By Ling Cheng (Senior Product Marketing Manager)
Following this year's CES, where various manufacturers (OEMs) unveiled numerous concepts aimed at giving software-defined vehicles (SDVs) a more distinctive appearance, it has become evident that as SDVs iterate at an accelerated pace, a significant challenge arises: How can the automotive industry effectively and continuously conduct dynamic cybersecurity risk assessment to keep up with this rapid rate of updates? As innovation drives the industry toward increasingly interconnected and software-driven vehicles, the necessity for robust cybersecurity measures becomes paramount.
Risk scoring serves as a critical method to evaluate risks within an organization and determine their respective priority levels. Both UN R155 and ISO/SAE 21434 consistently emphasize the importance of this aspect. By integrating cutting-edge technologies, VicOne revolutionizes the approach to cybersecurity risk assessment, ensuring proactive and adaptive measures are in place to safeguard SDVs and critical systems against evolving threats. In this blog entry, we delve into how VicOne harnesses the power of AI and large language models (LLMs), which are a form of generative AI, to expedite this process and effectively address common challenges encountered during risk assessment in the automotive industry.
- Challenge 1: A rapidly evolving threat landscape
Our recent report notes that more than 300 automotive-related vulnerabilities are discovered annually. And then there is the growing concern over zero-day vulnerabilities and underground activities. With cyberthreats and attack techniques in constant evolution, risk assessments require ongoing updates to reflect emerging threats and vulnerabilities. Leveraging AI and LLMs, VicOne swiftly aggregates automotive threat intelligence from diverse sources such as open-source intelligence, dark web, deep web, and automotive security communities. This contextualized threat intelligence furnishes detailed insights into attack vectors, paths, and tactics, techniques, and procedures (TTPs), empowering vehicle security operations center (VSOC) teams to stay ahead of evolving threats. - Challenge 2: Resource constraints
Conducting a comprehensive cybersecurity risk assessment demands considerable time, resources, and expertise, posing challenges for many organizations with resource constraints. To address this, VicOne offers a solution where the VSOC team can effortlessly access contextualized automotive threat intelligence through an LLM-empowered chatbot interface. This personalized information streamlines investigations and enables prompt responses to identified risks, while customizable reports tailored to different roles further optimize resource utilization. - Challenge 3: Uncertain human factors
With the introduction of new services to enhance driving experiences, SDVs are becoming increasingly susceptible to diverse user behaviors and human factors that weaken their security posture, such as inadvertently clicking on phishing messages or installing malicious apps. To mitigate this, our xNexus next-gen VSOC platform utilizes AI and LLMs to correlate vast amounts of connected vehicle data, such as detection from sensors in vehicles (xCarbon), in mobile phones (Smart Cockpit Protection), and in the cloud. Combining this data with contextualized automotive threat intelligence, we can provide actionable intelligence. This proactive approach distinguishes clearly malicious attacks from suspicious anomalies, reducing false alarms and strengthening the security framework for connected vehicles.
As cars evolve and their surrounding ecosystem becomes more intricate, the risk of sophisticated and innovative attack behaviors escalates. Combining our products with the power of AI and LLMs, we can accurately analyze abnormal behaviors, swiftly gaining actionable insights through the analysis of data from a variety of sources. Additionally, our agile investigation approach enables us to score and share actionable insights through chatbot technology, enhancing efficiency. With our innovative solutions, we are committed to combating cyberthreats in the automotive industry, ensuring the safety and security of SDVs and critical systems.
