IoT
7/24/2018
10:27 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Continental Offers Cyber Security Solutions from Argus and Elektrobit for All Connected Vehicle Electronics

AUBURN HILLS, Mich., July 24, 2018 —Technology company Continental recently announced it is offering end-to-end cyber security and wireless software update solutions integrated into connected vehicle electronics including telematics units, infotainment systems, gateways and more from Argus Cyber Security (Argus) and Elektrobit (EB).

“Just as brakes are imperative for safe driving, connected vehicles require state-of-the-art cyber security as a basic feature,” said Werner Koestler, Head of Strategy, Interior division, Continental.  “Therefore, we have decided to offer end-to-end cyber security solutions from Argus and Elektrobit in all of our connected vehicle electronics and as a standalone solution for third party products.”

Continental, EB and Argus’ cyber security philosophy is focused on enabling OEMs to secure vehicles by preventing, understanding and responding to cyber threats. 

To prevent possible attacks, EB provides consultation, along with security components for the application layer, hardware-specific security products, AUTOSAR (AUTomotive Open System ARchitecture) basic software and security solutions for bootloaders launching various operating systems. Those components, on the road today in millions of vehicles, are designed for applications including secure communication, authenticated identification, secure updates and diagnostics.

Argus provides multi-layered solutions that offer additional state-of-the-art prevention from cyber attacks against the vehicle, as well as the ability to detect and respond to attacks in real-time with Argus Connectivity Protection installed on telematic and infotainment units and the Argus Intrusion Detection and Prevention System deployed in the in-vehicle network.

Argus Lifespan Protection, an automotive security operations center, offers an additional layer of prevention, understanding and response by providing OEMs visibility into the cyber health of their fleets, analysis of cross-fleet information to generate insights into the nature of attacks,  identification of emerging threats, and a rapid response to incidents by immunizing the fleet. To react as quickly as possible, and install software patches to resolve vulnerabilities in fleets around the world, vehicle manufacturers can rely on EB’s wireless software update service EB cadian Sync.

“Our multi-layered approach is an end-to-end offering for automotive cyber security, from the development of new products and ongoing monitoring, to the ability to resolve vulnerabilities via wireless updates to immunize fleets from future attacks,” Koestler explained.

Gateway and In-Vehicle Server: Mastering Cyber Security Today and Tomorrow

Continental is making the multi-layered solutions part of its portfolio, ensuring its components are as robustly secured against attacks as possible. In addition, Continental is also developing control units, which serve as important elements in the security chain themselves. Continental’s Gateway, for example, acts as a router within the vehicle computing network in classical distributed in-vehicle computing architectures or today’s domain architectures.

“For components that build an entry point for remote attacks, such as telematics units or infotainment systems, the requirements have been drastically increasing over the last couple of years. As an international automotive supplier, we see it as our duty to provide the best protection possible for our customers,” Koestler continued.

The Gateway integrates state-of-the-art security features from Argus and enables basic vehicle diagnostics and wireless software update capabilities via EB to monitor the vehicle’s cyber health and allow for immediate updates if needed.  In essence, Gateway takes over the role as security master.  For future server-based architectures, Continental is offering the In-Vehicle Server, a high-performance computing unit that acts as a network manager and communication interface. It also provides a central architectural element leveraging the full spectrum of wireless software updates for remote maintenance and cyber security for the entire vehicle.

About Continental

Continental develops pioneering technologies and services for sustainable and connected mobility of people and their goods. Founded in 1871, the technology company offers safe, efficient, intelligent and affordable solutions for vehicles, machines, traffic and transportation. In 2017, Continental generated sales of €44 billion and currently employs more than 240,000 people in 61 countries.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15504
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
CVE-2018-15505
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...
CVE-2018-15492
PUBLISHED: 2018-08-18
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
CVE-2018-15494
PUBLISHED: 2018-08-18
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2018-15495
PUBLISHED: 2018-08-18
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.