The modern software-defined vehicle must enable apps that control the customization of vehicle handling, powertrain performance, self-driving functionality, and more. With so many new and different applications, the E/E Architectures of today need to be revolutionized to provide the high-performance capabilities needed for higher levels of functionality.
We already see this happening in both new-age technology startups such as Tesla and Nio who are challenging traditional hardware-oriented vehicle designs, as well as established OEMs who are making the change to their existing foundational architectures. Software now defines the vehicle whereas the traditional hardware is becoming more of a commodity.
With the amount of software used in today’s vehicles, it is critical that the various systems are locked down to ensure that one ECU (i.e. the infotainment), cannot communicate maliciously with another (i.e. brakes). System-wide communication lockdown enables the safety certification of critical systems without minimizing the software capabilities needed.
Another crucial example for potential vehicle vulnerability is OTA updates. These updates are critical to the software-defined vehicle as they reduce downtime and physical trips to a garage for vehicle updates, but also potentially open the door for malicious actors to access the vehicle. The communication lockdown mechanism here must only allow fully verified updates to pass through.
So, communication lockdown for automotive cybersecurity must orchestrate network connectivity internally among the networks, as well as externally with the manufacturer in the most secure manner possible to prevent vehicle hacking or tempering.
The Communication Lockdown™ Methodology presents an innovative approach to automotive security. The Lockdown methodology enforces the allowed “legal” communication, while being completely agnostic to attacks. The core functionality is deterministic, thus preventing any possibility of attacks causing changes in functionality. Our approach to vehicle cybersecurity can be implemented as a centralized solution which locks down all internal network communication or it can be distributed and coordinated across the network acting in unison. It also may be implemented as a local solution to protect single ECUs. The single ECU protection is provided through a simple ‘plug-in’ device that connects to ECU’s that have external connectivity. This way, all external network communication is ‘locked down’.
Such implementations lead to consolidation, lower complexity, easier certification and overall cost reduction. GuardKnox Technology and software stack can be implemented in various hardware architectures, and therefore eases the integration process to existing automotive computers.
The Communication Lockdown™ framework is based on the communication specifications of the vehicle. When a message is sent to the vehicle, it is verified on 3 different levels:
Our vehicles are the smallest unit in which our entire family is gathered. When it comes to the safety and security of our vehicles there is absolutely no room for error. This is why the automotive industry needs to adopt a deterministic approach to vehicle cybersecurity by leading Cybertech Tier companies, such as Communication Lockdown™ by GuardKnox.