Building an IDS/IPS In-House Sounds Good, But Maintaining It Is a Hassle
High Footprint
Anxiety
Maintaining effective detection rule updates for proactive defense is challenging. Crafting patterns requires human effort, and as the number of rules grows, so does the memory footprint, leading to longer detection times. This strains already resource-tight electronic control units (ECUs), potentially impacting system reliability.
False Alert
Overload
Dealing with high volumes of false alarms daily necessitates either investing in additional manpower or implementing filtering mechanisms to minimize inaccuracies. But this introduces additional complexity into the system design.
Escalating
Transmission Costs
Transmitting data from over a million vehicles to the cloud can trigger data transmission costs to soar to as much as US$2.1M per month,* potentially becoming an overwhelming financial load. How to minimize sending unnecessary security events to the vehicle security operations center (VSOC) becomes a major consideration.
*Source: AECC
Say Goodbye to System Overhauls With Our Frictionless IDS/IPS
Lightweight Implementation
Flexibility With Modular Design
xCarbon is a lightweight, modularized, and configurable software-based intrusion detection or prevention system (IDS/IPS) that empowers OEMs and Tier 1 suppliers by enabling specific detection functions to meet E/E architecture needs. It frictionlessly fits into various types of hardware, ranging from low-end MCUs to high-end HPCs. With its flexible advantages, xCarbon effectively detects malicious system activities, network threats, and CAN anomalies with minimal CPU and memory usage.
Precise Detection
Unique Threat Expert Rules to Cut Through the Noise
Utilizing our unique automotive threat intelligence, we can extract key "signatures" from attack techniques, converting them into unique threat expert rules. This enables you to pinpoint potential attacks with laser-sharp precision when similar attack signatures appear, minimizing overall false-positive detection. xCarbon boasts over 2,000 threat expert rules that can help detect threats such as denial-of-service (DoS) or container escape attacks. You have the flexibility to define which rules to deploy onto xCarbon based on your system's needs.
Customizable Defenses
Automated Detection and Response at the Edge
Empowering you with unparalleled flexibility, xCarbon enables you to build your own detection and response capabilities based on different scenarios. This grants you complete control to specify how xCarbon detects and responds at the edge according to your unique requirements. For example, you can choose to ask xCarbon to take proactive measures, like notifying OEMs or third-party service providers upon encountering a suspicious app or a container escape attack.
Full Control
Streamlined Life Cycle Management
With xCarbon's management console, you can efficiently oversee the entire process from early development and testing to later stages with mass deployment. You can update and deploy rules across multiple xCarbon instances effortlessly. When xCarbon detects potential attacks in ECUs, you can use xCarbon's management console to monitor events in real time, focusing on identifying malicious attacks rather than suspicious anomalies.
Edge AI Detection
Frictionlessly Enabling Self-Defending Smart Vehicles
Utilizing the NPU-powered* computing foundation for AI, xCarbon's Edge AI** feature can correlate vehicle data and security events across multiple ECUs. The solution transforms scattered data into contextualized attack paths — all processed right at the edge. As a result, vehicles can learn, recognize threats, and defend themselves — reducing cloud dependency, lowering costs, and keeping data secure on-board.
Low Data Send-Out
Low Transmission Costs With 60% Reduction
xCarbon can act as a VSOC sensor, sending on-board telemetry data, system activity, and critical events to our next-gen VSOC platform, xNexus, for off-board analysis and forensics. With our leading machine learning (ML) model and our unique threat expert rules, xCarbon can retrieve and send back only threat-relevant security logs, thus reducing system bandwidth. This approach can reduce system log transfer volume by at least 60%.*
More Product Features
- Next-gen Ethernet firewall. Identify suspicious events in Ethernet (e.g., DoS attacks, malicious payloads) and network vulnerabilities. See Demo
- CAN anomaly detection. Detect malicious CAN messages, such as messages with abnormal IDs, frequencies, and payloads caused by attacks.
- Advanced system protection. Our host-based IDS can detect abnormal system activities to ensure system integrity and block unauthorized applications from running on an ECU or service-oriented architecture (SOA).
- Readiness for risks in software-defined vehicles (SDVs). Our award-winning xCarbon not only provides container security but also supports operations within virtual machine (VM) environments. Learn More
- Unique virtual patch technology. xCarbon can deploy virtual patches, providing you with an average of 102 days of protection while awaiting the availability of a vendor patch. Learn More
- Rich on-board data for full visibility. Acting as an intelligence VSOC sensor, xCarbon can collect system activities and critical events for off-board analysis. Read Use Case
Our Collaborations
Demonstrate Cybersecurity Solutions for Autonomous Driving. Aiming for commercial provision for autonomous mobility services in 2025
Brian Carlson
Leveraging the NXP S32G processor's powerful compute, networking and security capabilities, and integrated with VicOne's dynamic security software, offers an attractive solution to address ever-evolving, vehicle cybersecurity threats.
Andrew Till
Working with VicOne to develop this solution demonstrates the power of the security ecosystem to deliver leading edge solutions for Tier 1s and OEMs.
Joint effort combines capabilities to create robust virtualization security solution for automotive stakeholders to develop software-defined vehicles easily and securely
Expanded collaboration to provide security solutions to detect and mitigate cyberattacks on the in-vehicle side by 2025
Lin Ying-Fan
We collaborate with VicOne to enhance public transportation automation and the safety of the internet of vehicles. This collaboration also optimizes overall remote monitoring and autonomous driving safety.
Dr. Cally Ko
Our partnership with VicOne will enable our customers to comply with the highest standards of international regulations and quickly deploy safe and efficient charging infrastructure.
Alexander Su
Partnering with VicOne to deliver industry-leading solutions for automotive manufacturing customers and smart city planners worldwide.
Kelly Wu
VicOne provides a top-of-the-line solution that our customers can trust for robust and future-ready cybersecurity coverage.
Know More From Our Resources
GAIN INSIGHTS INTO AUTOMOTIVE CYBERSECURITY
Prerequisites for Vulnerability Management in Automotive Cybersecurity in the AI Era
As AI accelerates exploit development, CVSS scores alone no longer suffice. Here's what automotive OEMs and suppliers must prioritize now.
READ MORE →Copy Fail and DirtyFrag: When Linux Kernel Flaws Become Automotive Cybersecurity Risks
Copy Fail (CVE-2026-31431) exposes how a Linux kernel flaw can impact automotive systems. See the risk, MITRE mapping, and xCarbon response.
READ MORE →VicOne Situational Awareness Report: Cybersecurity in the Automotive, Transportation, and Logistics Sectors in Q1 2026
VicOne recorded 405 automotive cybersecurity incidents in Q1 2026. Ransomware persisted, EV charging incidents tripled, and AI emerged as a new attack surface. This report breaks down the threats by region, domain, and vulnerability type.
READ MORE →AI Supply Chain Attacks Are Here: What Automotive OEMs Need to Know
AI supply chain attacks are no longer theoretical. VicOne's Automotive CyberThreat Research Lab breaks down how attackers are exploiting AI development tooling, why automotive OEMs face elevated exposure, and what security teams should do now.
READ MORE →