Solves the problem of insufficient security of the CAN bus in all vehicles
embedded world, NUREMBERG; CAMBRIDGE, February 24, 2020 – UltraSoC today announces a significant expansion of its range for automotive cyber security with CAN-Sentinel. This new IP adds an urgently needed hardware-based security element for the CAN bus, the global industrial networking standard for car manufacturers and OEMs. UltraSoC’s CAN-Sentinel is connected to the bus, monitors transactions with a vehicle ECU (electronic control unit), detects suspicious activity and prevents incorrect messages and attacks from outside.
CAN-Sentinel can be configured with user-definable security rules, which provides good protection against frequent attacks, such as frame spoofing, and allows the system to be updated when the risk situation changes. Developed as part of the Secure CAV Consortium, of which UltraSoC is a leading member, it is integrated into UltraSoC’s further embedded security analysis and monitoring architecture, which enables the implementation of a powerful system with comprehensive cybersecurity.
Since its market launch 30 years ago, the CAN bus (controller area network) has become the general standard in the automotive industry. Only recently has it been perceived as a serious safety risk in cars. A number of high-profile attacks – such as the Miller-Valasek jeep hack – have exploited its lack of security features. However, cyber security is becoming increasingly important to the automotive industry because it is a major reason for many product recalls: it is estimated that the industry cost $ 26 million in 2016 when GM alone called 23 million vehicles back to the workshops in a year ,
Professor Siraj Ahmed Shaikh (Institute of Future Transport and Cities (IFTC) at Coventry University) comments: “The CAN bus is a critical area of current and future vehicle designs and there is an urgent need to make cybersecurity more secure. CAN-Sentinel from UltraSoC not only eliminates the real danger of frame spoofing, but is also in wait to report new, as yet unknown dangers and attempts to penetrate. ”
Gajinder Panesar, CTO of UltraSoC, added: “The CAN bus has helped vehicles to be safe for 30 years, but in modern vehicles there is no functional safety without cyber security. It is vital for the survival that the developers of automotive technology take the upcoming cyber risks seriously and today we present to them a simple tool with huge potential to significantly improve the cyber security of vehicles. Our products deliver intelligent analyzes that learn and evolve to adapt to the rapidly changing threat situation. ”
Die Vorstellung von CAN-Sentinel folgt direkt auf die von UltraSoC-Bus-Sentinel, dem ersten Produkt des Unternehmens in der Reihe von Cybersicherheits-Hardware. Dieses wurde gegen Ende 2019 vorgestellt, um das Einbetten einer sicheren Überwachungsarchitektur in das Zentrum eines einsatz- und sicherheitskritischen Bausteins zu vereinfachen, besonders in Applikationen wie vernetzten oder autonomen Fahrzeugen (CAVs). Das neue IP-Hardware-Produkt für die Cybersicherheit ist mit der eingebetteten Sicherheitsanalysearchitektur von UltraSoC kombiniert, um eine vollständige und holistische eingebettete Sicherheitslösung zu liefern.
Der CAN-Bus wurde entwickelt, um eine robuste Kommunikation (mit Systemen wie Bremsen, Lenkung, Motor, Airbags, Türschlössern und Scheinwerfern) in der rauen Automobilumgebung zu ermöglichen. Obwohl er für eine hohe Funktionssicherheit ausgelegt ist, ist er nicht dazu entwickelt, Cyberattacken sicher abzuwehren. Die Methoden den CAN-Bus gegen Cyberattacken abzusichern haben sich bisher darauf konzentriert, Eindringversuche von außen zu stoppen (Software-Patches oder APIs, absichern von Wi-Fi-Geräten), anstatt die Sicherheit in den Bus selbst einzubetten. Dies hat den CAN-Bus und damit die Fahrzeuge anfällig für alle Arten von potenziellen Angriffen durch Frame-Spoofing-Hacks gemacht, die das Fahrzeug ferngesteuert lahmlegen könnten, und damit zu potenziellen erpresserischen Attacken oder sogar Großangriffen auf die Verkehrsinfrastruktur führen können.