Vehicle software consists of tens of millions of lines of code. Software of this scale, in any system, includes hundreds to thousands of undiscovered security bugs. These security bugs are the hackers’ gateways into the connected car, and their stepping stone to access critical systems.
What if you could automatically ensure that these security bugs can't be exploited?
Introducing Carwall — the automotive industry’s first Autonomous Security solution!
Carwall hardens the ECU's software runtime environment to detect and prevent all attempted attacks. Carwall doesn't fix the security bugs in your code; it prevents their exploitation by permitting only operations that comply with your ECU's factory settings to run.
Carwall seamlessly integrates into your software development environment and automatically seals your software against cyber attacks. Its lightweight, embedded software contains multiple security layers, which:
Hardening against in-memory attacks. Everybody wants it. Carwall provides it.
When Carwall automatically generates an ECU's security policy, based on its factory settings, it creates a call graph mapping all acceptable calling relationships. Based on the ECU's unique call graph, Carwall inspects binaries in runtime to determine if they've been hijacked from their expected, factory-based, calling sequence and if so, blocks the exploit attempt.
ECUs are hardened against foreign intrusions. Any code or function call that isn't part of the factory settings is detected and prevented. Carwall automatically generates a whitelist of all the programs and scripts that are permitted, which is used to stop the loading of any application not on the whitelist.
Vendors want their development teams focused on functionality: safety components, driver comfort and value-add features. Carwall becomes part of the developer’s software build environment. The factory-settings-based security policy is autonomously generated during the ECU’s software build process and gets embedded back into the ECU’s code.
When creating the image of the ECU code, which should go to production, Carwall is automatically installed into the ECU’s operating system where it functions autonomously.
No developer resources or expertise is required to implement Carwall security on the ECU.
Carwall monitors all code execution, making decisions whether to block or execute code in runtime and without having to query the cloud. As an autonomous security solution, Carwall makes security decisions on the ECU.