Implementations to Automotive Connectivity
Connected cars increasingly rely on computer processors and upwards of 100 million lines of computer code to operate. With the proliferation of processors and vehicle software the cyberattack surface and sophistication of hacks has grown.
The federal government has ramped up its response with FBI warnings to automakers and consumers to “maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles.” The National Highway Traffic Safety Administration has released guidelines to ensure automakers are designing cars to be safe against cyberattacks.
Karamba Security has ramped up its engagement with industry and academic consortiums, all of whom are working on addressing the potential risks. In recent months, we’ve joined GENIVI, a non-profit open platform for IVI systems, where we are part of the organization cybersecurity committee, FASTR, a nonprofit cybersecurity research consortium of automakers, suppliers and software companies, in addition to Auto-ISAC which monitors potential threats, shares intelligence, and has developed a series of best practices.
Most recently, we’ve joined AGL, an open source project hosted by The Linux Foundation that is changing the way automotive manufacturers build software. More than 100 members are working together to develop a common platform that can serve as the de facto industry standard.
It is Karamba Security’s goal to build in cyber protections from the early stages of design, with zero false positives and seamless integration. Our CTO Assaf Harel will serve on the AGL Cybersecurity Task Force to collaboratively develop the groups’ seminal cybersecurity best practices.
Benefits of an Open Platform
Sharing an open platform allows for code reuse and a more efficient development process as developers and suppliers can build once and have a product work for multiple OEMs. This ultimately reduces development costs, decreases time-to-market for new products and reduces fragmentation across the industry.
As a point of reference, the AGL infotainment platform was built from the ground up by hundreds of engineers across the industry who contributed code to develop a robust, Linux-based operating system and application framework with increased security and capabilities.
Although initially focused on infotainment, AGL is the only organization planning to address all software in the vehicle, including instrument cluster, heads up display, telematics, advanced driver assistance systems (ADAS) and autonomous driving.
We commend the AGL for taking a “security-first” leadership position in resolving cybersecurity vulnerabilities at the software stack level, thereby enabling automakers to focus on their core mission and customize the platform with features, services and branding to meet their product and customer needs.
The course has been set. Let’s hit the road together. We can envision no greater outcome than for Assaf and his fellow task force members to succeed.
