By 2022, more than two-thirds of new cars on American roads will have online connections to their safety-critical system, putting them at risk of deadly hacks to vehicles’ “head” system, used primarily for infotainment, GPS navigation, and other features (Consumer Watchdog report, July 2019).
To better protect vehicles from cyberattacks, Sectigo, the world’s largest commercial Certificate Authority and a provider of purpose-built and automated PKI management solutions, released the Sectigo Embedded Firewall for Automotive.
Part of the Sectigo IoT Identity Platform, the new product was developed specifically for transportation security. In order to speed adoption–and security–across the automotive supply chain, Mentor, a Siemens business and technology leader in embedded software and electronic design automation (EDA), has integrated the Sectigo Embedded Firewall for Automotive with its popular AUTOSAR platform.
“As a leading provider of AUTOSAR standard software, it is imperative that we offer solutions that help our customers, including ECU suppliers and transportation OEMs, to protect cars and fleets from network-based cyberattacks,” said Mathias Fritzson, VSTAR Product Manager at Mentor, a Siemens Business.
“Through product integration with Sectigo, a leader in end-to-end IoT identity and integrity, our customers will be able to easily add critical security capabilities to their devices. A global tier-one automotive ECU supplier is one of the early adopters of our Sectigo-enabled AUTOSAR platform, indicating the urgency for embedded security.”
“Sectigo’s Embedded Firewall enables automotive ECU suppliers to enforce filtering rules, detect anomalies, and identify traffic variances to prevent cyberattacks. This unique functionality maximizes driver safety and helps prevent the loss of intellectual property, disruption of services, and proliferation of an attack to other systems,” explained Alan Grau, VP of IoT/Embedded Solutions, Sectigo.
“With integration of our embedded firewall into its AUTOSAR platform, Mentor is expanding distribution, integration, and access to critical cybersecurity technology to its base of automotive ECU customers across the industry.”
Protecting automotive ECUs through IoT authentication
To protect from cyberattacks, automotive manufacturers need an embedded firewall to control traffic into the exposed electronic control units (ECUs) in a vehicle, similar to how a firewall protects home and corporate networks. Embedded firewalls help prevent access from outside attacks on a car’s electronics, while still enabling authenticated access for software upgrades and updates.
Available today, Sectigo’s Embedded Firewall for Automotive is the only security solution that has been embedded within automotive ECUs to provide anomaly detection, stateful packet inspection, rules-based filtering, and threshold-based filtering.
By protecting ECUs such as advanced driver assistance systems (ADAS), steering, braking, etc. from attack, the firewall prevents access from outside cyberattacks on a car’s electronics, while enabling access to upgrades and updates. The firewall:
- Works with AUTOSAR, Real Time Operating Systems (RTOS) and Linux to configure filtering rules
- Offers deep packet inspection for industrial protocols, including CAN bus
- Meets the requirements of automotive systems by enforcing defined security policies, limiting communication with vehicle control systems to a small set of trusted hosts, and blocking attacks from any other source.