OnBoard Security InSights

Securing Access to Your Car’s Data

Posted by Gene Carter on Oct 15, 2018 10:22:09 AM

The Onboard Diagnostics Port (OBD) has been required for all cars sold in the US since 1996 and in Europe since 2001. Prompted by the need to simplify the diagnosis of increasingly complex emission control systems, the OBD-II improved on previous implementations by providing standardized condition codes for the auto repair and tuning markets. Standardized access to this data has helped spawn a robust aftermarket of plug-in devices to allow consumers to monitor their teen drivers, earn discounts from insurers, or gain insights into the performance and health of their vehicles. Similar devices allow fleet managers to monitor the condition, performance and behavior of their vehicles. Nearly all of these dongles offer a wireless connection for the convenience of their customers. Unfortunately, a wireless connection also provides a potential path for hackers to gain entry to the car’s internal networks. 

Read More

Topics: Connected Vehicles, Regulation, Cyber Security, Autonomous Vehicles, Embedded Security, Automotive, Privacy

Secure Multiparty Computation

Posted by Gene Carter on Sep 27, 2018 10:14:00 AM

Recently, our customer, Rivetz, announced their Dual Roots of Trust solution to protect private keys in a mobile phone, even if one of the systems is compromised. The Rivetz software generates and distributes the private key between the two roots – the Trusted Execution Environment (TEE) running in ARM TrustZone and the SIM card. This means that both roots would have to be compromised in order to get the user’s private key.  Since the TEE is controlled by the phone manufacturer and the SIM is controlled by the mobile carrier, the user’s data is also protected from insider attacks or a vendor security breach.

Read More

Topics: Blockchain, SCMS, Trusted Computing, Cryptography, Privacy, garbled circuits, secure computation, Cyber Security, Research

Setting Security Goals and Requirements

Posted by Lee Wilson on Aug 16, 2018 12:57:00 PM

To get a clear view of your security goals and requirements it is very useful to categorize your project into one of four target environments.  

Read More

Topics: Internet of Things, Privacy, Cyber Security

The OnBoard Security Mission

Posted by Peter Samson on Jan 11, 2018 12:24:30 PM

I often get asked, what is the company’s mission?

Read More

Topics: DSRC, Connected Vehicles, Research, V2V, TPM, Trusted Computing, TSS, Cyber Security, Autonomous Vehicles, Embedded Security, Regulation, Automotive, V2X, Internet of Things, Privacy, Quantum Computing, Cryptography, NTRU, BCAM, SCMS

Why Consumers Need to Start Caring About Secure IoT

Posted by Gene Carter on Oct 27, 2017 10:12:33 AM

On Friday October 21, 2016, Dyn was subjected to two large Distributed Denial of Service (DDoS) attacks against their internet-address lookup Managed DNS infrastructure. The attackers used Mirai botnets launched from over 100,000 endpoints including cameras, DVRs and baby monitors to generate the significant volume of attack traffic. Affected services included Amazon, Spotify, Netflix and the New York Times.

Read More

Topics: Cyber Security, Internet of Things, Privacy, Connected Vehicles, Regulation

The country’s largest V2X implementation – Securing New York’s Connected Vehicle Pilot

Posted by Gene Carter on Jul 20, 2017 9:25:00 AM

In September 2016, the U.S. Department of Transportation (USDOT) awarded three Connected Vehicle (CV) Pilot Deployment Programs: New York City (NYC), Tampa and Wyoming. The CV Pilot Program will test and operationalize cutting-edge vehicle to vehicle (V2V) and vehicle to infrastructure (V2I) technologies, including in-vehicle wireless, mobile devices, and roadside equipment that have the potential to reduce accidents, save lives, improve productivity, enhance mobility, and lessen the environmental impact of city traffic. The NYC CV pilot will feature an estimated 8,000 vehicles outfitted with V2X equipment, including 5,850 taxis, 1,250 MTA vehicles, 400 UPS trucks, and 500 city vehicles. There will be approximately 350 roadside units installed at Manhattan and Brooklyn intersections and on FDR drive. Additionally, 100 vulnerable road user (pedestrians and bicyclists) devices will be deployed to study the effectiveness of V2X technology in reducing NYC's high rate (5 times the national average) of crash fatalities involving pedestrians.

Read More

Topics: Automotive, Cyber Security, Privacy, Embedded Security, V2X, V2V, Connected Vehicles

What Cyber Security Should be Required in a Car?

Posted by Gene Carter on Jun 20, 2017 11:04:36 AM

On June 14, 2017, the US Senate Committee on Commerce, Science, and Transportation convened a hearing titled "Paving the Way for Self-Driving Vehicles."  During the nearly 2.5-hour session, senators and expert witnesses discussed a wide-range of topics regarding autonomous vehicles, including insurance, access for the disabled, impact on safety and drunk driving, etc. The hearing consisted of several polite exchanges of ideas and plans, until Senator Ed Markey pressed the witnesses on their thoughts on mandatory Federal Cyber Security regulations in automotive.

Read More

Topics: Automotive, Privacy, Cyber Security, Autonomous Vehicles, Regulation

Comments on the US DOT V2X Mandate

Posted by Gene Carter on Apr 13, 2017 1:12:08 PM

OnBoard Security, the embedded security division of Security Innovation, recently commented on the US Department of Transportation’s Notice of Proposed Rulemaking (NPRM) on V2V communications. OnBoard Security strongly supports the establishment of the proposed regulation since the number of lives saved increases dramatically as the number of cars with V2V increases. Widespread penetration of the technology, and the corresponding prevention of deaths, can only be reached in a reasonable time with a mandate.

Read More

Topics: Automotive, Internet of Things, V2X, Autonomous Vehicles, Embedded Security, Privacy

Learn About the Latest in IoT Security from Our Team of Experts

 

OnBoard Security's security experts share insights on the latest security topics in:

  • Connected Cars
  • Autonomous Vehicles
  • Internet of Things
  • Quantum Computing

Subscribe to Email Updates

Recent Posts