Use Case

Connected vehicles

Get analytics on third party software embedded in connected vehicles, even when no source code is readily available across verticals: automotive, aircraft industry, naval industry, construction vehicles, defense

Today, connected vehicles refer mostly to connected cars, however they encompass trucks, buses, planes, helicopters, ships and drones as well… While their technical maturity is different, these systems are defined by their connectivity to Internet, and a fundamental trend to add new functions relying on ECUs (Electronic Control Units) and embedded software.

Since 2015 and the remote hacking of a Jeep by security researchers, which led to the recall of 1.4 million cars by Fiat Chrysler, cybersecurity concerns have grown and boosted architecture and implementation improvements with perimetric defense, default security, secure protocols, etc…

However, increasing connectedness between systems multiplies the risks of compromise through the weakest cybersecurity points. Between 40 to 80 ECUs (from engine control to entertainment system) equip current cars: software and firmware represent up to 100 000 binaries (or compiled computer programs) which all represent potential surfaces of attack.

Ramifications of software supply chain is a cybersecurity challenge to develop security assurance

In the automotive, aircraft or naval industries, the components and systems supply chain is complex with various ranks of suppliers. Suppliers are dedicated to specific systems or sub-system for cost and performance optimization reasons. For instance, some original equipment manufacturers which may focus on IVI (In-Vehicle Infotainment systems) may rely on dedicated application specialists for Weather or GPS. These application specialists embed themselves off-the shelves databases or visualization tools coming from the open source community or third-party software editors.

This supply chain ramification directly impacts the number of software and the control of their security level. It means strong challenges to define secure coding standards and mitigate vulnerabilities. The enforcement of secured coding and vulnerability mitigation is even more challenging.

The opportunity to raise cybersecurity level with a fully secured development life cycle

Until now, connected vehicle manufacturers have set-up 2 strategies to raise security posture.

Static analysis and code source audits may be performed by suppliers and manufacturers themselves. But this analysis is often partial, as source code is rarely available for all software building blocks. Besides static analysis tools are prone to a high number of false positives. A good level of expertise is necessary to use them. Last, industry-specific technical architecture is rarely supported (ARM, RTOS…).

Second, pen testing activities with some reverse engineering actions on specific application may be launched to test overall security and take a snapshot of security level. The caveat is that these heavy activities consume skilled resources while the coverage of these activities may be limited. On the one hand, this snapshot follows the integration or deployment phases: it comes very late in the development process to allow corrective actions before manufacturing launch. On the other side, they are highly dependent on human expertise, and they may lack repeatability and consistency. It is remarkable that 2 pen test teams may discover distinct issues.

The consequence is simple: security coverage of software and firmware lacks breadth and depth before production. It results in higher security risk at production launch and higher cost to maintain and operate.

This calls for a new type of solution to exhaustively review firmware and software security: this solution should meet the imperatives of the industry to focus their security teams on high value tasks and reduce their maintenance cost.

Enforce security standards any time and track vulnerabilities

Moabi platform automates security analysis and interactive tests of connected vehicle firmware and software, without source code. It provides analytics relying on industry best practices and security standards, and remediation strategy with itemized implementation on 5 criteria: technical debt, defense-in-depth, cryptography, compliance to code security standards, and vulnerabilities (identified by CVE or 0Day detected by Moabi). Moabi then calculates a Defense Surface from these 5 analytics to quantify precisely the security level per binary, firmware or full software project.

Manufacturers can launch exhaustive cybersecurity analysis and tests, when components are delivered for their new connected vehicle program. They can track the evolution of the cybersecurity level of each version and assess how security is driven by their supplier. They also can compare 2 suppliers of the same component, when double sourcing is needed.

Audit automation allows to cover all binaries and focus the security teams on prioritized tasks. It suits very well to the automotive processes to continuously improve cybersecurity security. Moabi analytics create a consistent and sustainable frame of reference to benchmark firmware and software security level.

Watch our presentation at RSA 2020 conference to learn more about Moabi’s capabilities to secure the software supply chain of the automotive industry, as well as discover 0days in an automated fashion.