The biggest concern about Connected Cars is safety and reliability. Recent demonstrations by security researchers have proven that car hacking is a real risk. Increased connectivity has also introduced new risks and attack vectors into the Connected Car ecosystem. In-vehicle communications and entertainment systems host high-value or sensitive applications. API libraries facilitate communication and sharing of vehicle data. These API libraries are vulnerable to reverse-engineering and tampering attacks and may even result in loss of passenger safety. Attackers can inject malware that may be able to migrate to other in-car networks such as the controller-area-network (CAN) bus, which links to the vehicle’s critical systems.
Software provided for dealers to interface with cars is vulnerable to reverse-engineering and tampering attacks. Hackers may be able to abuse these tools to inject malicious code into the electronic control units (ECUs) and CAN bus. Attackers can lift the cryptographic keys used, and use that information to build their own rogue apps and software. Their cloned version of the original app/software may have altered functionality, and may intend to gain access to other in-car networks.
Protect the integrity of content, data, applications and software from being reverse engineered, tampered with or modified in any way with Arxan. Prevent insertion of malicious code aimed at exploiting the applications including the API libraries, dealer software to interface with cars, and the CAN.