OnBoard Security InSights

Securing Access to Your Car’s Data

Posted by Gene Carter on Oct 15, 2018 10:22:09 AM

The Onboard Diagnostics Port (OBD) has been required for all cars sold in the US since 1996 and in Europe since 2001. Prompted by the need to simplify the diagnosis of increasingly complex emission control systems, the OBD-II improved on previous implementations by providing standardized condition codes for the auto repair and tuning markets. Standardized access to this data has helped spawn a robust aftermarket of plug-in devices to allow consumers to monitor their teen drivers, earn discounts from insurers, or gain insights into the performance and health of their vehicles. Similar devices allow fleet managers to monitor the condition, performance and behavior of their vehicles. Nearly all of these dongles offer a wireless connection for the convenience of their customers. Unfortunately, a wireless connection also provides a potential path for hackers to gain entry to the car’s internal networks. 

Read More

Topics: Connected Vehicles, Regulation, Cyber Security, Autonomous Vehicles, Embedded Security, Automotive, Privacy

Protecting the Electric Vehicle Ecosystems from Cyber-Attacks

Posted by Gene Carter on Sep 20, 2018 11:41:20 AM

Last year Americans purchased slightly less than 200,000 electric vehicles which are supported by approximately 47,000 US charging stations, according to Statista.  The growth rate of electric vehicles is high and shows no signs of slowing down.

Read More

Topics: Navigation, GPS, Connected Vehicles, V2V, Cyber Security, Autonomous Vehicles, Automotive

Attacking Automated Vehicles Through GPS Spoofing

Posted by Jonathan Petit on Aug 22, 2018 10:57:17 AM

Most drivers place full trust in their GPS navigation systems to guide them to their destination. But what if those navigation systems can’t be trusted.

Read More

Topics: Connected Vehicles, GPS, Navigation

Connected Cars Security - Q&A

Posted by William Whyte on Feb 12, 2018 11:25:56 AM

OnBoard Security’s Chief Technology Officer, Dr. William Whyte, has been involved in Vehicle-to-Everything (V2X) communications security for nearly 20 years. He is the editor of the IEEE 1609.2 security standard and has consulted for numerous automaker, the US Dept. of Transportation (DOT) and transportation organizations around the world. He is frequently asked to explain V2X security and give insights on potential vulnerabilities in the system.

Read More

Topics: DSRC, Connected Vehicles, Research, SCMS, V2V, Regulation, Autonomous Vehicles, Automotive, V2X

What are Automated Vehicle Security Concerns?

Posted by Jonathan Petit on Jan 24, 2018 3:25:56 PM

At the Automated Vehicles Symposium (AVS) 2017, I addressed a plenary talk to the ~1,500 attendees, stating that even though it is unanimously considered as paramount, cybersecurity is still an after-thought. Or at least it still feels like it. Indeed, for the last two AVS editions, the cybersecurity breakout session reported similar open challenges, but no real changes have been seen since. In order to move the security needle, we took a different approach and didn't organize a cybersecurity breakout session. Instead, we identified that the missing components were the lack of inputs coming from the community of experts. To be able to build a more resilient system, cybersecurity experts should know about the limitations of each subsystem, and possible "nightmare scenarios".

Read More

Topics: Connected Vehicles, Research, Cyber Security, Automotive, Insider, Autonomous Vehicles, Embedded Security

The OnBoard Security Mission

Posted by Peter Samson on Jan 11, 2018 12:24:30 PM

I often get asked, what is the company’s mission?

Read More

Topics: DSRC, Connected Vehicles, Research, V2V, TPM, Trusted Computing, TSS, Cyber Security, Autonomous Vehicles, Embedded Security, Regulation, Automotive, V2X, Internet of Things, Privacy, Quantum Computing, Cryptography, NTRU, BCAM, SCMS

Secure Crypto Key Management for Automotive

Posted by Gene Carter on Nov 1, 2017 12:21:38 PM

Car makers use cryptographic keys for a variety of purposes, including Over-The-Air (OTA) software updates, security immobilizers, inter-module communications, and Vehicle-to-Everything (V2X) communication security. Key Management Systems (KMS) are very complex, as the manufacturer has to manage dozens of keys for each car model, both at production and when new components are introduced during repairs, and they must maintain these keys over the long lifetime of a car. Key Management is a daunting task.

Read More

Topics: Automotive, Autonomous Vehicles, Connected Vehicles, Cyber Security, Cryptography, Embedded Security, Research, Internet of Things

Why Consumers Need to Start Caring About Secure IoT

Posted by Gene Carter on Oct 27, 2017 10:12:33 AM

On Friday October 21, 2016, Dyn was subjected to two large Distributed Denial of Service (DDoS) attacks against their internet-address lookup Managed DNS infrastructure. The attackers used Mirai botnets launched from over 100,000 endpoints including cameras, DVRs and baby monitors to generate the significant volume of attack traffic. Affected services included Amazon, Spotify, Netflix and the New York Times.

Read More

Topics: Cyber Security, Internet of Things, Privacy, Connected Vehicles, Regulation

Learn About the Latest in IoT Security from Our Team of Experts

 

OnBoard Security's security experts share insights on the latest security topics in:

  • Connected Cars
  • Autonomous Vehicles
  • Internet of Things
  • Quantum Computing

Subscribe to Email Updates

Recent Posts