C2A Security, from Jerusalem has successfully integrated an endpoint cybersecurity protection technology with AUTOSAR Classic Basic software of the German based Vector. The integration enables AUTOSAR developers to add an additional security control to automotive ECU development projects with negligible runtime performance impact. C2A Security’s solution safeguards the ECU by offering comprehensive runtime protection while complying with safety and security standards. It detects malicious activities in real time and prevents attackers from leveraging potential vulnerabilities at the ECU level.
“The automotive industry is increasingly deploying security controls in vehicle E/E architectures. These controls include secure boot, secure OTA, HSMs, diagnostic authentication, policing, vehicle key management and secure onboard communication,” said Dr. Eduard Metzker, Automotive Cybersecurity Solution Manager at Vector Informatik. “Intrusion detection and prevention systems (IDPS) are a meaningful addition to the set of available security controls. IDPS systems require a wide range of different security sensors.
“We see C2A’s runtime protection technology as a potential security sensor of a distributed onboards IDPS. The proof of concept which was created during the collaboration showed that the C2A engineers are able to successfully integrate C2A’s runtime protection technology with Vector AUTOSAR basic software.”
“Intrusion detection and prevention systems (IDPS) are a meaningful addition to the set of available security controls. IDPS systems require a wide range of different security sensors. We see C2A’s runtime protection technology as a potential security sensor of a distributed onboards IDPS.”
C2A Security was founded in 2016 by Michael Dick, who previously co-founded NDS. The company offers a complete suite of solutions, each is defending the car from a specific attack vector. It includes five different scenarios: Perimeter defense is based on penetration prevention to secure devices with CAN bus access; IDPS provides protection for in-vehicle networks; Its maintenance module is focused on in-vehicle end-to-end secured software diagnostics and maintenance solution; Endpoint is an embedded runtime protection, preventing malicious activity at the ECU.
They are all building blocks in C2A’s Comprehensive in-vehicle cyber security management platform.