Keysight Technologies, a technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, has announced a new automotive cybersecurity program that enables automotive security professionals at car manufacturers (OEM) and their suppliers (Tier 1) to ensure the safety of their vehicles with proactive protection against cyberattacks throughout the R&D and production process, as well as post sales.
There are more connected cars in production and on the road than ever before, and these provide fertile ground for hackers to exploit potential vulnerabilities from inside or outside the vehicle. Numerous on-board systems — infotainment, telematics, engine control units (ECUs) — are potential entry points for malicious attacks. Connected vehicles also use increasingly complex software to provide advanced functionality, creating opportunities for malware to take over and compromise for example a connected vehicle’s braking or steering system, which could result in injuries or lost lives.
Keysight’s Automotive Cybersecurity Program consists of integrated hardware, software and services needed by automotive OEMs and Tier 1s to ensure the safety of their vehicles, address the scale and complexity of rapidly changing technology, facilitate time to market and supplement internal cyber security activities within OEMs and Tier 1 suppliers.
Keysight recognizes that automotive cybersecurity needs to be part of product development from the beginning, throughout the development life cycle, as well as post sales. To address this need, Keysight offers a comprehensive solution that includes the following key elements:
• Hardware that connects to the device under test (DUT) via all relevant interfaces, e.g. Wi-Fi, cellular, Bluetooth, USB, CAN, and Automotive Ethernet
• Software that simulates attacks, reports on vulnerabilities (and severity), and offers recommended fixes
• Device under test (DUT)-specific regression testing that simplifies and accelerates verification of fixes
• Enterprise-level management of testing, including seamless integration with widely used OEM and Tier 1 enterprise platforms
To ensure proactive prevention, Keysight is also offering a subscription service to an evolving threat database. This subscription provides frequent updates with the latest security attacks, evasion tactics, and examples of live malware. The service also includes frequent application protocol releases along with ongoing software updates and enhancements.
Keysight’s Automotive Cybersecurity Program enables car manufacturers and their suppliers to:
• Implement and enforce company-wide security standards
• Establish a company-wide test procedure supporting supplier certification and auditing
• Achieve repeatability through rigorous regression testing and documented workflows and results
• Identify potential vulnerabilities from the physical level to the application layer, including wireless and wireline connections
• Rapidly validate and implement software fixes
• Stay ahead of hackers by proactively assessing security risks before an attack
“In today’s vehicles, heavy reliance on connectivity and software improves convenience but increases the potential attack surface for emerging and evolving cyber threats,” said Siegfried Gross, vice president and general manager of Keysight Automotive and Energy Solutions. “This new program enables OEMs and Tier 1s to enhance vehicle safety by defining, implementing and deploying a consistent, company-wide approach to the testing of potential vulnerabilities.”
