xCarbon
Building an IDS/IPS In-House Sounds Good, But Maintaining It Is a Hassle
High Footprint
Anxiety
Maintaining effective detection rule updates for proactive defense is challenging. Crafting patterns requires human effort, and as the number of rules grows, so does the memory footprint, leading to longer detection times. This strains already resource-tight electronic control units (ECUs), potentially impacting system reliability.
False Alert
Overload
Dealing with high volumes of false alarms daily necessitates either investing in additional manpower or implementing filtering mechanisms to minimize inaccuracies. But this introduces additional complexity into the system design.
Escalating
Transmission Costs
Transmitting data from over a million vehicles to the cloud can trigger data transmission costs to soar to as much as US$2.1M per month,* potentially becoming an overwhelming financial load. How to minimize sending unnecessary security events to the vehicle security operations center (VSOC) becomes a major consideration.
*Source: AECC
Say Goodbye to System Overhauls
With Our Frictionless IDS/IPS
Lightweight Implementation
Flexibility With Modular Design
xCarbon is a lightweight, modularized, and configurable software-based intrusion detection or prevention system (IDS/IPS) that empowers OEMs and Tier 1 suppliers by enabling specific detection functions to meet E/E architecture needs. It frictionlessly fits into various types of hardware, ranging from low-end MCUs to high-end HPCs. With its flexible advantages, xCarbon effectively detects malicious system activities, network threats, and CAN anomalies with minimal CPU and memory usage.
Precise Detection
Unique Threat Expert Rules to Cut Through the Noise
Utilizing our unique automotive threat intelligence, we can extract key “signatures” from attack techniques, converting them into unique threat expert rules. This enables you to pinpoint potential attacks with laser-sharp precision when similar attack signatures appear, minimizing overall false-positive detection. xCarbon boasts over 2,000 threat expert rules that can help detect threats such as denial-of-service (DoS) or container escape attacks. You have the flexibility to define which rules to deploy onto xCarbon based on your system’s needs.
Customizable Defenses
Automated Detection and Response at the Edge
Empowering you with unparalleled flexibility, xCarbon enables you to build your own detection and response capabilities based on different scenarios. This grants you complete control to specify how xCarbon detects and responds at the edge according to your unique requirements. For example, you can choose to ask xCarbon to take proactive measures, like notifying OEMs or third-party service providers upon encountering a suspicious app or a container escape attack.
Full Control
Streamlined Life Cycle Management
With xCarbon’s management console, you can efficiently oversee the entire process from early development and testing to later stages with mass deployment. You can update and deploy rules across multiple xCarbon instances effortlessly. When xCarbon detects potential attacks in ECUs, you can use xCarbon’s management console to monitor events in real time, focusing on identifying malicious attacks rather than suspicious anomalies.
Edge AI Detection
Frictionlessly Enabling Self-Defending Smart Vehicles
Utilizing the NPU-powered* computing foundation for AI, xCarbon’s Edge AI** feature can correlate vehicle data and security events across multiple ECUs. The solution transforms scattered data into contextualized attack paths — all processed right at the edge. As a result, vehicles can learn, recognize threats, and defend themselves — reducing cloud dependency, lowering costs, and keeping data secure on-board.
*CPU/GPU version also available
**Patent pending
Low Data Send-Out
Low Transmission Costs With 60% Reduction
xCarbon can act as a VSOC sensor, sending on-board telemetry data, system activity, and critical events to our next-gen VSOC platform, xNexus, for off-board analysis and forensics. With our leading machine learning (ML) model and our unique threat expert rules, xCarbon can retrieve and send back only threat-relevant security logs, thus reducing system bandwidth. This approach can reduce system log transfer volume by at least 60%.*
*Based on our lab test
More Product Features
- Next-gen Ethernet firewall. Identify suspicious events in Ethernet (e.g., DoS attacks, malicious payloads) and network vulnerabilities. See Demo
- CAN anomaly detection. Detect malicious CAN messages, such as messages with abnormal IDs, frequencies, and payloads caused by attacks.
- Advanced system protection. Our host-based IDS can detect abnormal system activities to ensure system integrity and block unauthorized applications from running on an ECU or service-oriented architecture (SOA).
- Readiness for risks in software-defined vehicles (SDVs). Our award-winning xCarbon not only provides container security but also supports operations within virtual machine (VM) environments. Learn More
- Unique virtual patch technology. xCarbon can deploy virtual patches, providing you with an average of 102 days of protection while awaiting the availability of a vendor patch. Learn More
- Rich on-board data for full visibility. Acting as an intelligence VSOC sensor, xCarbon can collect system activities and critical events for off-board analysis. Read Use Case
Our Collaborations
Why xCarbon?
Frictionless Integration
xCarbon supports various operating systems, including Embedded Linux, Android Automotive OS, and QNX. With a modular design and AUTOSAR/SOA compatibility, xCarbon provides adequate features and configurations to meet different vehicle and service levels.
Long-Term Support
xCarbon has dedicated experts to support you throughout a vehicle’s long life cycle. They can also provide you with a customized solution in as little as two days.
102-Day Early Protection
xCarbon deploys virtual patches* or IPS rules, giving you an average of 102 days of protection while waiting for a vendor patch to become available.
*Patent pending
30+ Years of Threat Intelligence
xCarbon leverages Trend Micro’s 30+ years of cybersecurity expertise, providing deep knowledge with actionable intelligence — enabling you to get the protection you need faster.
Readiness for SDV Risks
Our award-winning xCarbon leads in supporting SDVs, offering container security, virtualization, and hypervisor capabilities. xCarbon can also detect unique zero-day vulnerabilities discovered at Pwn2Own Automotive. Read More
Automotive Grade
VicOne is certified with ASPICE CL2 product and project compliance. Read More
Awards We’ve Won
Know More From Our Resources
Gain Insights Into Automotive Cybersecurity
- Read More
Solution BriefsMay 8, 2025Many automotive cybersecurity teams are overwhelmed by disconnected intel feeds, unclear priorities, and growing compliance expectations. VicOne’s ...
