Cyber security solution for automotive ECUs


Industrial fleet vehicles that rely on data-driven systems are as vulnerable to cyber attack as physical assets and devices.

Today’s data-reliant vehicles are covered by a number of security regulations including ISO/SAE 21434 and UNECE WP.29 R155 regulation for cybersecurity in vehicles that recommends runtime awareness to detect cyber attacks and intrusions. Runtime cybersecurity monitoring can strengthen a cybersecurity management system.

UNECE WP.29 R155 regulation requires solutions to address threats regarding back-end servers related to vehicles in the field; Threats to vehicles regarding their communication channels; Threats to vehicles regarding their update procedures; Threats to vehicles regarding unintended human actions facilitating a cyber attack; Threats to vehicles regarding their external connectivity and connections; Threats to vehicle data/code; Potential vulnerabilities that could be exploited if not sufficiently protected or hardened.

Possible cyber attack impacts may include safe operation of vehicle affected; Vehicle functions stop working; Software modified, performance altered; Software altered but no operational effects; Data integrity breach; Data confidentiality breach; Loss of data availability and criminal activity.

A new cybersecurity solution has been launched aimed specifically at protecting modern data-reliant vehicles. AnCyR is a patent-pending technology that is the first host-based anomaly detection optimised for automotive ECU intrusion detection (IDS) cybersecurity.

AnCyR is based on five years of research at the University of Arizona with support from the National Science Foundation. AnCyR’s anomaly detection technology combines statistical, probabilistic, and machine learning algorithms to accurately detect attacks with best-in-class false positives, latency, and overhead.

Host-Based Detection: Runs on ECU for rapid detection; No dependencies with other ECUs or cloud-based analysis; Accurate Detection including Zero-Day Attacks; Detects changes in software operation caused by zero-day attacks; Attacks detected including buffer overflows, code injection, ROP, and more.

Platform  agnostic: AnCyR can be compiled to any processor platform; Scalable from microcontrollers to multicore processors; Cloud and Vehicle Security Operations Centre (VSOC) agnostic.

Low Latency and Overhead: Detects attacks in real-time in milliseconds; Optimized for ECUs and has low memory and performance overhead.

AnCyR monitors software subcomponents using a synergistic combination of statistical, probabilistic, and machine learning algorithms to achieve high attack detection with best-in-class false positives.

Benefits include easy to use automated vulnerability scanning; automatic generation of Software Bill of Materials (SBOM)’; new SBOM generated with each new build; SBOMs sent to Dependency Track (OWASP’s free scanning tool); Dependency Track provides vulnerability tracking across builds, notifications, policy setting; scanned daily to check for new vulnerabilities and uses NIST’s National Vulnerability Database.

Related Posts
Others have also viewed

Generative AI at work: Creating a transparent company culture

The power of generative AI has risen to prominence in the past year. Even for ...

Businesses fail to achieve highly resilient connectivity as commodity IoT providers fail to deliver

A new State of IoT Adoption report launched today by Eseye, a leading global IoT ...

AI-powered computer vision enhances safety in industrial workplaces

RoboK, a startup applying AI-powered computer vision to logistics and industrial workplaces, has announced $2.1 ...

2m UK university and research facility credentials hacked

2.2 million personal credentials are available on the dark web stolen from the top 100 ...