Our patented Communication Lockdown™ methodology eliminates risks to the security of the vehicle and its passengers while maintaining flexibility and scalability for next-gen E/E architectures in the software-defined vehicle.
Communication Lockdown™ enforces a formally verified and deterministic configuration of communication among the various networks of the vehicle through a three-layer tiered approach. This methodology can be implemented in a number of ways:
It leads to software consolidation, lower complexity, smoother certification and an overall reduction in costs.
The methodology was developed by the GuardKnox founding team based on their decades of experience in the Israeli Air Force providing secure embedded platforms and solutions in advanced connected systems such as the Iron Dome, Arrow and Israeli F-35 fighter jets.
The modern software-defined vehicle enables defining vehicle handling, powertrain performance, self-driving functionality, and more through software services, or applications. This capability unlocks vehicle customization and personalization during any stage of production or even after the vehicle is off the production line. Legacy E/E Architectures cannot provide the high-performance capabilities needed for higher levels of functionality in these new and advanced applications.
Next gen E/E architectures are already deployed both by new-age technology startups such as Tesla and Nio, as well as established OEMs transitioning to next-gen E/E architectures from their existing ones. Vehicles are now defined by their software and software capabilities whilehardware has become more of a commodity.
System security protection is critical in the SDV’s software-heavy environment to ensure that one ECU (e.g. an infotainment ECU) cannot communicate maliciously with another (e.g. brakes). System-wide communication lockdown enables the security certification of critical systems without minimizing the software capabilities needed.
OTA updates are another example for potential vehicle vulnerability and attack surface in connected vehicles. The ability to update software via OTA is critical to the software-defined vehicle, but can also open the door for malicious actors.
A secure connected vehicle must orchestrate network connectivity internally among its networks, as well as externally with the manufacturer in the most secure manner possible to prevent vehicle hacking or tampering.
Communication Lockdown™ enforces the allowed “legal” communication, while being completely agnostic to attacks. The core functionality is deterministic, thus preventing cyber attacks that would cause changes in functionality.
In order to integrate Communication Lockdown™ into a vehicle, two readily available documents are used:
Using automatic tools to create layered protection, a fully deterministic, yet updatable mathematical model that can be formally verified is generated. This model includes a state machine that enforces predetermined states, with a dedicated ruleset generation tool developed by GuardKnox. Integration is straightforward with:
No false positives: The Communication Lockdown™ is not a ‘learning based’ mechanism.
Fully deterministic: No statistical mechanisms or heuristics.
Stand-alone operation: Secures the vehicle without needing cloud connectivity yet easy to update when necessary.
Seamless integration: Fits the existing automotive supply chain with no third party integrations.
Flexible installation: From one ECU to the entire communication network.
Agnostic to present and future attacks: Does not look for specific attacks but ensures the vehicle continues to function as designed.
Added functionality: Introduces foundations for new revenue streams and changes the way end-users interact with their vehicles.
Our vehicles are the smallest unit in which our entire family is gathered. When it comes to their safety and security there is no room for error. This is why the automotive industry needs to adopt a deterministic approach to vehicle cybersecurity.Download the Communication Lockdown™ Whitepaper