Companies are realizing that automotive cybersecurity needs to be part of product development from the beginning, throughout the development life cycle, as well as post sales. To address this need, Keysight Technologies has announced a new automotive cybersecurity program that would enable automotive security professionals at car manufacturers (OEM) and their suppliers (Tier 1) to ensure the safety of their vehicles with proactive protection against cyberattacks throughout the R&D and production process, as well as post sales.
The Program consists of integrated hardware, software, and services needed by automotive OEMs and Tier 1s to ensure the safety of their vehicles, address the scale and complexity of rapidly changing technology, facilitate time to market, and supplement internal cyber security activities within OEMs and Tier 1 suppliers.
The solution includes the following key elements:
• Hardware that connects to the device under test (DUT) via all relevant interfaces, e.g. Wi-Fi, cellular, Bluetooth, USB, CAN, and Automotive Ethernet
• Software that simulates attacks, reports on vulnerabilities (and severity), and offers recommended fixes
• Device under test (DUT)-specific regression testing that simplifies and accelerates verification of fixes
• Enterprise-level management of testing, including seamless integration with widely used OEM and Tier 1 enterprise platforms
To ensure proactive prevention, Keysight is also offering a subscription service to an evolving threat database. This subscription provides frequent updates with the latest security attacks, evasion tactics, and examples of live malware. The service also includes frequent application protocol releases along with ongoing software updates and enhancements.
Keysight’s Automotive Cybersecurity Program enables car manufacturers and their suppliers to:
• Implement and enforce company-wide security standards
• Establish a company-wide test procedure supporting supplier certification and auditing
• Achieve repeatability through rigorous regression testing and documented workflows and results
• Identify potential vulnerabilities from the physical level to the application layer, including wireless and wireline connections
Source: Press Release