OnBoard Security InSights

TPM - a Powerful, Inexpensive Security Building Block

Posted by Lee Wilson on Mar 22, 2018 1:51:50 PM

There are two worlds of computer security - high-end systems and then everything else. Both high- and low-end systems typically employ “top-down” defenses to harden their attack surfaces. These are “software-only” security techniques.

Read More

Topics: Cyptography, Internet of Things, Embedded Security, Cyber Security, TPM, TSS, Trusted Computing, IoT,

The OnBoard Security Mission

Posted by Peter Samson on Jan 11, 2018 12:24:30 PM

I often get asked, what is the company’s mission?

Read More

Topics: NTRU, Cyptography, Quantum Computing, Automotive, Privacy, Internet of Things, V2X, Embedded Security, Autonomous Vehicles, Regulation, Cyber Security, TPM, TSS, Trusted Computing, V2V, BCAM, SCMS, Research, Connected Vehicles, IoT,, DSRC

Why Consumers Need to Start Caring About Secure IoT

Posted by Gene Carter on Oct 27, 2017 10:12:33 AM

On Friday October 21, 2016, Dyn was subjected to two large Distributed Denial of Service (DDoS) attacks against their internet-address lookup Managed DNS infrastructure. The attackers used Mirai botnets launched from over 100,000 endpoints including cameras, DVRs and baby monitors to generate the significant volume of attack traffic. Affected services included Amazon, Spotify, Netflix and the New York Times.

Read More

Topics: Privacy, Internet of Things, Regulation, Cyber Security, Connected Vehicles, IoT,

Broadening Support of DSRC for V2V Safety

Posted by Gene Carter on Oct 2, 2017 12:10:17 PM

Toyota recently sent a letter to the Federal Communications Commission (FCC) urging them to protect the 5.9 GHz band for Dedicated Short Range Communications (DSRC), the technology behind Vehicle-to-Vehicle (V2V)communications. Toyota noted that “The market leaders in Japan (Toyota), Europe (Volkswagen), and the United States (General Motors) have now either begun deployment of DSRC technology or announced a specific deployment plan for the technology.”

Read More

Topics: Automotive, Internet of Things, V2X, Cyber Security, V2V, Connected Vehicles, DSRC

Why Don’t More Cars Update Their Software Automatically?

Posted by Gene Carter on Sep 20, 2017 3:41:43 PM

Tesla is the only major automaker that offers over the air (OTA) updates of both software and firmware. This allows Tesla to add new features like new voice commands, driver profiles or blind spot warnings that weren’t available when the car was purchased. It also allows them to fix bugs that were either causing the car to not function as intended or to discourage potential hackers by patching vulnerabilities soon after they are discovered.

Read More

Topics: Automotive, Internet of Things, V2X, Autonomous Vehicles, Cyber Security, Connected Vehicles

Iot Devices - With Greater Connectivity Comes Greater Vulnerabilities

Posted by Gene Carter on Jul 28, 2017 9:41:34 AM

The IoT, or the "Internet of Things," represents an exciting period of innovation in our lives. It describes a world of devices all connected to the internet, a world in which inanimate technology that we use and see every day is becoming smarter. It also predicts a continuous journey towards greater ease and convenience, a future in which technology interacts with us as much as we do with it. As you can imagine, this comes with both perks and drawbacks.

Read More

Topics: Internet of Things, Embedded Security, Regulation, Trusted Computing

Why IoT Devices Need Trusted Computing

Posted by Gene Carter on Jun 29, 2017 8:45:00 AM

Over the past year, there have been a rush of Internet of Things (IoT) cyber-attacks, the most famous of which was the IoT Denial of Service attack on Dyn that disrupted internet traffic for a day. As more IoT devices are deployed, the frequency of serious cyber-attacks will only increase, and increase quickly. Many consumer IoT manufacturers are under intense schedule and cost pressures where a delay to add cyber security could be the difference between success and failure. Industrial IoT companies have a different problem, where long product lifecycles make security difficult to manage and almost impossible to retroactively deploy.

Read More

Topics: Internet of Things, Cyber Security, TPM, TSS, Trusted Computing

Closer to Proving the NTRU Assumption

Posted by Zhenfei Zhang on Apr 20, 2017 3:57:28 PM

NTRU is a cryptosystem that uses a special type of polynomial ring. The underlying hardness assumption, known as the NTRU assumption, is that an inverse of a short polynomial (polynomial whose coefficients are very short compared to the modulus q) is indistinguishable from a uniformly random polynomial in this ring. This indistinguishability is crucial in designing a cryptosystem.

Read More

Topics: NTRU, Cyptography, Quantum Computing, Internet of Things, Embedded Security

Automotive Cybersecurity Best Practices

Posted by Gene Carter on Apr 17, 2017 4:58:39 PM

In July 2016, the Automotive Information Sharing and Analysis Center (Auto-ISAC) released "Automotive Cybersecurity Best Practices" for carmakers and their suppliers. This document expands on their "Framework for Automotive Cybersecurity Best Practices" published in January 2016. This is the first time the automakers have addressed cybersecurity in a formal manner and a strong sign they are treating hacker threats seriously.

Read More

Topics: Automotive, Internet of Things, V2X, Embedded Security, Autonomous Vehicles

Comments on the US DOT V2X Mandate

Posted by Gene Carter on Apr 13, 2017 1:12:08 PM

OnBoard Security, the embedded security division of Security Innovation, recently commented on the US Department of Transportation’s Notice of Proposed Rulemaking (NPRM) on V2V communications. OnBoard Security strongly supports the establishment of the proposed regulation since the number of lives saved increases dramatically as the number of cars with V2V increases. Widespread penetration of the technology, and the corresponding prevention of deaths, can only be reached in a reasonable time with a mandate.

Read More

Topics: Automotive, Privacy, Internet of Things, V2X, Embedded Security, Autonomous Vehicles

Learn About the Latest in IoT Security from Our Team of Experts


OnBoard Security's security experts share insights on the latest security topics in:

  • Connected Cars
  • Autonomous Vehicles
  • Internet of Things
  • Quantum Computing

Subscribe to Email Updates

Recent Posts