Kaspersky Automotive
Secure Gateway

Building reliable IT systems for smart vehicles

About the solution

A modern motor vehicle can have more than 100 electronic control units (ECUs). They optimize fuel consumption, inform the driver of road conditions, entertain passengers, control braking, and perform many other important functions. The software for these control units is becoming more and more sophisticated. The amount of code can exceed 100 million lines of code – more than in a modern operating system.

This enormous amount of code is bound to have some vulnerabilities, which means that every ECU and communication interface could become a target for hackers. Today, security issues in the automotive industry have become so important that their requirements and mandatory certifications are being discussed by international organizations. For example, the World Forum for Harmonization of Vehicle Regulations (WP.29) has developed a set of regulations governing cybersecurity in the automotive industry.  The regulatory provisions of R.155 and R.156 have already become mandatory in some countries. These documents describe key requirements related to:

  • cyber-risk management;
  • Security by Design;
  • threat detection and response (event monitoring);
  • secure and reliable updates.

The ISO/SAE 21434 industry standard was also created to serve as a basis for the development of cybersecure systems for road vehicles.

Kaspersky Automotive Secure Gateway (KASG) is specialized software that is designed for high-performance controllers of connected vehicles and combines the functions of a telematic control unit (TCU) and a secure gateway. KASG provides secure and reliable communication between electronic units of the E/E architecture and between these units and the connected vehicle cloud and diagnostic devices. This software can be used to implement remote diagnostics, secure over-the-air ECU updates, and other telematic services. KASG includes the Kaspersky Automotive Adaptive Platform (KAAP), which allows you to design and develop inherently secure systems (Security by Design) that meet the requirements of cybersecurity regulators based on the international AUTOSAR Adaptive standard.

KASG fully complies with the new cybersecurity requirements of WP.29 because its products and components were designed and developed according to Secure by Design principles. It also meets the applicable functional safety requirements (ISO26262) and can be used to build systems with an automotive safety integrity level as high as ASIL-B.

The solution can be customized and adapted to the specific tasks of a customer. The standard set of KASG components and products includes:

  • Kaspersky Automotive Adaptive Platform — a KasperskyOS-based SDK for creating ECU applications that are compatible with the AUTOSAR Adaptive Platform standard.
  • Automotive Secure Broker Framework — a component that provides secure data exchange across all communication channels, including between ECUs in the automotive network and within the V2X infrastructure.
  • OTA agent — a component that provides centralized over-the-air (OTA) updates to various ECUs in a vehicle.
  • VSOC agent — a component that centrally collects security events and forwards them to vehicle security operations centers (VSOC).
  • RVD agent — a component for remote vehicle diagnostics (RVD) and telemetry for various vehicle ECUs.

Overview of the Kaspersky Automotive Adaptive Platform SDK

Technical diagram

Role of Kaspersky Automotive Secure Gateway in a connected vehicle ecosystem

Cyber Immunity and security

Strict isolation of vehicle system components and secure updates, including over-the-air updates and remote diagnostics throughout the life cycle of the vehicle.

Compliance with standards

The solution helps manufacturers meet the requirements of UN cybersecurity regulations R.155/R.156 and complies with the international regulatory frameworks for functional safety (ISO 26262) and cybersecurity (ISO/SAE 21434). The solution includes a runtime environment for applications that complies with the AUTOSAR Adaptive standard.

Reduced costs

A telematic control unit and secure gateway are combined in one solution. Functions from other ECUs are consolidated within the framework of a service-oriented AUTOSAR Adaptive platform.

Threat protection

The software included in KASG protects against the following threats.

Unauthorized access

In a modern vehicle, the range of users is expanding. For example, users may include multiple individuals, legal entities, or services. KASG delineates the access levels of these users so that they only receive the appropriate permissions for their intended functions. For example, the driver can drive the vehicle, a passenger can adjust the interior temperature, and the remote diagnostics service can receive information from the vehicle systems.

Targeted attacks on ECUs

Vulnerabilities in smart cars can be the target of cyberattacks. KASG detects malicious commands or messages circulating within the vehicle over the CAN bus, Ethernet bus, or external V2X data transfer channels, and notifies vehicle security operations center (VSOC) security officers of this malicious activity.

Attacks via in-vehicle infotainment (IVI) systems

The widespread use of app stores for IVI results in a large amount of third-party code that is not always subject to proper security oversight. Attacks through this type of system can lead to the exposure of a user’s personal data or the theft of financial information. KASG restricts access to data exchanged between applications, validates the data, and loads trusted data into the IVI system.

Uncontrolled data streams

The solution enables you to proactively block malicious data streams (e.g., via backdoors) according to the vehicle manufacturer’s defined specifications. The gateway essentially acts as a firewall between trusted and untrusted segments of a vehicle’s internal network.

Malicious diagnostics

Attacks via diagnostic sessions enable hackers to take control of vehicle units by using commands or reflashing device firmware. KASG provides a defense-in-depth approach to minimize the risk of these threats by providing:

  • single point of access for diagnostics;
  • state-of-the-art authentication and authorization mechanisms for diagnostics access;
  • delineation of diagnostics domains and access to them;
  • UDS session traffic analysis;
  • authentication of updates and configurations.

Compromised over-the-air updates

If a faulty or compromised external component in an update is not detected in time, it can create risks for the vehicle. KASG verifies the chain of software update providers according to the latest requirements of the AUTOSAR Adaptive Platform, Uptane standard, and Cyber Immune update patterns for KasperskyOS.

Communication disruptions

While in motion, a smart car is limited to using wireless data links to the infrastructure or to other vehicles. Interference and deliberate attacks (signal interception/substitution) in the absence of secure communication channels pose a threat to the proper operation of vehicle units. KASG takes control of the functions for protecting all external communications, including TCP/IP traffic and RPC services (SOME/IP, DDS, MQTT).

Insecure data storage

Unauthorized access to data storage can result in compromised certificates in chains of trust, or leaked subscription payment tokens, for example. The KASG solution provides secure storage for this type of critical data.

Kaspersky Automotive Adaptive Platform

This is a specialized SDK platform that was developed based on the AUTOSAR Adaptive standard to create reliable applications for ECUs in smart cars. You can use the platform tools to build the following secure solutions:

  • driver assistance systems (HAD/ADAS);
  • telematic systems (TCU/V2X, gateways);
  • high-performance controllers;
  • other types of ECUs.

The platform includes drivers, base software, and AUTOSAR Runtime for Adaptive Applications (ARA).
This platform is capable of running adaptive applications while providing them with AUTOSAR-compliant functional clusters, platform services, a POSIX-compatible layer and industrial-grade libraries and environments for autonomous driving systems such as OpenCV and Point Cloud Library. It can also run services not designed for an adaptive platform.
Products based on Kaspersky Automotive Adaptive Platform have a multi-layer security system to protect against cyberthreats. This system is based on the KasperskyOS secure operating system with its subsystem called Kaspersky Security System (KSS) that controls all interactions between components. An avatar scheme is implemented at the AUTOSAR Adaptive level. This scheme guarantees that all interactions, even those between remote ECUs, go through a single point of security decision-making (KSS). The platform also ensures that data is loaded securely, and provides a secure data storage service. At the cloud service level, the platform ensures that updates are securely downloaded and security events are securely communicated to the monitoring center.

Features

Cyber Immunity and security

Even if a specific ECU component is operating abnormally or is attacked, KasperskyOS technologies will not allow the component to affect the way other systems perform their own critical functions. This protection is provided by a multi-layer security system that includes a microkernel operating system, KAAP in-platform security mechanisms, and functions for secure update downloads and VSOC integration.

Integrated approach

Software developed using the Kaspersky Automotive Adaptive Platform enables the creation of a complete ecosystem of applications for embedded automotive systems. This approach ensures the reliability and functionality of systems at all levels throughout the vehicle’s life cycle.

Service-oriented architecture

When developing products, you do not need to consider all the details of a specific electronic unit. You can run Adaptive standard applications and/or migrate non-AUTOSAR services to the platform without compromising performance or security.

Compatibility

KAAP-based applications can implement data exchange between a vehicle and the connected vehicle cloud, and between a vehicle and OTA services. The applications can be used in high-performance ECUs. The SDK includes a tool for automatic porting of AUTOSAR applications.

Automotive Secure Broker Framework

This component provides for secure data exchange across all communication channels within the vehicle and with the V2X infrastructure. Gateways developed using this framework can perform the following functions:

  • authenticate users and applications;
  • define access rights to vehicle systems;
  • route traffic between ECUs;
  • secure updates of ECUs and IVI;
  • provide a secure data storage service.

OTA agent

This component provides centralized over-the-air updates to various vehicle ECUs.
You can use the OTA agent to:

  • update gateway software (firmware, applications, settings).
  • update firmware and settings of other ECUs via the UDS protocol.
  • update firmware and applications in high-performance ECUs via Ethernet.

VSOC agent

This component centrally collects security events and forwards them to vehicle security operations centers (VSOC).
The VSOC agent enables you to:

  • collect and store event logs related to the cybersecurity of the KASG gateway and other ECUs in a vehicle;
  • process these logs based on rules that are updated via the OTA system;
  • periodically send these events to the cloud via the CEF protocol for subsequent analysis in a VSOC.

RVD agent

This component provides remote diagnostics and telemetry for various ECUs in a vehicle.
The RVD agent enables you to:

  • store and dynamically update a list of diagnostic procedures (routines);
  • run condition-based or on-demand sets of these procedures and provide their results to the cloud diagnostic service.

Learn more about Kaspersky

We are always happy to answer your questions about Kaspersky Lab and solutions based on it. Fill out the form to get additional information or discuss prospects for cooperation

Ask a question