentry™ multilayer cybersecurity solution monitors all external communication to the vehicle, in-vehicle network traffic, and ECU software in real-time, and provides a zero false-positive firewall, Intrusion Detection and Prevention System (IDPS), and access control to all ECU resources. SafeRide’s vXRay™ advanced AI Machine Learning and Deep Learning technology uncovers zero-day vulnerabilities and allows for remediation by updating real-time access control policies over-the-air.

It can be challenging to test the level of efficiency and operation of leading cybersecurity solutions, such as SafeRide’s vSentry. To address this challenge, the BreakingPoint test solution simulates real-world traffic, distributed denial of service (DDoS), exploits, malware and fuzzing attacks. BreakingPoint simulates both good and bad traffic to validate and optimize the network under the most realistic conditions. BreakingPoint is used to trigger unauthorized data exfiltration activity, while SafeRide’s vSentry solution detects the exfiltration attempt with vehicle profiling and anomaly detection algorithms, and applies automatic bandwidth control policies to contain the incident and prevent interference and data loss.

SafeRide demonstrated its vSentry solution on Ixia’s BreakingPoint test platform at AutonomousTech in Israel.

SafeRide is also now integrated with Airbiquity.


You are welcome to subscribe to receive email notification of publication of Connected Car News Cybersecurity, you can also get weekly news summaries or daily emails.