The UltraSoC CAN Sentinel resides on the bus, monitoring transactions with a vehicle’s electronic control units (ECUs) looking to identify suspicious activity, preventing malicious messages and silencing attacks.
CAN Sentinel is configurable with user-defined security rules, providing protection against common exploits such as frame spoofing, and allowing the system to be upgraded as the threat landscape evolves. Developed as part of the Secure-CAV Consortium of which UltraSoC is a member, it integrates with the wider UltraSoC secure embedded analytics and monitoring architecture, enabling the implementation of powerful system-wide cybersecurity protection.
The CAN (controller area network) bus has become ubiquitous in the automotive industry but, more recently, it has also become recognised as possibly the most serious security vulnerability in cars. A number of high-profile attacks have exploited its inherent lack of security features. Cybersecurity is an increasing concern for the automotive industry, being a prime cause of product recalls: estimated to have cost the industry $26 billion in 2016.
Professor Siraj Shaikh from the Institute of Future Transport and Cities (IFTC) at Coventry University, commented: “The CAN is a critical area of current and future car designs and in terms of cybersecurity there’s a huge opportunity to make it more secure. The UltraSoC CAN Sentinel is designed to spot and tackle not only the real threat of frame spoofing, but to sit in wait and monitor for any other threats and intrusions that may emerge.”
Gajinder Panesar, CTO at UltraSoC, added: “CAN has helped to keep vehicles safe for 30 years, but in a modern vehicle there’s no guarantee of safety without security. It’s vital that automotive technology developers take the evolving cyber risks seriously, and today we have presented them with a simple product with significant potential to improve vehicle cybersecurity. Our products provide intelligent analytics which are capable of learning and evolving to tackle a rapidly changing threat landscape.”
The launch of the CAN Sentinel followsthe launch of the UltraSoC Bus Sentinel, the first product in the company’s line-up of cybersecurity hardware. Unveiled in late 2019, it looks to simplify the embedding of a secure monitoring architecture into the heart of mission-critical and safety-critical devices, particularly in applications such as connected and autonomous vehicles (CAVs).
These new cybersecurity hardware IP products combine with UltraSoC’s secure embedded analytics architecture to provide a complete holistic embedded security solution.
The CAN bus was designed to provide robust communications (with systems such as brakes, steering, engine, airbags, door locks, and headlights) in the harsh automotive environment. While it was designed to be safe, it was not designed to be secure and to fend off cyber attacks. Approaches to secure the CAN have so far focused on stopping cyber-intrusions from the outside (software patches or APIs, securing Wi-Fi devices), rather than embedding security into the bus itself. This has left the CAN bus and the vehicle open to all sorts of potential attack from frame-spoofing hacks which could remotely disable a vehicle, leading to potential blackmail attacks; or even mass attacks on road infrastructure.