With the continuous integration of connected cars into everyday life, it’s no wonder that more emphasis has been placed on a fully on-board intrusion detection and prevention system (IDPS) approach when it comes to automotive cybersecurity. Despite its significance, however, this approach would be found wanting against the rapidly evolving threat landscape. Since it is typically implemented on a specific electronic control unit (ECU), it won’t be able to detect anomalies in the network.
In 2017, ethical hackers from Tencent Keen Security Lab demonstrated that it is possible to take control of a BMW remotely. The researchers were able to stage a contactless attack on the vehicle’s telematics control unit (TCU), which allowed them to send crafted CAN bus messages that compromised its various ECUs.
The need for ECU-level protection
While the 2017 BMW hack was only experimental, it underscored the importance of a vehicle’s on-board intrusion detection and prevention system (IDPS). This ECU-level protection detects an unauthorized attack at the precise moment it happens and then responds to that potential anomaly in real time.
Aside from protecting critical ECUs from cyberattacks, an on-board IDPS also ensures that a breach, should there be one, can’t extend beyond the affected sensor or unit.
xCarbon: On-board IDPS and beyond
VicOne’s xCarbon goes beyond this approach as it secures both a connected car’s on-board and off-board systems. Designed for hardened security, VicOne’s xCarbon is a frictionless IDPS for multiple ECUs. It supports broad hardware/software (HW/SW) platforms yet is lightweight and configurable based on the ECU and electrical and electronic architecture (EEA). This robust software-based security agent ensures that the right technique is deployed against the right threat at the right time.
xCarbon uses known intrusion signatures to analyze traffic while proactively filtering malicious packets. In case ECU-level exploits via vulnerability do arise, xCarbon deploys virtual patches that prevent and intercept these from escalating further.
To read more research on other possible vulnerabilities in connected cars and learn best security practices, visit our resource center.
