There are more connected cars in production and on the road than ever before, and these provide fertile ground for hackers to exploit potential vulnerabilities from inside or outside the vehicle. Numerous on-board systems — infotainment, telematics, engine control units (ECUs) — are potential entry points for malicious attacks. Connected vehicles also use increasingly complex software to provide advanced functionality, creating opportunities for malware to take over and compromise for example a connected vehicle’s braking or steering system, which could result in injuries or lost lives.
Keysight’s automotive cybersecurity program ensures the safety of automotive OEMs and Tier 1s vehicles with proactive protection against cyberattacks throughout the R&D and production process, as well as post sales.
The automotive cybersecurity program consists of integrated hardware, software, and services to address the scale and complexity of rapidly changing technology, facilitate time to market, and supplement internal cyber security activities within OEMs and Tier 1 suppliers. The key elements of the program are:
- Hardware that connects to the device under test (DUT) via all relevant interfaces, e.g. Wi-Fi, cellular, Bluetooth, USB, CAN, and Automotive Ethernet
- Software that simulates attacks, reports on vulnerabilities (and severity), and offers recommended fixes
- Device under test(DUT)-specific regression testing that simplifies and accelerates verification of fixes
- Enterprise-level management of testing, including seamless integration with widely used OEM and Tier 1 enterprise platforms
To ensure proactive prevention, Keysight is also offering a subscription service to an evolving threat database. This subscription provides frequent updates with the latest security attacks, evasion tactics, and examples of live malware. The service also includes frequent application protocol releases along with ongoing software updates and enhancements.
Keysight’s Automotive Cybersecurity Program enables car manufacturers and their suppliers to:
- Implement and enforce company-wide security standards
- Establish a company-wide test procedure supporting supplier certification and auditing
- Achieve repeatability through rigorous regression testing and documented workflows and results
- Identify potential vulnerabilities from the physical level to the application layer, including wireless and wireline connections
- Rapidly validate and implement software fixes
- Stay ahead of hackers by proactively assessing security risks before an attack