Autonomous security for cars

September 29, 2016 // By Julien Happich
Karamba Security has released Autonomous Security for connected and autonomous vehicles, a solution that empowers electronic control units (ECUs) to protect themselves from hackers and which the company claims would have blocked the recent Tesla-type hacks.

Autonomous Security is an extension to the company’s Carwall ECU security platform, enabling automotive technology providers to achieve the goals set out in the U.S. Department of Transportation's guidelines for the safe deployment of autonomous cars. Cyberattacks can only infiltrate a car by compromising the externally-connected ECUs controlling infotainment, navigation and OBDII telematics dongles, for example. Karamba Security’s Autonomous Security technology allows any car’s ECU to protect itself from this threat by automatically locking it down to the ECU's factory settings. The ECU then blocks operations that aren't part of its factory settings, with a negligible performance impact, which prevents hackers from accessing the car's safety systems and commandeering them. This deterministic decision is made locally on the ECU. Autonomous Security doesn't require the ECU to be connected to protect itself, nor does it need anti-malware updates.

The company also unveiled a new capability, in-memory protection, as part of its Autonomous Security suite. With in-memory protection, the ECU autonomously blocks memory-based attacks such as buffer overrun and return oriented programming (ROP).

In-memory Autonomous Security blocks common in-memory attacks, such as the Tesla hack demonstrated last week. With its recently announced security upgrade, Tesla has stated that it tried to make it harder for hackers to reprogram other ECUs once they’ve compromised the externally connected ECU. In effect, Tesla’s approach accepts that hackers will penetrate the car’s ECU and then tries to minimize the damage, says Karamba, contrasting with in-memory protection which blocks such hacks altogether. Specifically, the attack demonstrated by the researchers would have failed in Teslas or any vehicle protected by Carwall, the company claims.