Embedded World Congress Nuremberg, Germany and Cambridge, UK – February 24, 2020
UltraSoC today announced CAN Sentinel, a major step forward in its automotive cybersecurity offering. New intellectual property (IP) adds a much-needed hardware-based security layer to the CAN bus, the global industry standard for interconnect technology followed by automakers and OEMs. UltraSoC’s CAN Sentinel resides ON the bus and monitors transactions with the vehicle’s Electronic control unit (ECU), identifying suspicious behavior, preventing malicious messages, and suppressing attacks.
CAN Sentinel can be configured with user-defined security rules, providing protection against common exploits such as frame spoofing, and allowing the system to be upgraded as the threat landscape evolves. The development of CAN Sentinel is part of the work of the Secure-CAV Consortium, of which UltraSoC is a leading member. Combining CAN Sentinel with UltraSoC’s broader security embedded analytics and monitoring architecture enables robust system-wide cybersecurity protection.
The CAN (Controller Area Network) bus has become ubiquitous in the automotive industry since its inception 30 years ago. But recently, it’s also been recognized as possibly the worst security flaw in a car. Many high-profile attacks, such as Miller and Valasek’s hacking of Jeep cars, exploited its inherent flaws in security features. Cybersecurity is a growing concern for the auto industry and a leading cause of recalls: In 2016, General Motors alone recalled 23 million vehicles in a single year, costing the industry an estimated $26 billion.
Professor Siraj Shaikh from Coventry University’s Institute for Future Transport and Cities (IFTC) commented: “The CAN bus is a key area of current and future vehicle design, and in terms of cybersecurity, there are huge opportunities to Further enhancing its security. The UltraSoC CAN Sentinel is designed not only to detect and deal with the real threat posed by frame spoofing, but to wait and monitor for any other threats and intrusions that may arise.”
Gajinder Panesar, CTO of UltraSoC, added: “The CAN bus has helped keep vehicles safe for 30 years, but in modern vehicles, safety cannot be guaranteed without protection. It is critical that automotive technology developers take the evolving cyber risks seriously. IMPORTANT. Now, we provide them with a neat technology that has enormous potential to improve automotive cybersecurity. Our product provides intelligent analytics that continuously learn and evolve to respond to rapidly changing threat landscapes .”
The CAN Sentinel follows the UltraSoC Bus Sentinel, the first product in the UltraSoC family of cybersecurity hardware. Released in late 2019, the product aims to simplify the effort to embed safety monitoring architectures at the heart of mission- and safety-critical equipment, especially in applications such as connected and autonomous vehicles (CAVs). These new cybersecurity hardware IP products, combined with UltraSoC’s secure embedded analytics architecture, provide a complete set of embedded security solutions.
The CAN bus is designed to provide reliable communication (and reliable systems such as brakes, steering, engine, airbags, door locks, and headlights) in harsh vehicle environments. Although it is designed with security in mind, it does not consider protection and defense against cyber-attacks. To date, the approach to securing the CAN bus has been to prevent network intrusions from the outside (making Wi-Fi devices secure via software patches or APIs), rather than embedding security safeguards into the bus itself. This leaves the CAN bus and vehicle vulnerable to a variety of potential attacks from frame-spoofing hacks that could disable the vehicle remotely, leading to potential ransomware attacks or even large-scale attacks on road infrastructure.