Automotive Security through New Communication Lockdown
F-35I and F-16I fighter jets and missile
defence systems. By enforcing a formally
verified and deterministic configuration of
communication among the various networks
of the vehicle, the Communication
Lockdown methodology eliminates all
known and unknown cybersecurity risks by
approving or discarding all inbound and
internal vehicle communications in real-
time.
Require time to analyse specific new
threats and to develop and deploy
software updates
Do not offer support for an external
Security Operations Center (SOC) to
continuously monitor vehicles and
communicate with owners and
drivers
These challenges are overcome through a
patented
cybersecurity
“lockdown”
approach that is successfully used by Israel’s
Table 1: Different Approaches to Automotive Cybersecurity
Capability
Security
Mechanism
Communication
Lockdown
-
-
-
-
Formally verifiable state
machine
Agnostic to attacks
Certifiable (safety and
security)
Approved configuration
lockdown
Defense
Capability -
- All vehicle networks
Prevention on bit level
Reliability - 99.99999% - with
deterministic
mathematical model
That can be verified,
tested, and certified
Zero false positives
-
Maintenance
-
-
No cloud connectivity
required
No on-going updates
required
Firewall
-
IDS/IPS
Static ruleset
firewall
Needs
updating as
new attacks
materialize - - Several car
networks - No
prevention
- Can be
tested by
automotive
standards
but can’t be
qualified - Requires
cloud
connectivity
and regular
updates -
-
-
- 57 -
-
-
Heuristic
detection of
attacks
(anomalies)
Reliability
can’t be
proven
Anti-Virus
-
- Local Anti-
Virus
Signature
updates
required
- 1 ECU
98%
Detection
rate
Up to 5%
False positive
rate - Reliability
can’t be
proven
Requires
online cloud
connectivity
and - Updates for
every change
of the ECU
March 2019