OnBoard Security InSights

Gene Carter

Gene is OnBoard Security's VP of Products and is responsible for Product Management and Marketing of all products, including Aerolink®, TSS and NTRU. Gene was the Director of Products at Security Innovation’s SI-Embedded Division. Before joining Security Innovation in 2013, Gene has spent the past 20 years in embedded and automotive product management roles for NXP Semiconductors, Philips Semiconductors, and Coto Technology. He holds an MBA from the University of Southern California’s Marshall School of Business and a BSc in Electrical Engineering from Tufts University.
Find me on:

Recent Posts

Why Don’t More Cars Update Their Software Automatically?

Posted by Gene Carter on Sep 20, 2017 3:41:43 PM

Tesla is the only major automaker that offers over the air (OTA) updates of both software and firmware. This allows Tesla to add new features like new voice commands, driver profiles or blind spot warnings that weren’t available when the car was purchased. It also allows them to fix bugs that were either causing the car to not function as intended or to discourage potential hackers by patching vulnerabilities soon after they are discovered.

Read More

Topics: Automotive, Internet of Things, V2X, Autonomous Vehicles, Cyber Security, Connected Vehicles

UK Offers Cyber Security Guidance to Automotive Industry

Posted by Gene Carter on Aug 17, 2017 8:37:00 AM

Recently, the UK government released "The key principles of vehicle cyber security for connected and automated vehicles." This guidance document provides key cyber security principles for use by the automotive industry and its suppliers. This follows the US Government's guidelines that were issued last fall.

Read More

Topics: Automotive, Autonomous Vehicles, Regulation, Cyber Security, Connected Vehicles

Iot Devices - With Greater Connectivity Comes Greater Vulnerabilities

Posted by Gene Carter on Jul 28, 2017 9:41:34 AM

The IoT, or the "Internet of Things," represents an exciting period of innovation in our lives. It describes a world of devices all connected to the internet, a world in which inanimate technology that we use and see every day is becoming smarter. It also predicts a continuous journey towards greater ease and convenience, a future in which technology interacts with us as much as we do with it. As you can imagine, this comes with both perks and drawbacks.

Read More

Topics: Internet of Things, Embedded Security, Regulation, Trusted Computing

The country’s largest V2X implementation – Securing New York’s Connected Vehicle Pilot

Posted by Gene Carter on Jul 20, 2017 9:25:00 AM

In September 2016, the U.S. Department of Transportation (USDOT) awarded three Connected Vehicle (CV) Pilot Deployment Programs: New York City (NYC), Tampa and Wyoming. The CV Pilot Program will test and operationalize cutting-edge vehicle to vehicle (V2V) and vehicle to infrastructure (V2I) technologies, including in-vehicle wireless, mobile devices, and roadside equipment that have the potential to reduce accidents, save lives, improve productivity, enhance mobility, and lessen the environmental impact of city traffic. The NYC CV pilot will feature an estimated 8,000 vehicles outfitted with V2X equipment, including 5,850 taxis, 1,250 MTA vehicles, 400 UPS trucks, and 500 city vehicles. There will be approximately 350 roadside units installed at Manhattan and Brooklyn intersections and on FDR drive. Additionally, 100 vulnerable road user (pedestrians and bicyclists) devices will be deployed to study the effectiveness of V2X technology in reducing NYC's high rate (5 times the national average) of crash fatalities involving pedestrians.

Read More

Topics: Automotive, Privacy, V2X, Embedded Security, Cyber Security, V2V, Connected Vehicles

Eliminating the Need for Bidirectional Connectivity for V2V Certificate Updates

Posted by Gene Carter on Jul 14, 2017 8:45:00 AM

Certified Reproducible BCAM System will be presented at ACM WiSec 2017

Read More

Topics: Automotive, V2V, BCAM, ACM, SCMS, Research

Why IoT Devices Need Trusted Computing

Posted by Gene Carter on Jun 29, 2017 8:45:00 AM

Over the past year, there have been a rush of Internet of Things (IoT) cyber-attacks, the most famous of which was the IoT Denial of Service attack on Dyn that disrupted internet traffic for a day. As more IoT devices are deployed, the frequency of serious cyber-attacks will only increase, and increase quickly. Many consumer IoT manufacturers are under intense schedule and cost pressures where a delay to add cyber security could be the difference between success and failure. Industrial IoT companies have a different problem, where long product lifecycles make security difficult to manage and almost impossible to retroactively deploy.

Read More

Topics: Internet of Things, Cyber Security, TPM, TSS, Trusted Computing

What Cyber Security Should be Required in a Car?

Posted by Gene Carter on Jun 20, 2017 11:04:36 AM

On June 14, 2017, the US Senate Committee on Commerce, Science, and Transportation convened a hearing titled "Paving the Way for Self-Driving Vehicles."  During the nearly 2.5-hour session, senators and expert witnesses discussed a wide-range of topics regarding autonomous vehicles, including insurance, access for the disabled, impact on safety and drunk driving, etc. The hearing consisted of several polite exchanges of ideas and plans, until Senator Ed Markey pressed the witnesses on their thoughts on mandatory Federal Cyber Security regulations in automotive.

Read More

Topics: Automotive, Privacy, Autonomous Vehicles, Regulation, Cyber Security

Automotive Cybersecurity Best Practices

Posted by Gene Carter on Apr 17, 2017 4:58:39 PM

In July 2016, the Automotive Information Sharing and Analysis Center (Auto-ISAC) released "Automotive Cybersecurity Best Practices" for carmakers and their suppliers. This document expands on their "Framework for Automotive Cybersecurity Best Practices" published in January 2016. This is the first time the automakers have addressed cybersecurity in a formal manner and a strong sign they are treating hacker threats seriously.

Read More

Topics: Automotive, Internet of Things, V2X, Embedded Security, Autonomous Vehicles

Comments on the US DOT V2X Mandate

Posted by Gene Carter on Apr 13, 2017 1:12:08 PM

OnBoard Security, the embedded security division of Security Innovation, recently commented on the US Department of Transportation’s Notice of Proposed Rulemaking (NPRM) on V2V communications. OnBoard Security strongly supports the establishment of the proposed regulation since the number of lives saved increases dramatically as the number of cars with V2V increases. Widespread penetration of the technology, and the corresponding prevention of deaths, can only be reached in a reasonable time with a mandate.

Read More

Topics: Automotive, Privacy, Internet of Things, V2X, Embedded Security, Autonomous Vehicles

Feds' Automated Vehicle Guidance Stresses Cybersecurity by Design

Posted by Gene Carter on Mar 31, 2017 4:52:21 PM

The National Highway Traffic Safety Administration (NHTSA), part of the US Department of Transportation recently issued their much anticipated Federal Automated Vehicles Policy. This 116-page document is guidance, not mandatory rule-making to "guide manufacturers and other entities in the safe design, development, testing, and deployment of HAVs [Highly Automated Vehicles]."

Read More

Topics: Automotive, Internet of Things, V2X, Embedded Security