By 2022, more than two-thirds of new cars on American roads will have online connections to their safety-critical system, putting them at risk of deadly hacks (Consumer Watchdog report, July 2019) to vehicles’ “head” system, used primarily for infotainment, GPS navigation, and other features. To better protect vehicles from cyberattacks, Sectigo, the world’s largest commercial Certificate Authority and a provider of purpose-built and automated PKI management solutions, today released the Sectigo Embedded Firewall for Automotive.
Part of the Sectigo IoT Identity Platform, the new product was developed specifically for transportation security. To speed adoption–and security–across the automotive supply chain, Mentor, a Siemens business, a technology leader in embedded software and electronic design automation (EDA), has integrated the Sectigo Embedded Firewall for Automotive with its popular AUTOSAR platform.
“As a leading provider of AUTOSAR standard software, it is imperative that we offer solutions that help our customers, including ECU suppliers and transportation OEMs, to protect cars and fleets from network-based cyberattacks,” said Mathias Fritzson, VSTAR Product Manager at Mentor, a Siemens Business. “Through product integration with Sectigo, a leader in end-to-end IoT identity and integrity, our customers will be able to easily add critical security capabilities to their devices. A global tier-one automotive ECU supplier is one of the early adopters of our Sectigo-enabled AUTOSAR platform, indicating the urgency for embedded security.”
To protect from these attacks, automotive manufacturers need an embedded firewall to control traffic into the exposed electronic control units (ECUs) in a vehicle, similar to how a firewall protects home and corporate networks. Embedded firewalls help prevent access from outside cyberattacks on a car’s electronics, while still enabling authenticated access for software upgrades and updates.
Available today, Sectigo Embedded Firewall for Automotive is the only security solution that has been embedded within automotive ECUs to provide anomaly detection, stateful packet inspection, rules-based filtering, and threshold-based filtering.
By protecting ECUs such as advanced driver assistance systems (ADAS), steering, braking, etc. from attack, the firewall prevents access from outside cyberattacks on a car’s electronics, while enabling access to upgrades and updates. The firewall:
- Works with AUTOSAR, Real Time Operating Systems (RTOS) and Linux to configure filtering rules
- Offers deep packet inspection for industrial protocols, including CAN bus
- Meets the requirements of automotive systems by enforcing defined security policies, limiting communication with vehicle control systems to a small set of trusted hosts, and blocking attacks from any other source.