OttoSec - Automotive Cyber-Security

Typical CANBUS Acrhitecture

  • CANBUS is a shared-bus architecture.

     A single misbehaving node can effectively block all network communication.
     This can be accomplished by performing a simple Denial-Of-Service attack.

     Any node can send any Message (called "CAN Frame").
     For example, there is nothing stopping the Radio from sending a command to the Brakes...

OttoSec CANBUS Firewall

  • OttoSec CANBUS Firewall divides the CANBUS network into segments.

     This prevents a device behind the firewall from performing an attack.
     Any malicious data would simple not pass through the firewall.

     Multiple Firewall devices can be install in a single vehicle.
     One Firewall can protect the vehicle against one or more connected-devices.