Embedded firewall to protect automotive systems
By 2022, more than two-thirds of new cars on US roads will have online connections to their safety-critical system, putting them at risk of deadly hacks (Consumer Watchdog report, July 2019) to vehicles’ ‘head’ systems, used primarily for infotainment, GPS navigation, and other features.
To better protect vehicles from cyber attacks certificate authority, Sectigo, a provider of purpose-built and automated PKI management solutions, has released the Sectigo Embedded Firewall for Automotive.
Part of the Sectigo IoT Identity Platform, the new product was developed specifically for transportation security. To speed adoption and security across the automotive supply chain, Mentor, a Siemens business has integrated the Sectigo Embedded Firewall for Automotive with its popular AUTOSAR platform.
“As a leading provider of AUTOSAR standard software, it is imperative that we offer solutions that help our customers, including ECU suppliers and transportation OEMs, to protect cars and fleets from network-based cyber attacks,” said Mathias Fritzson, VSTAR Product Manager at Mentor, a Siemens Business.
“Through product integration with Sectigo, a leader in end-to-end IoT identity and integrity, our customers will be able to easily add critical security capabilities to their devices. A global tier-one automotive ECU supplier is one of the early adopters of our Sectigo-enabled AUTOSAR platform, indicating the urgency for embedded security.”
“Sectigo’s Embedded Firewall enables automotive ECU suppliers to enforce filtering rules, perform anomaly detection, and identify traffic variances to prevent cyber attacks. This unique functionality maximises driver safety and helps prevent the loss of intellectual property, disruption of services, and proliferation of an attack to other systems,” explained Alan Grau, VP of IoT/Embedded Solutions, Sectigo. “With integration of our embedded firewall into its AUTOSAR platform, Mentor is expanding distribution, integration, and access to critical cyber security technology to its base of automotive ECU customers across the industry.”
Protecting automotive ECUs through IoT authentication
To protect from these attacks, automotive manufacturers need an embedded firewall to control traffic into the exposed electronic control units (ECUs) in a vehicle, similar to how a firewall protects home and corporate networks. Embedded firewalls help prevent access from outside cyber attacks on a car’s electronics, while still enabling authenticated access for software upgrades and updates.
Available today, Sectigo Embedded Firewall for Automotive is the only security solution that has been embedded within automotive ECUs to provide anomaly detection, stateful packet inspection, rules-based filtering, and threshold-based filtering.
Above: Sectigo’s Embedded Firewall for Automotive helps protect the car’s network connections from cyber attacks
By protecting ECUs such as advanced driver assistance systems (ADAS), steering, braking, etc. from attack, the firewall prevents access from outside cyber attacks on a car’s electronics, while enabling access to upgrades and updates. The firewall:
- Works with AUTOSAR, Real Time Operating Systems (RTOS) and Linux to configure filtering rules
- Offers deep packet inspection for industrial protocols, including CAN bus
- Meets the requirements of automotive systems by enforcing defined security policies, limiting communication with vehicle control systems to a small set of trusted hosts, and blocking attacks from any other source