Ottosec - Security as a Service
OttoSec offers a Standalone security Device designed for multi-vendor after-market installations, and OEM integration.
A comprehensive solution for companies that face cyber-security risks Here and Now
Automotive Cyber Security Service based on in-vehicle hardware device for Aftermarket and OEMs.
A small and low cost stateful CANBUS firewall that identifies and prevents damage from automotive cyber-attacks.
The device is easy to install and can be centrally managed via a network security center.
Value for potential customers:
- Aftermarket Hardware vendors of TCU, Infotainment, Alarms, Smart terminals, V2X
or any other In-Vehicle Connected-device: - Enable all the features of CANBUS-connected devices – Without Cyber-Security risk:
- TCUs can safely transmit OBDII CANBUS requests for DTCs, Parameters and Vehicle Data
- IVIs can safely display data on the Dashboard and communicate with other in-vehicle systems
- Alarm systems can control vehicle built-in Immobilizer, Door locks, Windows etc.
- …And so on
- Telematics Service Providers (TSPs):
- Connect new or existing Telematics devices to the CANBUS – Without Cyber-Security risk:
- Gain the advantages of CANBUS-connected devices – OBDII DTCs, Realtime vehicle data, Diagnostics and prognostics applications etc.
- Strong, demonstratable protection for the Vehicle CANBUS against Cyber-attacks as well as Telematics devices malfunctions and misconfigurations
- Reduce friction with vehicle OEMs over connecting aftermarket devices to the CANBUS
- Commercial Fleet managers:
- Make your fleet Cyber-Secure:
- Strong Cyber-Protection for existing and new fleets of connected-vehicles
- Enable the functionality of CANBUS-connected Aftermarket devices – Without the risk from Cyber-Attacks or device malfunctions
- All this, without any dependency on either the Vehicle manufacturer or the Aftermarket device supplier
- Aftermarket Installers:
- Install CANBUS-connected Aftermarket devices – Without the risk from Cyber-Attacks or device malfunctions:
- Be completely Independent:
our Cyber-Security devices can be installed with absolutely no dependency on either the Vehicle manufacturer or the Aftermarket device supplier - Reduce friction with vehicle OEMs over connecting aftermarket devices to the CANBUS
- Tier-1 and OEMs that are concerned with the risk of Cyber-Attacks against connected vehicles:
- Enable Effective, Simple, practical and low-cost solution for Cyber-Secure CANBUS-connected devices / ECUs:
- Easy to integrate into existing designs with minimal changes
- Simplified Cyber-Security solution for new designs as well as existing devices
- Create In-Vehicle Cyber-Secure CANBUS connection-points ('Domains') for OEM and Aftermarket connected-devices
More: OttoSec CANBUS Firewall
Why choose OttoSec?
| OttoSec HW Firewall | Software Solution | "Smart" Transceiver | |
|---|---|---|---|
| Solution Type: | Independent Hardware device | Software on Host ECU | Component in Host device / ECU |
| Security: | |||
| • Attack Surface | Small | Large | Depends on host device |
| • Host OS compromise | Not vulnerable | Vulnerable | Depends on implementation |
| • Denial-Of-Service Attack | Not vulnerable | Vulnerable | Vulnerable |
| Protection Mechanism: | |||
| • Network Segmentation | Yes | No | No |
| • Basic Filtering | Yes | Yes | Yes |
| • Stateful / Advanced Filtering | Yes | Yes | No |
| • Rate limiting | Yes | Yes | Yes |
| • Transmission Interference*1 | No | No | Yes |
| Protection Effectiveness: | |||
| • Denial-Of-Service | Effective | Not Effective | Only effective for host device |
| • Impersonation | Effective | Not Effective | Somewhat Effective*2 |
| • Transmission Interference*3 | Effective | Not Effective | Not Effective |
| • Illegal/malformed data | Effective | Effective | Not Effective |
| • Attacks from After-market devices*4 | Effective | Not effective | Not Effective |
| Performance: | |||
| • Filtering Throughput | Full Wire-Speed | Affected by ECU load | Full Wire-Speed |
| • Stability | Very good | Affected by Host OS | Excellent (Hardware Device) |
| Update Features: | |||
| • Filtering Rule Updates | Yes | Yes | No |
| • Remote management | Yes | Yes | No |
| • Remote Firmware Update | Yes | Yes | Not Applicable |
| Installation / Integration Options: | |||
| • After-market Retrofit | Yes | No | No |
| • Automotive OEM Integration | Yes | Yes | Yes |
| • Equipment OEM Integration | Yes | Yes | No |
| • Integration Cost | Low | High | Low |
| • Cost per unit | Low | Very Low | Low |
| • Required instances | One per Segment | On every ECU | On every ECU |
| • Available for | Any vehicle on the road | Future models | Future models |
| *1 Transmission-Interference techniques may cause a Denial-of-service condition on the bus | |||
| *2 These devices use Transmission-Interference, which might cause network reliability issues, or even be exploited to perform a Denial-of-service attack | |||
| *3 Transmission-Interference is usually performed by causing intentional bit collusions or transmitting NACK bits in violation of CANBUS standards | |||
| *4 Protection against attacks originating from devices that were installed after the vehicle was manufactured, by either the vehicle owner or the dealership | |||
OttoSec Hardware
Stand-alone CANBUS Firewall for Aftermarket installation
Easy installation and configuration on any existing vehicle
CANBUS Firewall SOM (System On a Module) for OEM integration
Low cost and low board-space - Practical solution for hardware manufacturers