Trusted products and services for embedded security. Join-us on Linkedin

Automotive

Protecting the connected cars

The automotive industry is undergoing drastic changes as it is embracing innovations coming from the semiconductor and mobile telecommunication industries, up to the point where cars and trucks are quickly turning into “smartphones-on-wheels”.

This has created a situation where connected cars are under serious threats of massive cyberattacks. The automotive industry is fully aware of the changes that need to take place to answer to this challenge.

A new regulation for automotive

In order to support this change, the United Nations as issued a new regulation requiring car manufacturers to secure vehicles against cyberattacks.

In the European Union, the new regulation on cybersecurity will be mandatory for all new vehicle types from July 2022 and will become mandatory for all new vehicles produced from July 2024. Moreover, the UNECE Regulation and related ISO standards apply to all of the automotive stakeholders who must ensure that their products and services conform to the cybersecurity requirements referred as “UNECE WP.29/R155 cybersecurity requirements”.

Helping car OEM and Tier1 to comply with the WP.29/R155 cybersecurity requirements

ProvenRun provides services and solutions that will help car OEM and Tier1 to fully comply with the UNECE WP.29/R155 cybersecurity requirements at all steps of their product lifecycle by providing:

  • Security consulting services to help companies to establish a WP.29/R155-approved Cyber Security Management System (CSMS),
  • Security engineering services and Secure-by-Design solutions that help implementing in the most cost-effective way the WP.29/R155 mitigations for security-critical automotive ECUs such as such as gateways, telematic units, V2X units, ADAS and whenever needed the e-clusters and infotainment systems.

Security-by-design solutions

When securing-by-design the critical ECUs of connected vehicles, security engineers can in effect rely on three pillars:

  • HSM or hardware coprocessors for the Root of Trust, cryptographic operations and transactions,
  • Secure Operating Systems (OSs) or Trusted Execution Environments (TEEs),
  • Hardware- or software-based hypervisors.

In order to resist to sophisticated remote attacks targeting connected systems, secure OSs need to be formally proven in order to be as close as possible to zero defects. Hypervisors need to provide real separation against attacks. Both need to be certifiable at the highest level of security. This is what we have developed at ProvenRun.

Our secure software components for the TCB

We provide two unique critical off-the-shelf software components:

  • ProvenCore: A next-generation ultra-secure OS (TEE) available for ARM Cortex-A, Cortex-M and RISC-V processors.
  • ProvenVisor: An ultra-secure hypervisor available for ARM Cortex-A processors.

With ProvenCore and ProvenVisor, ProvenRun brings to the market secure-by-design solutions that provide a distinctively higher security level than existing solutions and a cost-effective way to meet the WP.29/R155 security mitigation requirements for security-critical ECUs (gateways, telematic units, V2X units, ADAS, infotainment systems).

Please contact us for more details.

Our services
for Automotive

Security Consulting

Security Consulting

ProvenRun offers security consulting services to help customers answering to the security challenges of their infrastructure of connected devices and ...

More details
Security Engineering

Security Engineering

At ProvenRun, we have industry-recognized software experts, backed by years of experience in the digital security market, with world-class expertise ...

More details

Off-the-shelf products
for Automotive

ProvenCore

ProvenCore

ProvenCore is an ultra secure OS developed using deductive formal methods. It is a key milestone for being able to develop secure-by-design connected devices in many sectors (automotive, railways, aeronautics, energy, industrial, medical, etc.) in a cost-effective way

More details
ProvenVisor

ProvenVisor

ProvenVisor is a secure and certifiable hypervisor that security architects can use as an off-the-shelf certifiable component for their connected device’s Trusted Computing Base.

More details