Wednesday 15th July 2020

Hardware-based detection and mitigation launched for automotive’s cybersecurity vulnerability

Published on May 28th, 2020

UltraSoC and Canis Automotive Labs announced a partnership that addresses one of the most serious cybersecurity vulnerabilities in the automotive industry. This, say the companies, is the lack of security features within the CAN bus, which is commonly used to interconnect in-vehicle systems such as brakes, steering, engine, airbags, door locks, and headlights.

The partnership between the two companies will yield hardware-based intrusion detection and mitigation techniques for common exploits on the CAN bus. These include automatic hardware anti-spoofing; defence against bit-level attacks such as the Bus-Off attack and bit-glitching; and resistance to denial of service (DoS) style attacks.

The collaboration centres on the deployment of Canis Labs’ CAN-HG technology, a new fully-compatible augmentation of the standard CAN bus protocol that includes bus guardian security features, and has the added benefit of being able to carry payloads twelve times larger than standard CAN frames.

When combined with UltraSoC’s semiconductor IP for detection and mitigation of cyber threats, CAN-HG allows designers to secure their CAN bus designs at the hardware level. The cybersecurity capabilities enabled by the collaboration employ fast bits within the CAN-HG augmented part of a CAN frame to add security information to CAN frames.

This can be used by UltraSoC’s protocol-aware monitoring hardware to identify and block suspicious or unauthorised traffic traveling over CAN. These new capabilities will be refined and proved for deployment as part of Secure-CAV: an ambitious project that seeks to improve the safety and security of tomorrow’s connected and autonomous vehicles (CAVs).

Aileen Ryan, UltraSoC CSO, comments: “Automotive cybersecurity requires an ecosystem approach. We’re delighted to add Canis Labs to our list of partners working in this area, which already includes NSITEXE-DENSO and Agile Analog; as well as our partners in the Secure-CAV project, Copper Horse and the Universities of Coventry and Southampton.

Up to now the industry has been forced to use sticking plaster solutions to defend CAN interconnect, relying on software techniques or perimeter security. Incorporating Canis Labs’ innovative CAN-HG technology into UltraSoC’s products allows us to secure the vehicle ‘from the inside out’: within the underlying electronic hardware.”

Ken Tindell, Canis Labs’ CTO, adds: “The most effective way to protect a CAN bus from attacks is to deploy a hardware security device – or better still, use semiconductor IP to incorporate hardware protections into the underlying system.

We believe that the combination of UltraSoC and Canis Labs IP provides a robust solution to CAN security, which is one of the most pressing problems for any CAN bus user – whether they are in automotive, aerospace, or any other industry sector.”

CAN is a hugely successful interconnect protocol which emerged in the 1980s in response to the need for an efficient, lightweight interconnection method that could cope with the harsh environments found in vehicles. Today it remains a common choice not only in the automotive industry but also in industrial, cyberphysical and robotics applications, where safety is paramount. But while it is physically robust, CAN is almost entirely lacking in cybersecurity features.

Most existing approaches to CAN security are software-based, meaning that they are often unable to react quickly enough to prevent protocol-level attacks. Because it is hardware based, a joint Canis Labs / UltraSoC solution can react quickly enough to prevent an attack from completing. This has two implications.

First, many exploits rely on creating a “window of opportunity” during which the system is in a vulnerable or unknown state. A fast reaction time can eliminate this window and significantly improve the overall robustness of cybersecurity defenses.

Second, CAN bus is used in many cyberphysical systems, in which elapsed time equates to distance traveled. A faster response time therefore has significant benefits in terms of mitigating the physical consequences of an attempted intrusion, better protecting the safety of citizens and infrastructure.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow