Complete vehicular cybersecurity from development to post-production
The essential cybersecurity solution to protect vehicles from hackers.
Cyberattacks on vehicle systems can be silent yet catastrophic. By gaining access to the Automotive Emergency Braking (AEB) system, hackers can delete or alter outgoing messages from the network, ultimately taking control of the vehicle.
In-vehicle security is a complete solution that covers vehicular cybersecurity at all three stages: pre-production development, production, and post-production monitoring and threat mitigation. All are essential for vehicle type approval, as regulated by WP.29.
AUTOCRYPT provides complete security for the internal system of the vehicle. Starting with TARA, followed by rigorous Security Testing and AutoCrypt IVS engineering, and finishing with continuous monitoring and reporting enabled by AutoCrypt vSOC.
All You Need to Know About In-Vehicle Security
and stay prepared with AUTOCRYPT
A vehicle’s internal system consists of over 100 electronic control units (ECU), which control a number of electrical subsystems responsible all functionalities of the vehicle, from handling to connectivity.
The network protocols that enable the ECUs are largely categorized into the Controller Area Network (CAN) and MOST (Media Oriented System Transport) systems.
The CAN bus manages a vehicle’s internal communications for controlling power, direction, brakes, etc. MOST manages the systems for transmitting in-vehicle audio, video, and data via fiber-optic cables. Other network protocols like FlexRay and Ethernet govern high-capacity on-board computing.
Need for Security
The CAN (Control Area Network) bus is designed to allow microcontrollers and in-vehicle systems to communicate without a host computer.
However, they are not built with the intention of tracking where the communicated messages come from, making the systems vulnerable to external threat actors.
If an attacker were to take over an ECU by exploiting vulnerabilities in the network, they would be able to control certain parts of the vehicle using forged data or injecting malicious code, as well as gaining access to sensitive information.
Hackers may attempt to establish a foothold in the vehicle’s various systems by executing attacks through making changes to the memory disk, damaging the ECU functions, or infiltrating the core data storage units of the vehicle.
2010. 08 | Message fabrication from tire-pressure monitoring system (TPMS) resulting in false activation of warning lights and announcing falsesystem failure in ECU systems
Our In-Vehicle Security Solution
AUTOCRYPT provides complete security for the internal systems of the car.
AUTOCRYPT’s in-vehicle security solution involves a three-step process from 1) TARA, 2) Security Testing, to 3) Mitigation and Monitoring (with AutoCrypt IVS and AutoCrypt vSOC; see AutoCrypt IVS for details).
In-vehicle security not only blocks malicious threats from outside the vehicle, but also monitors communications within the vehicle, responding to any abnormal or malicious activities. With AutoCrypt IVS Intrusion Detection System (IDS) and Intrusion Protection System (IPS), AUTOCRYPT provides a complete, secure ECU security module for the vehicle.