Utimaco, a leading global provider of IT security solutions, and KOSTAL Automobil Elektrik, one of the top automotive suppliers in the world, have been working together to provide an Automotive Vault solution that addresses the requirements to incorporate next-generation key management and other enterprise-grade cybersecurity systems into vehicles and the software ecosystem that supports them.
Standards like ISO 21434 and UNECE WP.29 R155 establish a common language for communicating and managing cybersecurity risk. To conform to these regulations, key management is important: ECUs are kept up to date through Firmware Over The Air (FOTA) updates, and these would be ideal vectors for bad actors to send spyware, malware or even manipulated software to thousands of vehicles. Using asymmetric encryption for in-car communication significantly strengthens the vehicle’s defenses against counterfeit updates.
Similarly, device attestation is a vital part of keeping a vehicle secure: put simply, it allows individual devices to show that they are authentic, something which is vital in a vehicle.
The Automotive Vault solution developed by Utimaco and KOSTAL Automobil Elektrik enables Automotive OEMs to establish a Life Cycle Management System to:
· Pass audits (UNECE WP.29)
· Protect against counterfeit parts and liability claims from clients. The supply chain is more secure and transparent
· Secure products against software tampering by eliminating unwanted changes in the vehicle that could e.g. lead to safety incidents
· Integrate a reliable standard solution that can serve multiple use cases
· Ensure efficient data transfer between plants (KOSTAL’s & OEM’s) to meet production line requirement, which in turn have a direct impact on product cost
For KOSTAL Automobil Elektrik, it is imperative to be agile and cost effective with least to none impact on the business line with the introduction of new Cybersecurity requirements to be able to have an edge over the competition, thus enabling the OEMs to produce modern and safer cars.
Priyank Kumar, Senior Director Automotive & Manufacturing at Utimaco, said: “Creating trust is our mission, and we are proud that our cyber security solutions are contributing to security and increase levels of trust in the automotive space. Device attestation, Secure Boot, Software Signing, and Secure In-vehicle communication are must haves to meet the standard in the automotive industry. Security at the highest level is our core field of expertise, and with a partner like KOSTAL we can provide a market leading solution tailored to Car OEMs needs.”
Dominik Preikschat, Cybersecurity Architect at KOSTAL Automobil Elektrik , added: “At KOSTAL, we are committed to providing our customers with the highest level of security for their vehicles. As one of the top 100 automotive suppliers in the world, we understand that cybersecurity is a critical component in protecting cars of today and tomorrow from cyber threats. That’s why we take a proactive approach to cybersecurity, using comprehensive security measures and partnering with trusted experts like Utimaco to ensure the necessary protection for our products and customers. By implementing rigorous security protocols, we are able to meet the highest standards of cybersecurity and maintain the trust of our valued customers.”