Our patented Communication Lockdown™ methodology for automotive cybersecurity eliminates risks to the safety and security of the vehicle and its passengers while maintaining flexibility and scalability for the software-defined vehicle and next-gen E/E architectures.
This is achieved by enforcing a formally verified and deterministic configuration of communication among the various networks of the vehicle with a three-layer tiered approach. The Communication Lockdown™ Methodology can be implemented as a centralized solution across all internal network communication, as a distributed and coordinated solution across the network or even as a local solution to protect single ECUs. It leads to software consolidation, lower complexity, easier certification and overall cost reduction.
The GuardKnox founding team are veterans of the Israeli Air Force and bring decades of experience providing secure embedded platforms and solutions in advanced connected systems such as Iron Dome, Arrow and Israeli F-35 fighter jets.
The modern software-defined vehicle must enable apps that control the customization of vehicle handling, powertrain performance, self-driving functionality, and more. With so many new and different applications, the E/E Architectures of today need to be revolutionized to provide the high-performance capabilities needed for higher levels of functionality.
We already see this happening in both new-age technology startups such as Tesla and Nio who are challenging traditional hardware-oriented vehicle designs, as well as established OEMs who are making the change to their existing foundational architectures. Software now defines the vehicle whereas the traditional hardware is becoming more of a commodity.
With the amount of software used in today’s vehicles, it is critical that the various systems are locked down to ensure that one ECU (i.e. the infotainment), cannot communicate maliciously with another (i.e. brakes). System-wide communication lockdown enables the safety certification of critical systems without minimizing the software capabilities needed.
Another crucial example for potential vehicle vulnerability is OTA updates. These updates are critical to the software-defined vehicle as they reduce downtime and physical trips to a garage for vehicle updates, but also potentially open the door for malicious actors to access the vehicle. The communication lockdown mechanism here must only allow fully verified updates to pass through.
So, communication lockdown for automotive cybersecurity must orchestrate network connectivity internally among the networks, as well as externally with the manufacturer in the most secure manner possible to prevent vehicle hacking or tempering.
As the importance of electronics and software has grown over the last decade, so has its complexity. Vehicle software has increased by a phenomenal 1500%, from 10 million lines of code to 150 million lines of code—about 1,000 times more code than the Apollo mission spacecraft to the moon.
The vast amounts of code, created by numerous vendors, often have software-related quality issues or conflicts with other ECUs that cause millions of vehicles to be recalled each year. In 2018, software-related recalls cost the car industry more than $17 billion.
In order to integrate Communication Lockdown™ into a vehicle, two readily available documents are used:
Communication Matrix
ECU Specifications
Using automatic tools to create layered protection, a fully deterministic, yet updateable mathematical model that can be formally verified is generated. This model includes a state machine that enforces predetermined states, with a dedicated ruleset generation tool developed by GuardKnox.
The Communication Lockdown™ framework is based on the communication specifications of the vehicle. When a message is sent to the vehicle, it is verified on 3 different levels:
No false positives: The Communication Lockdown™ is not a ‘learning based’ mechanism, therefore there are no false positives!
Fully deterministic: No statistical mechanisms nor need for heuristics, Communication Lockdown™ is not reactionary!
Stand-alone operation: No need for constant updates, configurations or communication with the cloud.
No constant communication: There is no need for cloud connectivity nor on-going need for consistent updates.
Seamless integration: Easily incorporates into the vehicle without the need for third party integrations, fitting the existing Automotive Tiered Value Chain.
Flexible installation: From as little as one ECU, to the entire communication network, depending on the manufacturer’s needs and specifications.
Agnostic to present and future attacks: The Communication Lockdown™ approach does not look for specific attacks but ensures the vehicle continues to function as designed.
Added functionality: The methodology introduces foundations for new revenue streams for OEMs and changes the way end-users interact with their vehicles.
Our vehicles are the smallest unit in which our entire family is gathered. When it comes to the safety and security of our vehicles there is absolutely no room for error. This is why the automotive industry needs to adopt a deterministic approach to vehicle cybersecurity by leading Cybertech Tier companies, such as Communication Lockdown™ by GuardKnox.
Download the Communication Lockdown™ Whitepaper