OttoSec - Automotive Cyber-Security


Ottosec - Security as a Service


OttoSec offers a Standalone security Device designed for multi-vendor after-market installations, and OEM integration.
A comprehensive solution for companies that face cyber-security risks Here and Now




Automotive Cyber Security Service based on in-vehicle hardware device for Aftermarket and OEMs.

A small and low cost stateful CANBUS firewall that identifies and prevents damage from automotive cyber-attacks.

The device is easy to install and can be centrally managed via a network security center.

Potential customers:
  • Automotive Tier-1 and after-market connected Hardware vendors
  • Telematics Service Providers (TSPs)
  • Enterprise Fleet Managers
  • After-market installers
  • OEMs that acknowledge the risk of cyber-attacks to connected vehicles

More: OttoSec CANBUS Firewall




Why choose OttoSec?



OttoSec HW FirewallSoftware Solution"Smart" Transceiver
Solution Type: Independent Hardware deviceSoftware on Host ECUComponent in Host device / ECU
Security: 
 • Attack Surface SmallLargeDepends on host device
 • Host OS compromise Not vulnerableVulnerableDepends on implementation
 • Denial-Of-Service Attack Not vulnerableVulnerableVulnerable
Protection Mechanism: 
 • Network Segmentation YesNoNo
 • Basic Filtering YesYesYes
 • Stateful / Advanced Filtering YesYesNo
 • Rate limiting YesYesYes
 • Transmission Interference*1 NoNoYes
Protection Effectiveness: 
 • Denial-Of-Service EffectiveNot EffectiveOnly effective for host device
 • Impersonation EffectiveNot EffectiveSomewhat Effective*2
 • Transmission Interference*3 EffectiveNot EffectiveNot Effective
 • Illegal/malformed data EffectiveEffectiveNot Effective
 • Attacks from After-market devices*4 EffectiveNot effectiveNot Effective
Performance: 
 • Filtering Throughput Full Wire-SpeedAffected by ECU loadFull Wire-Speed
 • Stability Very goodAffected by Host OSExcellent (Hardware Device)
Update Features: 
 • Filtering Rule Updates YesYesNo
 • Remote management YesYesNo
 • Remote Firmware Update YesYesNot Applicable
Installation / Integration Options: 
 • After-market Retrofit YesNoNo
 • Automotive OEM Integration YesYesYes
 • Equipment OEM Integration YesYesNo
 • Integration Cost LowHighLow
 • Cost per unit LowVery LowLow
 • Required instances One per SegmentOn every ECUOn every ECU
 • Available for Any vehicle on the roadFuture modelsFuture models
*1 Transmission-Interference techniques may cause a Denial-of-service condition on the bus
*2 These devices use Transmission-Interference, which might cause network reliability issues, or even be exploited to perform a Denial-of-service attack
*3 Transmission-Interference is usually performed by causing intentional bit collusions or transmitting NACK bits in violation of CANBUS standards
*4 Protection against attacks originating from devices that were installed after the vehicle was manufactured, by either the vehicle owner or the dealership





OttoSec Hardware



Stand-alone CANBUS Firewall for Aftermarket installation
Easy installation and configuration on any existing vehicle


CANBUS Firewall SOM (System On a Module) for OEM integration
Low cost and low board-space - Practical solution for hardware manufacturers