Automotive Cybersecurity: Elektrobit, Arilou, Argus, Marvell & HARMAN

In automotive cybersecurity this week were Elektrobit, Arilou, Argus, Marvell, HARMAN and ISS.

Elektrobit

Elektrobit and its subsidiary, Argus Cyber Security, announced that they are collaborating with NXP to bring to market the industry’s first complete software-hardware solution that delivers comprehensive protection against even the most sophisticated cyberattacks.

This first-of-its-kind solution consists of:

  • NXP’s Secure CAN Transceiver for a vehicle’s controller area network (CAN) bus, which detects and prevents malicious activity at the CAN bus level;
  • Argus’ Intrusion Detection and Prevention Software (IDPS), which detects potentially malicious activity through data and timing heuristics, and then reports this activity to a security backend to enable an appropriate response;
  • EB cadian Sync software, which enables continuous over-the-air (OTA) updates in the vehicle, including critical updates to ECUs as necessitated by the NXP Secure CAN Transceiver and Argus IDPS findings.

Arilou & STMicrolectonics

Arilou, part of NNG Group, and STMicroelectronics are working together on the integration of Arilou’s Intrusion Detection and Prevention system (IDPS) Software solution into ST’s SPC58 Chorus series of 32-bit Automotive microcontroller.

Arilou and STMicroelectronics are working together on the integration of Arilou’s Intrusion Detection and Prevention system (IDPS) Software solution into ST’s SPC58 Chorus series of 32-bit Automotive microcontroller. The companies will share a demonstration of their efforts in a private suite at CES 2019, Jan 8-10 in Las Vegas.

Advanced security solutions require a multi-layer approach where both hardware and software monitor the data streams to detect communication anomalies. The combination of the Security Engine embedded in the SPC58 “Chorus” Series of automotive MCUs with the capability of Arilou’s IDPS software to detect traffic anomalies, provides a state-of-the art cyber-security solution.

Arilou and Green Hills Software

Arilou Information Security Technologies and Green Hills Software announced a cooperation, integrating Arilou’s Intrusion Detection and Prevention System (IDPS) with the Green Hills INTEGRITY real-time operating system (RTOS).

Arilou and Green Hills Software are joining forces to secure the communication between the vehicle CAN bus and an ECU by implementing a dedicated version of the Arilou IDPS solution on the INTEGRITY Platform. This enables any automotive manufacturer using the Green Hills RTOS to transparently install Arilou’s UMTRI-tested IDPS adjacent to the safety applications also running on INTEGRITY, thereby detecting and preventing any CAN bus targeted malicious attacks.

Argus & Marvell

Argus Cyber Security, a global leader in automotive cyber security, and Marvell announced today that the Argus IDPS Ethernet solution will be integrated into Marvell’s highly secure 88Q5050 automotive Ethernet switch. The integration of the Argus solution will provide Marvell’s 8-port Ethernet gigabit capacity switch with an enhanced level of security. The solution empowers OEMs to deploy advanced Ethernet capabilities with the ability to prevent and respond to cyber-attacks in the vehicle. In addition, the solution works with Argus Lifespan Protection to provide OEMs and fleet managers with situational awareness, the ability to detect emerging attacks with cross-fleet big-data analysis, and the power to prevent attacks before they create damage with over-the-air (OTA) security updates.

Argus Ethernet IDPS is a cyber security protection layer for automotive Ethernet networks. This enhanced cyber security protection layer monitors networks for malicious activity, detects attacks and prevents them from affecting the vehicle. The solution reports detected intrusions, even when blocked, to Argus Lifespan Protection, to provide actionable insights into the cyber health of the fleet.

HARMAN OTA with Security Scanning

HARMAN International, a wholly-owned subsidiary of Samsung Electronics Co., Ltd., focused on connected technologies for automotive, consumer and enterprise markets, today announced that it is expanding its HARMAN Over-the-Air (OTA) offering to allow OEMs to effectively tackle the ever-growing security complexity of their software supply chain’s components.

The new Automotive Cybersecurity add-on to HARMAN Remote Vehicle Updating Service (OTA) provides the following capabilities to manage vulnerabilities in the automotive software supply chain:

Automated scanning of binaries directly from the OTA system before update campaigns are activated.An up-to-date security score to help OEMs identify the risk level in deploying specific vehicle software components.Continuous monitoring of deployed binaries and identification and alerting of zero-day vulnerabilities utilizing Cybellum solution.A full impact analysis at the binary level to assess the level of an OEM’s fleet exposure.Seamless integration with partner Cybellum vulnerability detection solution.

ISS MA Service for US V2X

INTEGRITY Security Services (ISS)  announced the ISS Misbehavior Authority Service (MAS), which is the first MA Service for the US V2X ecosystem. The ISS MAS will begin by serving the US Department of Transportation’s Connected Vehicle Pilots already subscribing to the ISS Certificate Management Service (CMS) and all other ISS CMS Subscribers. As the de facto US national SCMS Manager, ISS is again taking the technical leadership position to ensure the US V2X ecosystem is secure and interoperable. With the ISS MAS, CV-Pilots and ISS CMS Subscribers will be able to begin identifying vehicles for misbehavior and removing them from their networks. Device manufacturers and all ISS CMS Subscribers should contact ISS by registering at the link below to discuss how to get their devices ISS CMS-certified, enabled with the ISS-approved MAS OBU client and begin testing. If you are running a DSRC and/or C-V2X AV or CV-Pilot and have potential misbehavior data you want analyzed, please register at the link below.

The ISS MAS extends the initial work in misbehavior detection performed by ISS, CAMP and USDOT. The ability to identify vehicles that are not sending correct V2X messages and to remove them from the connected vehicle ecosystem is an important security requirement to maintain trust in the ecosystem. The ISS MAS provides this capability on a scalable and efficient national level. As part of this, ISS will be publishing its misbehavior detection criteria, reporting format and MAS APIs for OBU and RSU vendors to use with their compliant systems.

Read previous automotive cybersecurity articles.

SUBSCRIBE

You are welcome to subscribe to receive email notification of publication of Connected Car News Cybersecurity, you can also get weekly news summaries or daily emails.

 

COMMENT: Let Us Know What You Think