Securing the future of mobility

Similar documents
IoT Security for Critical Information Infrastructures. Andrey Tikhonov

Automotive Gateway: A Key Component to Securing the Connected Car

Kaspersky Security. The Power to Protect Your Organization

The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.

Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security

Verizon Software Defined Perimeter (SDP).

SIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC

OTA and Remote Diagnostics

Kaspersky Security for Small and Medium Business

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

Cybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute

PREEvision Technical Article

SECURING DEVICES IN THE INTERNET OF THINGS

Secure Product Design Lifecycle for Connected Vehicles

Internet of Things Toolkit for Small and Medium Businesses

locuz.com SOC Services

Conquering Complexity: Addressing Security Challenges of the Connected Vehicle

Heavy Vehicle Cyber Security Bulletin

Automotive Anomaly Monitors and Threat Analysis in the Cloud

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Securing Devices in the Internet of Things

Cyber security mechanisms for connected vehicles

Combating Cyber Risk in the Supply Chain

Accelerate Your Enterprise Private Cloud Initiative

TRENDS IN SECURE MULTICORE EMBEDDED SYSTEMS

13W-AutoSPIN Automotive Cybersecurity

Secure Technology Alliance Response: NIST IoT Security and Privacy Risk Considerations Questions

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Integrated C4isr and Cyber Solutions

CipherCloud CASB+ Connector for ServiceNow

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

EMERG IOT / M2M regulation and autonomous driving

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Turbocharging Connectivity Beyond Cellular

deep (i) the most advanced solution for managed security services

SECURING DEVICES IN THE INTERNET OF THINGS

PENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017

Connected vehicle cloud

Best Practices in Securing a Multicloud World

EPRI Research Overview IT/Security Focus. Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

Risk-based design for automotive networks. Eric Evenchik, Linklayer labs & Motivum.io Stefano Zanero, Politecnico di Milano & Motivum.

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Automotive Security Standardization activities and attacking trend

Preventing External Connected Devices From Compromising Vehicle Systems Vector Congress November 7, 2017 Novi, MI

MASP Chapter on Safety and Security

MEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Security+ SY0-501 Study Guide Table of Contents

Automotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division

Functional Safety and Cyber-Security Experiences and Trends

SECURING THE CONNECTED ENTERPRISE.

CYBER RESILIENCE & INCIDENT RESPONSE

The Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions

Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles

CSI: VIDEO SURVEILLANCE CONVERTING THE JUGGERNAUT

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)

Security Challenges with ITS : A law enforcement view

Compute solutions for mass deployment of autonomy

ABOUT US SECURITY. A Legacy of Providing Solutions. Protecting Your Data

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Countermeasures against Cyber-attacks

AUTOSAR stands for AUTomotive Open Systems ARchitecture. Partnership of automotive Car Manufacturers and their Suppliers

to Address Cyber Physical Systems Security (CPSSEC)

Innovation policy for Industry 4.0

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

PREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation

Automotive Security An Overview of Standardization in AUTOSAR

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

IT & DATA SECURITY BREACH PREVENTION

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

Examining future priorities for cyber security management

Development of Intrusion Detection System for vehicle CAN bus cyber security

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Trusted Platform Modules Automotive applications and differentiation from HSM

Connected Car Solutions Based on IoT

Scalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

WardsAuto Interiors Conference Creating the Ultimate User Experience

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

M2MD Communications Gateway: fast, secure, efficient

Security and networks

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

ESOA > The Connected Automobile. Connected Automobiles Market Overview Paul Gudonis, Global Network & Services

ENDPOINT SECURITY STORMSHIELD PROTECTION FOR WORKSTATIONS. Protection for workstations, servers, and terminal devices

Intelligent Building and Cybersecurity 2016

10 th AUTOSAR Open Conference

10 th AUTOSAR Open Conference

The case for a Vehicle Gateway.

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Kaspersky Industrial Cybersecurity Training Program

Cybersecurity. Securely enabling transformation and change

Cybersecurity Engineering and Assurance for Connected and Automated Vehicles

The threat landscape is constantly

Make security part of your client systems refresh

Internet of Things: Driving the Transformation

Transcription:

Kaspersky Transportation System Security AVL Software and Functions Securing the future of mobility www.kaspersky.com #truecybersecurity

Securing the future of mobility Connected car benefits The need for built-in security Modern cars are not just electromechanical vehicles anymore. With each generation, they become more and more connected, incorporating new progressive intelligent technologies, making vehicles more efficient, comfortable and safe. At the same time, new technologies like remote diagnostics, telematics and infotainment bring new challenges to the industry, turning connected vehicles into cyberattack targets. The growing risk of a vehicle being infiltrated, or having its safety, privacy and financial features violated, requires methodical, organizational and technical measures to ensure protection. This raises the demand for secure solutions, which should be capable of Making the vehicle resilient to remote attacks Detecting emerging attacks and reacting safely Assuring the connected vehicle is secure Strategic partnership To meet the cybersecurity challenges of next generation automotive system development, Kaspersky Lab and AVL Software and Functions GmbH have developed a reliable and flexible software platform that allows car manufacturers to develop and implement a Secure Communication Unit (SCU) into their cars, using hardware and additional software components that are aligned with their manufacturing plans. The platform exploits KasperskyOS, that is designed for, and meets the requirements of, embedded devices used in car manufacturing connected cars in particular. Connected cars Connected cars with Internet access, sensors, and communication modules can interact with other vehicles and its environment, bringing benefits to many including drivers, owners, OEMs, workshops, insurance companies, car rental / car sharing / taxis, and logistics companies. Collecting car telematics Proactive service and maintenance Fleet management Remote diagnostics V2X Communication Remote driver assistance Over-the-air software updates Insurance Autonomous driving 1

Along with obvious benefits, there are plenty of cybersecurity threats, including sensitive data theft, unauthorized access to the car, vehicle software modification, telematics data spoofing, and even accident provocation. Connected car threats Malware Delivery Thru Data Storage Device Attack from Downloaded Apps Man-in-the-Middle Attack Malicious Firmware Update Attack on OBD2 ECU Gateway Head Unit Private Data Browser Operating System Exploiting Software Vulnerabilities Key Store Keypad Remote Attack on Vehicle Bus Compromised Actuator Attack on Key / Certificate Stores Attack from Mobile Device Sniffing of User Data One of the main sources of these threats are vulnerabilities in the software, including bugs, backdoors and architectural issues. The connected car functionality is complex and sophisticated, and currently it is impossible to ensure that vehicle software is free from vulnerabilities, especially when it runs third party applications. Secure platform for connected cars The unique nature of our solutions lies in the fact that we protect platforms through a secure operating system, and a development approach based on secure methodology and unique patented technologies. This makes the entire solution trusted and reliable. That is what KasperskyOS was designed for make complex solutions secure. We follow a holistic approach to ensure the security of vehicles Threat-modelling and risk-analysis Methodological approach that allows us to create secure-by-design solutions Microkernel secure operating system - KasperskyOS Natively implemented Separation Kernel Architecture Patented security policy enforcement engine Trusted channel framework with state of the art encryption functionality Implementation of intrusion detection and prevention systems (IDPS) Security evidence by software assurance according to enhanced automotive V-cycle 2

The more complex system and code you have, the more chances to miss bugs. Complexity and security Complexity and security are conflicting features. The more complex system and code you have, the more chances to miss bugs even after very thorough testing procedures. That is what KasperskyOS was designed for make complex solutions secure. Two main principles are necessary to form a trusted platform even when the components themselves are not trusted. 1. Strong separation preventing unwanted interference with components 2. Security Policy Enforcement allowing valid communications between different components. Application 1 Application 2 Application 3 Application... Application n Runtime Environment Memory Services Communication Services Other System Services KasperskyOS Kaspersky Security System I/O Hardware Abstraction Complex Cryptographic Services Memory Hardware Abstraction Communication Hardware Abstraction Onboard Device Abstraction Trusted Channel Framework Microcontroller Memory Communication I/O Microcontroller Only a minimum number of components are considered trust-worthy Microkernel operating system (KasperskyOS) which contains only basic functions that are easy to test and verify Security policy engine (Kaspersky Security System) based on formal models like Domain Type Enforcement, Object Capability, Role Based Access, various dialects of Temporal Logics and others Trusted channel framework that includes a set of crypto algorithms as well as low level protection services, based upon hardware capabilities 3

These mechanisms, along with AUTOSAR,and AUTOSAR adaptive platform aligned features, implement secure onboard communications and protect various E/E architectures including car network topologies with domain controllers or a central gateway. This enables the implementation of cutting-edge features and services for equipped vehicles Over-the-air security updates Secure IVN communications Remote diagnostics Proactive service and maintenance Fleet management Autonomous driving Remote driver assistance Driver health, wellness and wellbeing digitization The added value Kaspersky Lab and AVL Software and Functions GmbH work together to develop advanced, embedded security technologies through a collaborative and comprehensive partnership approach. Providing 20 years of experience in automotive safety as well as in industrial and IT security Supporting our customers with a holistic approach from the first asset definition to system maintenance during the product life Development of tailored on- and off-board security solutions About Kaspersky Lab Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com. About AVL AVL is the world s largest independent company for the development, simulation and testing technology of powertrains (hybrid, combustion engines, transmission, electric drive, batteries and software) for passenger cars, trucks and large engines. AVL has more than 8,600 employees all over the world. In 2016, sales revenues reached EUR 1.4 billion. 4

Kaspersky Transportation System Security 39A/3 Leningradskoe Shosse, Moscow, 1252121, Russian Federation www.kaspersky.com transportation.security@kaspersky.com connectedcars@kaspersky.com Phone: +7-495-797-8700 Fax: +7-495-797-8709 +7-495-956-7000 AVL Software and Functions GmbH Im Gewerbepark B29 D-93059 Regensburg www.avl.com info.rgb@avl.com Phone: + 49 (0)941 630 890 Fax: + 49 (0)941 630 89 111

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback