More Auto-ISAC Members
The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomed two new members BlackBerry and Verizon and, two new strategic partners Pen Test Partners and Regulus.
The inclusion of these four companies increases the strength of the Auto-ISAC’s position as the voice of the global auto cybersecurity information sharing community that works to prevent cyber threats to the connected vehicle.
Karamba Security Enterprise Edge
Karamba Security, announced that its autonomous security solution is being used to protect connected devices and systems across a broad spectrum of vertical markets facing similar large-scale cybersecurity threats.
Following successful deployments of Karamba’s embedded, self-protecting and auto-recovery software technology in the automotive industry — including more than 32 engagements with car manufacturers and tier-1 automotive suppliers — manufacturers in other vertical markets have sought out Karamba’s technological offering. Manufacturers of enterprise edge devices, Industry 4.0 controllers and other connected systems have engaged with Karamba, using its runtime integrity software to provide an active hardening layer to their connected, massively deployed devices.
In conjunction with this market expansion, Karamba also announced a go-to-market partnership with embedded software firm Wind River to help automotive, aerospace, defense, industrial, medical and network providers to automatically embed self-protection security in their connected devices. With their successful collaboration for the automotive industry, the two companies launched an initiative to expand the use of built-in, embedded, runtime integrity in the connected systems world.
Karamba’s technology automatically hardens the full image of the connected system and prevents modification of the factory settings. The embedded security is always on, assuring the software integrity during runtime and preventing attackers from taking control of the connected system. This way developers, providers, manufacturers and vendors can offer products that are self-protected against cyberattacks.
“We quickly recognized that demand for our automated device hardening technology applies to multiple markets and a myriad of products,” said Ami Dotan. “The mandate for security is being driven by manufacturers, suppliers and business users alike, and we are able to offer a proven, production ready solution that is automated, pragmatic and simple. Offering automatically embedded security to software defined products in automotive, Industry 4.0, IoT and other products fit well with our partnership with Wind River.”
Filament Blockchain for University of Nevada, Reno’s Intelligent Mobility
Filament, provider of comprehensive enterprise blockchain solutions for the Internet of Things (IoT), announced that it is working with the University of Nevada, Reno’s Intelligent Mobility initiative to develop a new standard based on blockchain IoT technology for attested data integrity between autonomous vehicles and road infrastructure. The smart city project is being conducted through the University’s Nevada Center for Applied Research (NCAR) and is designed to improve safety and communication between autonomous connected vehicles and surrounding infrastructure with LIDAR and dedicated short-range communications (DSRC) devices mounted at intersections.
The University will begin simulated testing of Filament’s Blocklet® technology, with plans to soon integrate the technology into both an autonomous vehicle and the sensor infrastructure placed along defined routes to deliver a trustworthy record of events, enabling attested data exchange via blockchain transactions.
The state of Nevada, with the support and commitment of its research universities, industries and startups, has established itself as a premier location for innovative vehicle and transportation technologies. Supported by the Nevada Governor’s Office of Economic Development, the University of Nevada, Reno’s Intelligent Mobility is testing synchronized mobility concepts and gathering data in real-world, “Living Lab” settings. A vehicle-to-infrastructure (V2I, also known as V2X) communication project demonstrating the security of data sent to-and-from autonomous vehicles and street-side infrastructure using blockchain technology is expected to be completed in the first half of 2019.
Filament’s Blocklet products provide blockchain native tools and technology for enterprises and industrial corporations, enabling them to securely process and record transactions directly from IoT devices, secure RFID tags, vehicles, manufacturing equipment and other connected machines, ensuring digital trust from the edge to drive smart contracts, automation, compliance and new revenue streams. The company’s solutions are being used by global corporations in the automotive, communications and other enterprise sectors.
Southwest Research Institute Tests Cybersecurity
Southwest Research Institute has developed a cybersecurity system to test for vulnerabilities in automated vehicles and other technologies that use GPS receivers for positioning, navigation and timing.
“This is a legal way for us to improve the cyber resilience of autonomous vehicles by demonstrating a transmission of spoofed or manipulated GPS signals to allow for analysis of system responses,” said Victor Murray, head of SwRI’s Cyber Physical Systems Group in the Intelligent Systems Division.
GPS spoofing is a malicious attack that broadcasts incorrect signals to deceive GPS receivers, while GPS manipulation modifies a real GPS signal. GPS satellites orbiting the Earth pinpoint physical locations of GPS receivers embedded in everything from smartphones to ground vehicles and aircraft. SwRI designed the new tool to meet United States federal regulations. Testing for GPS vulnerabilities in a mobile environment had previously been difficult because federal law prohibits over-the-air re-transmission of GPS signals without prior authorization.
SwRI’s spoofing test system places a physical component on or in line with a vehicle’s GPS antenna and a ground station that remotely controls the GPS signal. The system receives the actual GPS signal from an on-vehicle antenna, processes it and inserts a spoofed signal, and then broadcasts the spoofed signal to the GPS receiver on the vehicle. This gives the spoofing system full control over a GPS receiver.
While testing the system on an automated vehicle on a test track, engineers were able to alter the vehicle’s course by 10 meters, effectively causing it to drive off the road. The vehicle could also be forced to turn early or late.
“Most automated vehicles will not rely solely on GPS because they use a combination of sensors such as lidar, camera machine vision, GPS and other tools,” Murray said. “However, GPS is a basis for positioning in a lot of systems, so it is important for manufacturers to have the ability to design technology to address vulnerabilities.”
SwRI develops automotive cybersecurity solutions on embedded systems and internet of things (IoT) technology featuring networks and sensors. Connected and autonomous vehicles are vulnerable to cyber threats because they broadcast and receive signals for navigation and positioning.
The new system was developed through SwRI’s internal research program. Future related research will explore the role of GPS spoofing in drones and aircraft.
Market Forecast from Future Markets
The market for automotive cyber security is estimated to increase in the coming years due to increase in the adoption of telematics services in the vehicles reports Future Market Insight. Also due to increasing threats of cyber-attacks in the automotive and transportation systems the need for automotive cybersecurity is increasing. In next eight to ten years the demand for connected and autonomous vehicles is projected to grow, also number of companies are doing research in the field of connected vehicles and autonomous vehicles such as Google, Mobileye, Nissan, Audi, BMW, Ford, GM, Toyota, Daimler, and others.
The global Automotive cybersecurity market is segmented on the basis of types of cybersecurity solution such as Software-based, Hardware-based, and Network & Cloud. The global automotive cybersecurity market is also segmented on the basis of vehicle type such as passenger cars, light commercial vehicles, and heavy commercial vehicles.
Due to increase in the adoption of advanced connected car systems in the vehicle in western countries the demand for automotive cybersecurity systems is increasing. .The major players identified across the value chain of global Automotive cybersecurity market include Argus Cyber Security Ltd., Cisco Systems Inc., Arilou Technologies, Harman International, Intel Corporation, NXP Semiconductors, ESCRYPT Embedded Systems, Secunet AG, and others. The companies are emphasizing on research and development and new product development in order to maintain the competitive advantage in global automotive cybersecurity market during the forecast period. In order to meet the increasing demand of cybersecurity systems, companies all over the world are looking to expand the product portfolio and increase the sales strategies. The companies are also focusing on different strategies in order to maintain the market share in the global automotive cybersecurity market.
Read all Automotive Cybersecurity.
You are welcome to subscribe to receive email notification of publication of Connected Car News Cybersecurity, you can also get weekly news summaries or daily emails.