Manufacturers of automotive components integrate third-party software and hardware running code, which cannot always be exhaustively tested and validated. The problem becomes more critical for OEMs that have to manage a highly complex software supply chain, which can introduce component-level security vulnerabilities, to which they have little visibility or opportunity to control.
To combat this problem HARMAN is expanding its Over-the-Air (OTA) offering to allow OEMs to effectively tackle the ever-growing security complexity of their software supply chain’s components.
HARMAN Remote Vehicle Updating Service (OTA) leverages its Smart Delta technology, which claims to reduce file update package by up to 99 percent for an efficient full-vehicle software management.
According to the company, new cybersecurity add-on allows the automated triggering of scanning of binaries for cybersecurity vulnerabilities, provides a cybersecurity “risk score” to binaries under the HARMAN OTA solution management, and supports campaign initiation decisions.
It can further assess the risk and impact of zero-day vulnerabilities and shorten response time for OEMs from identification to full recovery. The solution combines the enhanced capabilities of HARMAN OTA solution, with the vulnerability detection solution of partner Cybellum.
The new Automotive Cybersecurity add-on to HARMAN
Remote Vehicle Updating Service (OTA) provides the following capabilities to manage vulnerabilities in the automotive software supply chain:
• Automated scanning of binaries directly from the OTA system before update campaigns are activated.
• An up-to-date security score to help OEMs identify the risk level in deploying specific vehicle software components.
• Continuous monitoring of deployed binaries and identification and alerting of zero-day vulnerabilities utilizing Cybellum solution.
• A full impact analysis at the binary level to assess the level of an OEM’s fleet exposure.
• Seamless integration with partner Cybellum vulnerability detection solution.
Source: Press Release