Embitel

Search
Close this search box.

ISO 21434 Compliant Automotive Cybersecurity Development: Ensuring Secure-By-Design

Automotive Cybersecurity as per ISO 21434: Solutions and Services

Securing a vehicle connected to multiple data sources over different networks is a technology intensive task. And a very crucial one at that! Each connected module in a vehicle is a potential entry point for cyber-attacks.

We at Embitel, have delivered multiple automotive projects with cybersecurity at their core. So, we know where to put the plug! Automotive cybersecurity is all-pervasive, hardware, software, network, and cloud; we help you secure each one of them.

Solutions and Services for Automotive Cybersecurity

Embitel provides a full range of automotive cyber security services, covering all stages from development and production to post-production.

cybersecurity
Polygon-1
Cybersecurity Consulting

Our cybersecurity consulting services involve comprehensive vulnerability analysis and recommendations for implementing robust security measures.

From the initial cybersecurity plan through the concept phase, we work closely with our clients to embed security into the very fabric of automotive solutions.

AEM Managed Services

AEM Managed Services

Our AEM development team works closely with your teams to provide SLA-based managed services for AEM deployment, both on-premises and on the cloud. Our series of Adobe Managed Services comprises of automated backups, health checks, disaster recovery, application maintenance and monitoring security. We help you leverage end-to-end AEM capabilities and increase the responsiveness of your platform.

Threat Analysis and Risk Assessment (TARA)

TARA services focus on systematically identifying and evaluating potential cyber threats to automotive systems.

In our approach to TARA, we emphasize the early integration of risk assessment into the automotive development process.

Polygon-2-1
development of secure
Polygon 3
ISO 21434 compliant solutions development

As early adopters of ISO 21434 standard, our automotive cybersecurity team is equipped with the right skill-set and tool knowledge to provide ISO 21434 compliant automotive solutions development services.

ISO 21434 compliant software development begins with cybersecurity concept to secure design and security-aware software construction.

transport layer
Polygon-1
ISO 21434 compliant testing services

Our dedicated testing team offers comprehensive ISO 21434 compliant testing services, where we rigorously evaluate automotive systems and components for cybersecurity compliance.

Our testing services include support for penetration testing, fuzz testing and ISO 21434 mandated V&V methods.

AEM Cloud Services

AEM Cloud Services

With AEM as a cloud service you get to enjoy the full capabilities of AEM tools and platforms in cloud-native environs. AEM as a cloud service gives unprecedented scalability and efficiency in performance. Our specialist team will guide you in delivering exceptional customer experiences through built-in AEM extensions.

AEM Cloud Services With AEM as a cloud service you get to enjoy the full capabilities of AEM tools and platforms in cloud-native environs. AEM as a cloud service gives unprecedented scalability and efficiency in performance. Our specialist team will guide you in delivering exceptional customer experiences through built-in AEM extensions.
AEM Cloud Services
Polygon-2-1
Secure bootloader
Polygon 3
Cybersecurity Related Testing Activities
  • Support for ISO 21434 recommended testing
  • Qualified tools are used for verification and validation activities
  • All vulnerabilities are identified, exploited and remedial solution is provided

Customer Success Story: Flash Secure Bootloader Development

Image 1

Business Challenge:

  • Authenticity and integrity of the data to be flashed on automotive ECUs must be ensured to avoid mishaps.

  • Solutions like ADAS, Telematics, Body Control Modules, etc. require secure Bootloaders equipped with features such as Digital Signature, Encryption, HMS and others.

Embitel’s Solution:

  • We have developed secure Bootloader solutions for our customers based on their specific security requirements. Our bootloader solution comprises security features including AES-128, Digital Signature, CRC32, HMS Drivers, Secondary Bootloader (SBL). These components ensure that the inter-ECU data transmission is secure and data integrity is not compromised.

  • AES 128 algorithm has been used for encryption/decryption of the image file. Data is secured using the AES 128 algorithm before sending it to the ECU from the flashing device.
Read More…

Understanding Automotive Cybersecurity Use-cases

Automotive Cybersecurity Applications

Why Partner with Us

Dedicated Team

A dedicated team of cybersecurity experts manages the project and closely monitors each activity

End to End Cybersecurity

Our automotive cybersecurity approach is designed to cater end-to-end cybersecurity requirements- from gap analysis to compliance

Successful Deliveries

We have delivered secure bootloader solutions, software stacks implemented with Transport Layer Security (TLS) module and state-of-the-art security algorithms

Industry Experience

Related Blogs and Insights on Automotive Cybersecurity

IoT-Architecture

8 IoT Security Best Practices, to Keep the Hackers Away from your Industrial/Enterprise Assets!

Security related incidents remind us of the fact that in this IoT (Internet of Things) Universe, Data/Network/Device Security should be the top priority of all the stakeholders.

vehicle attacker

Why Cybersecurity Has Become Indispensable for Automotive Industry

A modern-day car can have close to 150 ECUs with more than 100 million lines of source code written on them. The cyber risk to a modern vehicle increases with every line of code burnt on the automotive ECUs.

Cipher suites

Implementing Automotive Cybersecurity Through Transport Layer Security

TLS has emerged as a reliable method of ensuring secure Remote Diagnostics via DoIP (ISO 13400) and Firmware over the air upgrade for ECU software.

imgpsh

What are the Important Security Aspects of DoIP based In-Vehicle Network and Related Best Practices

In this blog, we will analyse the DoIP software stack, from a security standpoint. We will also talk about the possible solutions and ongoing research in this area.

Frequently Asked Questions on Automotive Cybersecurity

Do you follow the latest ISO 21434 standard for automotive cybersecurity?

Ans: ISO 21434 standard has recently been published. However, our cybersecurity team has been closely following the various stages that the standard has gone through. Hence, we have a fair understanding of the standard.

We have been delivering cybersecurity related projects before the release of ISO 21434 standard, primarily based on its draft version. Since, the standard is now published, we follow the automotive cybersecurity guidelines as prescribed in the standard for all cybersecurity related projects.

Can your cybersecurity team transform an existing product to cybersecurity compliant solution?

Ans: Yes, we can make your existing automotive solution compliant to automotive cybersecurity. The process requires gap analysis and an assessment of existing cybersecurity measures. After the gap analysis, we will lay down the requirements and make changes in the solution. The changes might affect the entire system architecture, introduce new validation and verification methods and more depending on various factors.

How do you ensure remote vehicle diagnostics securely?

Ans: Diagnosing a vehicle remotely has emerged as a convenient for the customer as well as the service center. But it also opens up a potential threat of unauthorized access to the vehicle function. We have a ready-to-deploy DoIP protocol software that enables remote ECU diagnostics. It is made secure by the Transport Layer Security module (TLS module) among other features such as Secure Socket Layer (SSL) and IP security.

What are the security features in your FOTA solution?

Ans: We have delivered FOTA solution to our customers with security features as required by the projects’ specifications.

Let’s look at all security features implemented:

  • Code signing to ensure trustworthiness (data integrity & source authentication) of the firmware image to be updated.
  • Integration of Wi-Fi/Bluetooth/GPRS/GSM modules for secure communication between the FOTA server and the target devices.
  • Integration of the firmware with IoT protocols such as MQTT, CoAP; HTTPS & SSL for secure data exchange
  • We have chosen specific encryption methods to check the sanity of the update package
What are the security features in your secure Bootloader module?

Ans: We equip our Secure Bootloader solution with AES-128, CRC32, HMS Drivers, Digital Signature and Secondary Bootloader (SBL) features. These components make sure that that the data transmission between ECUs is completely secure.

A snapshot of our Flash Bootloader’s security features:

  • Cybersecurity is implemented as per the project’s requirement and in case of an ISO 26262 compliant project, the ASIL grade assigned to the solution.
  • Secondary Bootloader also helps in securing Bootloader software. follows the following sequence:
  • Our secure Bootloader solution uses SHA 256 Algorithm for Digital. ECU validates this digital signature before downloading the image file for ECU flashing.
  • Data Integrity is validated using CRC32, an error detecting code part of the platform software of the Bootloader solution.
  • Few microcontrollers come with built-in HSM module that implements security for the Bootloader. We develop the HSM device driver for the Bootloader Software to access the HSM module of the microcontroller.

Knowledge Bytes: Insights on Automotive Cybersecurity

Automotive cybersecurity is all about protecting the vehicle electronic components from unauthorized access and control. Growing degree of connectivity in vehicles creates avenues for amazing features. However, connectivity to external entities also makes the systems vulnerable to cyber-attacks. Automotive cybersecurity is a set of measures that can identify and thwart such attacks and keep the vehicle occupants safe.

Cybersecurity for road vehicles has been standardized in ISO 21434 standard. This standard defines the engineering requirements for managing the risks associated with cybersecurity. Right from the concept phase to component decommissioning, the standard has a framework for cybersecurity processes.

Automotive cybersecurity makes sure that the data transmitted to and from the vehicle ECU is delivered unchanged and to the intended party. To achieve this, three important aspects are controlled- Authenticity, Integrity, and Confidentiality.

Authenticity of the data implies that the data has been exchanged in a trustworthy manner and has been delivered to the intended receiver.

Integrity of the data means that the data has not been tampered with and the content is delivered unchanged and complete.

Confidentiality entails that there is encryption algorithm securing the data and to prevent it from being accessed and read by unauthorized recipient.

Scroll to Top