OnBoard Security InSights

2018: A Year of Successful Growth for OnBoard Security

Posted by Gene Carter on Dec 18, 2018 10:07:14 AM

2018 has been an eventful year for OnBoard Security® and the markets we serve. The year started with a bang when OnBoard Security was spun off from Security Innovation®, becoming an independent company with the mission to help Automotive and IoT manufacturers stay ahead of the curve in cyber security. As an independent company, we are better positioned to focus on filling critical cyber security gaps in our target markets.

Read More

Topics: Cryptography, Automotive, Privacy, Internet of Things, V2X, Embedded Security, Autonomous Vehicles, Cyber Security, TPM, TSS, Trusted Computing, V2V, SCMS, Research, Connected Vehicles, DSRC, Blockchain, V2I

Securing Access to Your Car’s Data

Posted by Gene Carter on Oct 15, 2018 10:22:09 AM

The Onboard Diagnostics Port (OBD) has been required for all cars sold in the US since 1996 and in Europe since 2001. Prompted by the need to simplify the diagnosis of increasingly complex emission control systems, the OBD-II improved on previous implementations by providing standardized condition codes for the auto repair and tuning markets. Standardized access to this data has helped spawn a robust aftermarket of plug-in devices to allow consumers to monitor their teen drivers, earn discounts from insurers, or gain insights into the performance and health of their vehicles. Similar devices allow fleet managers to monitor the condition, performance and behavior of their vehicles. Nearly all of these dongles offer a wireless connection for the convenience of their customers. Unfortunately, a wireless connection also provides a potential path for hackers to gain entry to the car’s internal networks. 

Read More

Topics: Automotive, Privacy, Embedded Security, Autonomous Vehicles, Regulation, Cyber Security, Connected Vehicles

Secure Multiparty Computation

Posted by Gene Carter on Sep 27, 2018 10:14:00 AM

Recently, our customer, Rivetz, announced their Dual Roots of Trust solution to protect private keys in a mobile phone, even if one of the systems is compromised. The Rivetz software generates and distributes the private key between the two roots – the Trusted Execution Environment (TEE) running in ARM TrustZone and the SIM card. This means that both roots would have to be compromised in order to get the user’s private key.  Since the TEE is controlled by the phone manufacturer and the SIM is controlled by the mobile carrier, the user’s data is also protected from insider attacks or a vendor security breach.

Read More

Topics: Cryptography, Privacy, Cyber Security, Trusted Computing, SCMS, Research, Blockchain, garbled circuits, secure computation

Protecting the Electric Vehicle Ecosystems from Cyber-Attacks

Posted by Gene Carter on Sep 20, 2018 11:41:20 AM

Last year Americans purchased slightly less than 200,000 electric vehicles which are supported by approximately 47,000 US charging stations, according to Statista.  The growth rate of electric vehicles is high and shows no signs of slowing down.

Read More

Topics: Automotive, Autonomous Vehicles, Cyber Security, V2V, Connected Vehicles, GPS, Navigation

Setting Security Goals and Requirements

Posted by Lee Wilson on Aug 16, 2018 12:57:00 PM

To get a clear view of your security goals and requirements it is very useful to categorize your project into one of four target environments.  

Read More

Topics: Privacy, Internet of Things, Cyber Security

Whitepaper: Setting and Achieving Security Design Goals

Posted by Lee Wilson on Aug 6, 2018 12:53:00 PM

This whitepaper provides a framework on system security design and the security software needed to achieve a system’s security goal.  Four software models are examined and critiqued, with recommended strategies for choosing vendors within those differing models.

Read More

Topics: Internet of Things, Cyber Security

Top-Down and Bottom-Up Defenses to Secure IoT

Posted by Lee Wilson on May 24, 2018 12:14:38 PM
Many IoT device manufacturers understand the need for cyber security but aren’t sure where to begin. To add to the confusion, some security vendors will claim their firewall or password system or a “magic bullet” will protect your system from every type of attack. Don’t believe the hype.
Read More

Topics: Cryptography, Internet of Things, Embedded Security, Cyber Security, TPM, TSS

Trusted Computing Primary Use Cases

Posted by Lee Wilson on May 17, 2018 1:18:08 PM

There are four primary use cases for implementing trusted computing with a Trusted Platform Module (TPM), the cryptographic module standardized by the Trusted Computing Group. This blog will give a brief overview of those use cases, which can be combined to create more complex and powerful solutions.

Read More

Topics: Internet of Things, Embedded Security, Cyber Security, TPM, TSS, Trusted Computing

Learn About the Latest in IoT Security from Our Team of Experts

 

OnBoard Security's security experts share insights on the latest security topics in:

  • Connected Cars
  • Autonomous Vehicles
  • Internet of Things
  • Quantum Computing

Recent Posts