Cybersecurity for CAN bus

cybersecurity for CAN bus

Meet mandatory regulation requirements for CAN cybersecurity

The CAN bus (CAN) is the primary networking technology used in vehicles for safety-critical systems. But CAN technology has well-known security shortcomings. For vehicle homologation today, manufacturers and suppliers need cybersecurity capabilities in vehicle networks to meet industry standards and regulations and make sure that the CAN bus traffic is cybersecure.

Argus CAN IDPS is now validated and integrated in the EB tresos 9 Basic Software (BSW). It brings together advanced security features for robust network protection – from ongoing monitoring to proactive intrusion detection and prevention mechanisms. It covers common attack methods such as denial of service and brute force on the CAN network.

Additionally, Elektrobit offers EB zoneo SwitchCore Shield, an automotive-grade switch firmware in combination with Ethernet IDPS library in one package.


Proven to safeguard critical functions

Reduces exposure to corporate liability and costly recalls, protects brand reputation through consumer safety and privacy. Already on the road and trusted by manufacturers and suppliers worldwide.

Cheaper, simpler, and repeatable integration

Through automatic configuration and validation.

feature sets

To support different implementation architectures, and requirements.

Automotive-grade compliance

ASPICE (3.1) Level 2 capabilities for products and projects development. For vehicles and components coming to market in Europe and Asia (WP.29, GB).


With minimal impact on memory, CPU, and network latency.

Key features of the Argus CAN IDPS

  • Tailored to any CAN bus network implementations
  • Hardware-agnostic, ensuring successful integration of the appropriate security functionality
  • Detects basic anomalies in message IDs, diagnostics, signals, and network load
  • Identifies unexpected use of diagnostics services including timing and stateful analysis
  • Monitors for injection attempts and correlate data types for advanced anomaly detection

Technical details

EB tresos and Argus CAN IDPS block diagram

EB tresos AutoCore Generic (ACG) CAN stack routes the received messages and messages to be transmitted on CAN bus – for the inspection of any anomalies in an ECU – to Argus CAN IDPS. The smart and efficient Argus CAN IDPS sensor inspects all types of messages (e.g., communication, diagnostics) to detect the irregularities in periodicity, protocol control information (e.g., DLC, Identifier), and payload of the CAN frames of an ECU. The detected suspicious activities on CAN bus are reported as security event to the EB tresos ACG IdsM module. EB tresos ACG and Argus CAN IDPS enable the intrusion detection adhering to Classic AUTOSAR architecture to reduce the security risk arising from CAN bus.

Related Content to Elektrobit’s Cybersecurity for CAN IDPS