Collecting vehicle telemetries and vehicle data is super-important for securing the vehicle in post-production. The reason is that in post-production, we need to protect the vehicle against attacks that were known at the time of the vehicle development, but also against new attacks that were unknown while the vehicle was developed. And these new attacks are result of new attack techniques and new services that are being introduced to the market.
This is why CSMS actually requires the OEM to detect cyber attacks based on vehicle logs. And if you look specifically
at the requirement, in CSMS, it’s required to have detection, a centralized detection system that is based on vehicle logs, detects cyber attacks, and provides a response within a reasonable timeframe to these attacks.
In the Vehicle Type requirements, it’s required to secure critical elements in the vehicle, but also to emit meaningful telemetry that will enable this type of post-production detection for vehicles while they’re on the road.
And when you combine these two requirements, you get a very powerful way to detect attacks in a centralized manner as
part of the management system.
So, such a detection system really enables a very broad coverage of the threats listed in Annex 5 of the WP.29, but also because you collect telemetries from millions of vehicles, you really can create a very strong baseline that describes the normal
behavior of the vehicle and have an effective anomaly detection system that can also help detect unknown attacks.
Lastly, when you collect lots of telemetries, you can not only detect the attack, but you can apply forensics and really detect the root cause of the attack.
Ford Trucks Collaborates with Upstream Security to Protect Its Connected Vehicles Against Cybersecurity Risks
Automotive Fraud Management Product Sheet
Monitor and detect fraudulent activities targeted to bypass subscription fees, gain access to premium features, and manipulate vehicles for warranty-related gainsMore Details
Watch: Contextual API security – Protecting vehicle fleet infrastructure and critical data
APIs are powerful innovation enablersand also prime targets for cybersecurity attacks. In this webinar, experts from AWS and Upstream explain why API discovery, monitoring, and…More Details
Contextual API security – Protecting vehicle fleet infrastructure and critical data
APIs are powerful innovation enablers…and also prime targets for cybersecurity attacks. In this webinar, experts from AWS and Upstream explain why API discovery, monitoring, and detection mustMore Details
API Security for Fleet Management Platforms
Upstream’s API Security Is Purpose-Built to Protect Business Operations, Applications and ServicesMore Details
API Security Product Sheet
Upstream’s API Security solution is uniquely designed to correlate between API traffic and the contextual impact they have on operational systems and assets.More Details