Vehicles are becoming smarter and better connected. These vehicles incorporate applications based on external communication networks (radiofrequency, WiFi, Bluetooth, 3G, 4G, USB, etc.) which are potential attack surfaces, together with embedded networks (CAN Bus, Flexray, Ethernet, etc.).
The challenge for equipment suppliers and manufacturers is to add new technological skills to their initial expertise, recognised by car manufacturers, in order to integrate these new functionalities. Beyond operational security, the question of cybersecurity must be addressed.
At SCASSI, we are aware of these new issues. We offer a Cybersecurity approach in line with this ongoing context of innovation, management of costs in relation to production volumes, or the increasing complexity related to integrating several functionalities onto the same ECU.
SCASSI constantly works on identifying and perfecting solutions in order to quantify, reduce and control threats related to cybersecurity:
- Vulnerability audit on ECU: ad hoc or ongoing over the development and operating life
- Vulnerability management: COTS mapping (e.g.: AUTOSAR component, Linux Yocto project, etc.), vulnerability flow control
- Risk analysis on:
- an ECU (with several multi-core microcontrollers)
- a sub-system (several ECUs communicating with each other)
- an entire system - e.g.: faults raised, Over The Air
- Intrusion tests on the media available: CAN, 2G, 3G, 4G, WiFi, Bluetooth, USB, serial links, FlexRay, Ethernet, RF (LF/HF) etc., attack surfaces
- Code audits