KASPERSKY OS AUTOMOTIVE
Vehicles are becoming cluttered with technologies inside and outside of the car. Introduction of more ECUs inside the vehicle or external services in the well known security domain of public networks or clouds increases the threat model (and attackers possibilities). Automotive Industry security is on the verge right now with newspaper headlines covering vulnerabilities and attacks, while fundamental architecture flaws torturing automotive vendors.
In the world of technology there are more than 60 available assistance systems for passenger vehicles, which help to prevent traffic accidents from happening. To enable this large range of assistance functionality, modern cars contain up to 80 electronic control units (ECUs) and a variety of network platforms.
It is necessary to improve the control units already installed in cars, and also constantly monitor software operations, to find and fix any possible problems that may otherwise put drivers seriously at risk. Improvements must be made constantly, and as soon as possible, in order to avoid safety issues. To achieve these targets, more flexible update mechanisms are needed, along with configurable data collection for many systems. This means accessing vehicles for diagnostic and update purposes will not only need to take place in garages through wired connections, but anywhere via OTA links.
Complexity and security
Complexity and security are conflicting features. The more complex system and code you have, the more chances to miss bugs even after very thorough testing procedures.
That is what KasperskyOS was designed for – make complex solutions secure. Two main principles are necessary to form a trusted platform – even when the components themselves are not trusted.
1. Strong separation – preventing unwanted interference with components
2. Security Policy Enforcement – allowing valid communications between different components