UltraSoC and Canis Labs address automotive cybersecurity
UltraSoC and Canis Automotive Labs have partnered to develop hardware-based intrusion detection and mitigation techniques to secure the CAN bus for automotive cybersecurity.
The project is to address the lack of security features within the CAN bus, which is commonly used to interconnect in-vehicle systems such as brakes, steering, engine, airbags, door locks, and headlights. This includes automatic hardware anti-spoofing, defence against bit-level attacks such as the bus-off attack and bit-glitching and resistance to denial of service (DoS) attacks. The collaboration deploys Canis Labs’ CAN-HG technology, a compatible augmentation of the standard CAN bus protocol that includes bus guardian security features which can carry payloads 12 times larger than standard CAN frames.
When combined with UltraSoC’s semiconductor IP for detection and mitigation of cyber threats, CAN-HG allows designers to secure CAN bus designs at the hardware level. The cybersecurity capabilities employ fast bits within the CAN-HG augmented part of a CAN frame to add security information to CAN frames. This can be used by UltraSoC’s protocol-aware monitoring hardware to identify and block suspicious or unauthorised traffic traveling over CAN. These new capabilities will be refined and proved for deployment as part of Secure-CAV, a project that seeks to improve the safety and security of tomorrow’s connected and autonomous vehicles (CAVs).
Aileen Ryan, UltraSoC CSO, commented “Incorporating Canis Labs’ innovative CAN-HG technology into UltraSoC’s products allows us to secure the vehicle ‘from the inside out’ within the underlying electronic hardware.”
Ken Tindell, Canis Labs’ CTO, added: “The most effective way to protect a CAN bus from attacks is to deploy a hardware security device – or better still, use semiconductor IP to incorporate hardware protections into the underlying system”.
CAN is used in the automotive industry but also in industrial, cyberphysical and robotics applications, where safety is paramount. While CAN is physically robust, it lacks cybersecurity features.
Most existing approaches to CAN security are software-based, meaning that they are often unable to react quickly enough to prevent protocol-level attacks. The hardware based Canis Labs / UltraSoC solution can react quickly to prevent an attack from completing, said UltraSoC. Many exploits rely on creating a window of opportunity during which the system is in a vulnerable or unknown state. A fast reaction time can eliminate this window and significantly improve the overall robustness of cybersecurity defences. Secondly, CAN bus is used in many cyberphysical systems, in which elapsed time equates to distance travelled. A faster response time has significant benefits in terms of mitigating the physical consequences of an attempted intrusion, better protecting the safety of citizens and infrastructure.