Automotive connectivity is an ongoing concern, with vulnerability to attacks from bad actors being demonstrated in models from a range of manufacturers. The inexorable rise in popularity of electric vehicles can only add to that unease because several features of connected EVs such as the batteries and their charging systems are associated with inherent safety implications.
Automotive application developers are already familiar with the demands of functional safety standards, including ISO 26262’s defined development, validation, and verification processes, and with the capacity of the LDRA tool suite to help achieve those aims. The benefits of virtualization in the automotive sector are also well known, and class-leading COQOS hypervisors present an opportunity for development teams to realize reduced cost; reduced device seize, weight and power (SWaP); improved CPU performance, and a NAconvenient migration path for unmodified legacy applications.
It is their capacity to provide a mechanism for domain separation, however, that is critical to automotive cybersecurity. The need for inter-process communication (IPC) between those domains is inevitable and a likely source of vulnerabilities. The role of secure application code is pivotal in that context because the code handling the data processed by IPCs has a key role to play in defending a potential weakness in a virtualized architecture.
OpenSynergy focuses on the automotive virtual platform COQOS Hypervisor SDK based on VIRTIO technology. The hypervisor on this platform runs directly on the System-on-Chip (SoC) application cores and creates several virtual machines (VMs). Each VM is isolated from the others. This separation makes it possible to run functions with different real-time behavior and functional safety requirements simultaneously on a single SoC.
“The wisdom of a defense-in-depth strategy is unquestionable,” said Matthias Stumpf, Vice President (VP) Sales OpenSynergy. “Defenses against cyberattack are often envisaged as analogous to a medieval castle with moats, perimeter walls and armed soldiers all operating independently. But the combination of LDRA’s secure coding and OpenSynergy’s hypervisor technology goes beyond that analogy by combining defenses that are mutually supportive, ensuring a level of security that they could not provide independently.”
“Automotive application software developers have a lot to contend with,” added Ian Hennell, Operations Director, LDRA. ”The demands of ISO 26262 are challenging enough, and the emergence of the connected car with its implications for cybersecurity only adds to those challenges. By providing a tool suite that allows security and functional safety objectives to be fulfilled concurrently and accommodates a focus on the secure coding of software associated with inter-process communications, we hope to help lighten the load.”
Both the LDRA tool suite and the OpenSynergy hypervisors have been certified by SGS TüV as suitable for development of safety-related software compliant with ISO 26262. In addition, the LDRA tool suite offers tool qualification support packs for the qualification of LDRA tools for high assurance applications requiring regulatory approval.