Addresses the security weakness inherent in CAN bus in all vehicles

UltraSoC today announced a significant boost to its automotive cybersecurity offering with the launch of the CAN sentinel; new IP that adds a much-needed hardware-based layer of security into CAN bus, the global industry-standard interconnect for automotive manufacturers and OEMs. The UltraSoC CAN sentinel resides on the bus, monitoring transactions with a vehicle’s electronic control units (ECUs), identifying suspicious activity, preventing malicious messages and silencing attacks.

CAN sentinel is configurable with user-defined security rules, providing protection against common exploits such as frame spoofing, and allowing the system to be upgraded as the threat landscape evolves. Developed as part of the Secure-CAV Consortium of which UltraSoC is a leading member, it integrates with the wider UltraSoC secure embedded analytics and monitoring architecture, enabling the implementation of powerful system-wide cybersecurity protection.

Since its invention 30 years ago, the CAN (controller area network) bus has become ubiquitous in the automotive industry. More recently it has also become recognized as possibly the most serious security vulnerability in cars. A number of high-profile attacks – for example the Miller-Valasek Jeep hack – have exploited its inherent lack of security features. Cybersecurity is an increasing concern for the automotive industry, being a prime cause of product recalls: estimated to have cost the industry $26 billion in 2016, when GM alone recalled 23 million vehicles in one year.

Professor Siraj Shaikh from the Institute of Future Transport and Cities (IFTC) at Coventry University, commented:  “The CAN is a critical area of current and future car designs and in terms of cybersecurity there’s a huge opportunity to make it more secure. The UltraSoC CAN sentinel is designed to spot and tackle not only the real threat of frame spoofing, but to sit in wait and monitor for any other threats and intrusions that may emerge.”

Gajinder Panesar, CTO at UltraSoC, added: “CAN has helped to keep vehicles safe for 30 years, but in a modern vehicle there’s no guarantee of safety without security. It’s vital that automotive technology developers take the evolving cyber risks seriously, and today we have presented them with a simple product with significant potential to improve vehicle cybersecurity. Our products provide intelligent analytics which are capable of learning and evolving to tackle a rapidly changing threat landscape.”

The launch of the CAN sentinel follows hot on the heels of the UltraSoC bus sentinel, the first product in the company’s line-up of cybersecurity hardware. This was launched in late 2019 to simplify the embedding of a secure monitoring architecture into the heart of mission-critical and safety-critical devices, particularly in applications such as connected and autonomous vehicles (CAVs). These new cybersecurity hardware IP products combine with UltraSoC’s secure embedded analytics architecture to provide a complete holistic embedded security solution.

The CAN bus was designed to provide robust communications (with systems such as brakes, steering, engine, airbags, door locks, and headlights) in the harsh automotive environment. While it was designed to be safe, it was not designed to be secure and to fend off cyber attacks. Approaches to secure the CAN have so far focused on stopping cyber-intrusions from the outside (software patches or APIs, securing Wi-Fi devices), rather than embedding security into the bus itself. This has left the CAN bus and the vehicle open to all sorts of potential attack from frame-spoofing hacks which could remotely disable a vehicle, leading to potential blackmail attacks; or even mass attacks on road infrastructure.

A German version of this news is available here