Solutions

Establishing a security framework is also crucial for organizations involved in the development and design of connected cars. It is necessary to identify the security risks surrounding the connected car solutions – including the organizational structure – and implement measures appropriate to those risks.
In the automotive industry and other IoT domains, the key to a security governance framework is the ISMS (Information Security Management System) approach. Since its founding, Asgent has been deeply involved with ISO/IEC 27001, providing not only certification support but also consulting services to a wide range of organizations. Drawing on this experience, we help build strong security frameworks that take into account the specific requirements and regulations of the automotive industry.

Modern vehicles are equipped with many ECUs (Electronic Control Units) that control functions such as the engine, brakes, and door locks. By sending malicious messages to these ECUs, it is possible to hijack control of the brakes or accelerator.. Therefore, unlike IT systems, ECUs require real-time responsiveness, imposing strict constraints where intrusion detection cannot afford to take time.
Asgent’s ECU security solution, XGuard Integrity, embeds security directly into the ECU during the manufacturing process and protects it from hacking without the false positives that can occur with other security products. In addition, it requires no security updates and imposes extremely low runtime overhead, enabling organizations to prevent serious security risks in advance.

The ECUs installed in a vehicle are connected via a Controller Area Network (CAN). This network is used to exchange data that controls various components such as the engine, transmission, brakes, and air conditioning. To protect vehicles from physical tampering and unauthorized ECUs sending malicious messages, it is essential to authenticate communications on the in-vehicle network and ensure security.
However, in-vehicle networks are already close to their functional limits, and there is little capacity left to handle additional authentication data that would consume network throughput.
SafeCAN, Asgent’s authentication solution provided by Asgent, can authenticate CAN bus communications without adding network overhead or excessibe load.

As connected cars increasingly rely on mobile devices—for example, to operate in-vehicle infotainment systems—mobile apps are becoming indispensable components of the connected car ecosystem. For this reason, it is essential to harden mobile applications against tampering and attack. By using Asgent’s solutions, multiple protective measures can be applied at build time, such as code obfuscation and string encryption. In addition, various mechanisms for detecting and blocking attacks are embedded into the application, making it significantly more difficult to compromise and enabling the development of highly robust mobile apps.