The CAN bus (CAN) is the primary networking technology used in vehicles for safety-critical systems. But CAN technology has well-known security shortcomings. For vehicle homologation today, manufacturers and suppliers need cybersecurity capabilities in vehicle networks to meet industry standards and regulations and make sure that the CAN bus traffic is cybersecure.
Argus CAN IDPS is now validated and integrated in the EB tresos 9 Basic Software (BSW). It brings together advanced security features for robust network protection – from ongoing monitoring to proactive intrusion detection and prevention mechanisms. It covers common attack methods such as denial of service and brute force on the CAN network.
Additionally, Elektrobit offers EB zoneo SwitchCore Shield, an automotive-grade switch firmware in combination with Ethernet IDPS library in one package.
Reduces exposure to corporate liability and costly recalls, protects brand reputation through consumer safety and privacy. Already on the road and trusted by manufacturers and suppliers worldwide.
Through automatic configuration and validation.
To support different implementation architectures, and requirements.
ASPICE (3.1) Level 2 capabilities for products and projects development. For vehicles and components coming to market in Europe and Asia (WP.29, GB).
With minimal impact on memory, CPU, and network latency.
- Tailored to any CAN bus network implementations
- Hardware-agnostic, ensuring successful integration of the appropriate security functionality
- Detects basic anomalies in message IDs, diagnostics, signals, and network load
- Identifies unexpected use of diagnostics services including timing and stateful analysis
- Monitors for injection attempts and correlate data types for advanced anomaly detection
EB tresos AutoCore Generic (ACG) CAN stack routes the received messages and messages to be transmitted on CAN bus – for the inspection of any anomalies in an ECU – to Argus CAN IDPS. The smart and efficient Argus CAN IDPS sensor inspects all types of messages (e.g., communication, diagnostics) to detect the irregularities in periodicity, protocol control information (e.g., DLC, Identifier), and payload of the CAN frames of an ECU. The detected suspicious activities on CAN bus are reported as security event to the EB tresos ACG IdsM module. EB tresos ACG and Argus CAN IDPS enable the intrusion detection adhering to Classic AUTOSAR architecture to reduce the security risk arising from CAN bus.