Intelligent systems are everywhere - controlling road and rail infrastructure, improving vehicle performance and enhancing the passenger and driver experience. The proliferation of ECUs etc inside vehicles, interfacing with external data sources including entertainment, GPS, and diagnostics, creates new vulnerabilities and opportunities for cyber-intrusion. A fundamentally fresh and holistic design approach, building security into vehicles and transportation from the ground up, is required.
A reliable and flexible software platform, powered and hardened by KasperskyOS, that allows motor manufacturers to develop and implement a single secure gateway into connected vehicle ECUs, combining protection against cyber-intrusion with enhanced diagnostic technologies via over-the-air (OTA) links.
KasperskyOS is an operating system specifically designed protect diverse and complex embedded systems from the consequences of malicious code, viruses and hacker attacks. This is achieved partly through strong separation and policy enforcement, using trusted and reliable security methodologies and patented techniques.
A range of cybersecurity services for the automotive, rail and wider transportation industry that provide the analysis and information needed to enhance security operations and enable a proactive approach to be taken against advanced threats
The Secure Connected Car
A more holistic approach to building the secure connected, and soon the driverless, car, based on:
- The SCU - a single secure gateway between internal ECUs, TCUs etc and the external services and resources with which they interface
- KasperskyOS, ensuring safe software execution and protecting against random software errors, as well as cyber-intrusion and malware
- Threat Intelligence Services to help uncover, analyze and rectify any shortcomings in vehicular cybersecurity
Rail and Rapid Transit Systems
The introduction of Communication Based Train Control (CBTC) and European Train Control Systems (ETCS) means manufacturers and transportation system operators must pay even more serious attention to the cybersecurity of locomotive, floor and station automation systems.
Our rail and rapid transit solutions work on different stages of the base automation components lifecycle – from analysis to managed security services, and from embedded Automatic Train Control to online ticket sales portals.
Security Assessment and Penetration Testing
The Security Assessment and Analysis of:
- Vehicle internals (ECUs, TCUs, TPMS, RKE, PATS etc) and interfaces
- Applications, including source code and architecture
- Cloud-based and datacenter systems with telematics (remote control parking, entertainment, real-time traffic updates etc)
- Telecom Client-side security assessment – external communications with connected vehicle service platforms
Penetration testing, emulating systems bypass approaches by external and internal intruders
Learn more, with thought leadership from our globally recognized cybersecurity experts
Kaspersky Transportation solutions secures software-based the of connected vehicles and intelligent transport systems against unauthorized access and ongoing damage caused by cyberattacks including:
The theft and exploitation of driver and passenger credentials and confidential data
The implemention of unauthorized firmware
USB and OBD2 based attacks
Remote access and attacks via mobile devices
Data sniffing and Man-in-the-Middle-attacks
The exploitation of software vulnerabilities in generic and industry-specific applications