Vehicles are cyber-physical systems (CPS); as a result, software vulnerabilities can threaten human lives. At SecureThings we believe that it is thus vitally important for the automotive industry to make vehicle cyber security an organizational priority. Today, vehicles are more software-driven than mechanical, meaning software security has a direct impact on safety. Internet connectivity is now integral to the automotive ecosystem: over-the-air (OTA) software updates, cloud backed services, and backend analytics rely on this “always-on” connectivity. Modern vehicles are equipped with many network interface technologies – Cellular, Bluetooth, GPS, and RF, etc. While these technologies broaden the feature set of vehicles and improve user experience, the incontrovertible downside is that the automotive attack surface is constantly expanding, and vehicles are vulnerable to attacks on such systems.
Vehicles today are connected and equipped with advanced safety features like advanced driver-assistance systems (ADAS), imminent crash warnings, automatic braking, and vehicle security communication systems. These advancements may reduce the risk of accidents to a high degree. However, these automated systems must make decisions based on available data: this data is vulnerable to tampering and spoofing. These inputs must be secured from outside attacks, unapproved access, tampering, and generally protected from anything that may have an impact on vehicle safety and security.
SecureThings has developed end-to-end solutions for vehicle security to ensure the protection of software, devices, and data throughout the connected vehicle ecosystem. Through a 5-pronged approach of Detection, Response, Recovery, Identification and Protection, we take a holistic approach to cyber security; from product development to deployment and on into updates and patches. With this defense-in-depth approach, security issues can be prevented and remediated when they arise. SecureThings begins with a detailed risk analysis of use cases, attack surfaces, and potential attacks to mitigate the impact and develop recovery plans. SecureThings technology stacks include software protection measures that can be built-in to source code, and/or deployed on software binaries. Once systems are deployed, SecureThings’ technology provides real-time insights and intelligence for continuous monitoring to detect any anomalous behaviors and vulnerabilities to prevent/detect attacks and minimize the impact.
Regular analysis of any new attack chains, analyse the impact and the recovery plan. Define OTA campaign and ready for challenge using Secure Over the Air Update.
Provides real-time insights and intelligence on what processes & assets need protection. Tool to exactly identify vulnerable devices among the fleet.
Proactively disable the vulnerable attack chain to minimise the impact. Analytics & SOC solution to quickly identify the root cause and recover the impact device.