Meet mandatory regulation requirements for CAN cybersecurity
The CAN bus (CAN) is the primary networking technology used in vehicles for safety-critical systems. But CAN technology has well-known security shortcomings. For vehicle homologation today, manufacturers and suppliers need cybersecurity capabilities in vehicle networks to meet industry standards and regulations and make sure that the CAN bus traffic is cybersecure.
PlaxidityX CAN IDPS is now validated and integrated in the EB tresos 9 Basic Software (BSW). It brings together advanced security features for robust network protection – from ongoing monitoring to proactive intrusion detection and prevention mechanisms. It covers common attack methods such as denial of service and brute force on the CAN network.
Additionally, Elektrobit offers EB zoneo SwitchCore Shield, an automotive-grade switch firmware in combination with Ethernet IDPS library in one package.
Proven to safeguard critical functions
Reduces exposure to corporate liability and costly recalls, protects brand reputation through consumer safety and privacy. Already on the road and trusted by manufacturers and suppliers worldwide.
Cheaper, simpler, and repeatable integration
Through automatic configuration and validation.
Flexible feature sets
To support different implementation architectures, and requirements.
Automotive-grade compliance
ASPICE (3.1) Level 2 capabilities for products and projects development. For vehicles and components coming to market in Europe and Asia (WP.29, GB).
Optimized performance
With minimal impact on memory, CPU, and network latency.
Key features of the PlaxidityX CAN IDPS
- Tailored to any CAN bus network implementations
- Hardware-agnostic, ensuring successful integration of the appropriate security functionality
- Detects basic anomalies in message IDs, diagnostics, signals, and network load
- Identifies unexpected use of diagnostics services including timing and stateful analysis
- Monitors for injection attempts and correlate data types for advanced anomaly detection
Technical details
EB tresos AutoCore Generic (ACG) CAN stack routes the received messages and messages to be transmitted on CAN bus – for the inspection of any anomalies in an ECU – to PlaxidityX CAN IDPS. The smart and efficient PlaxidityX CAN IDPS sensor inspects all types of messages (e.g., communication, diagnostics) to detect the irregularities in periodicity, protocol control information (e.g., DLC, Identifier), and payload of the CAN frames of an ECU. The detected suspicious activities on CAN bus are reported as security event to the EB tresos ACG IdsM module. EB tresos ACG and PlaxidityX CAN IDPS enable the intrusion detection adhering to Classic AUTOSAR architecture to reduce the security risk arising from CAN bus.