Gasgoo Awards 2023 applicant: deCORE AUTO from vecentek Co., Ltd.

Product: deCORE AUTO 

Description

The overall solution of intelligent vehicle cyber security, covering IVI, TBOX, intelligent cockpit, automatic driving system, gateway, control type ECU and other vehicle internal components, as well as service platforms and mobile devices and other intelligent vehicle network connection system elements, can provide intelligent vehicle The networked system establishes a layer-based defense-in-depth system. Mainly include the following security products: 1. Cryptographic Module—deCORE Crypto: It provides cryptographic algorithm services for intelligent vehicle. It is the basic product for realizing intelligent vehicle cyber security. It provides key management, international mainstream cryptographic algorithms, national cryptographic algorithms, and certificate management services. 2. Intrusion Detection and Prevention System—deCORE IDPS: Provides security functions such as vehicle network firewall, network intrusion detection and defense, and security log to identify vehicle network anomalies and attack events, and realize vehicle network anomaly detection, attack protection, and event reporting. Effectively Improve the capabilities of vehicle network threat perception, security analysis, situation presentation, emergency response and disposal, and security monitoring, provide systemic defense of the vehicle network, and support firewalls, intrusion detection and defense, deep packet inspection, behavior detection, and security logs. 3. Security Operation Center—deCORE vSOC: Based on the vehicle network firewall, network intrusion detection and defense, security log and other security functions provided by the intrusion detection and prevention system deCORE IDPS—provide vehicle network threat perception, security analysis, situation presentation, emergency response and disposal, security monitoring and other functions. Integrate big data analysis technology, visualization technology, and threat intelligence technology to build a new intelligent vehicle wind and cyber security situational awareness platform for users. Manageable, controllable and credible”. 4. Safety Communication Component—deCORE COM: realizes the safety of different bus communication inside the vehicle, V2X safety, and the communication safety between the vehicle and the outside, including deCORE SecOC for vehicle internal safety communication compliant with the AUTOSAR standard, and vehicle internal Ethernet safety communication deCORE vETH products . deCORE vETH has a complete authentication and encryption algorithm; an intrusion detection and defense system covering multiple protocol levels; a network isolation and filtering mechanism that meets the needs of vehicle security. deCORE SecOC addresses identity authenticity, content integrity and anti-replay issues for vehicle internal communications. Support the integration of AUTOSAR CP&AP, Linux, Android, QNX and other OS; support CAN, FlexRay and Ethernet communication applications; support HSM/SHE, pure software cryptographic algorithms; complete SecOC software configuration and test verification tools. 1) Threat Analysis and Risk Assessment：Based on our solution, threat analysis and risk assessment technology integrates STRIDE, EVITA, HEAVENS, SDL and other methods in the industry, with confidentiality, integrity, authenticity, availability, non-repudiation, authorization, etc. 2) Lightweight Identity Authentication: It solves the problem of rapid identity identification in automotive electronic systems, while reducing resource occupancy; application scenarios include: communication between on-board equipment and external environments (including service platforms, mobile terminals, etc.), vehicle internal CAN bus network communication, etc. The lightweight identity authentication technology of this solution realizes that the overall delay of on-board device and background service platform authentication does not exceed 500 milliseconds, which meets the needs of low-latency communication outside the vehicle. 3) Fast Integrity Measurement: The fast integrity measurement technology of this solution covers three levels of fast integrity measurement, including boot loader, operating system kernel, and system services. The secure boot performance of huge software images; based on the computing power provided by the hardware security module, the performance of integrity verification is improved, so that the overall additional time delay does not exceed 4 seconds. 4) Secure Storage Technology: The secure storage technology of this solution supports the secure storage of sensitive and critical information based on white-box passwords/security chips to prevent reverse theft. 5) Vehicle Cyber security Monitor: The vehicle cyber security monitoring technology of this solution can reduce the false alarm rate of vehicle cyber security attack events to less than 10%, identify the types of attack events at more than 3 network protocol levels, and support the deep packet network based on vehicle network. Detection, and abnormal behavior detection based on vehicle applications, the deployment space of security monitoring software is less than 20MB, and the running space is less than 100MB.

Unique advantages

1. Solution Advantages: The solution applies innovative technologies such as threat analysis and risk assessment, lightweight identity authentication, fast integrity measurement, secure storage, and vehicle cyber security monitoring, and has the advantages of real-time, reliability, and low storage space overhead. It not only covers all elements of intelligent vehicle, but also covers the entire life cycle of intelligent vehicle, and can customize a defense-in-depth system based on the specific needs of different models. 2. Company Advantages: The company leads the formulation of the first national standard for automotive electronic cyber security in China, as well as a number of group standards, protection guidelines, and white papers, and has a first-mover advantage in vertical fields. 3. Team Advantage: More than 20 years of embedded operating system and more than 10 years of technical accumulation and experience accumulation in the field of automotive electronics have created the core technical barriers in the field of intelligent vehicle. 4. Practical Verification: The company's products are mature and reliable, covering mainstream OEM manufacturers, parts manufacturers, testing institutions, has reached the mass production application of more than 2 million vehicles.

Application

The deCORE AUTO solution covers the cyber security protection products required on the vehicle side, as well as security services such as security consulting and penetration testing. Among them, vehicle-side cyber security protection products can establish a layer-based defense-in-depth system for intelligent vehicle, covering all elements of intelligent vehicle, including IVI, TBOX, smart cockpit, central gateway, automatic driving, control type ECU and other components, CAN/CANFD , Ethernet and other vehicle content communication methods, as well as key services such as FOTA, Bluetooth key, and remote control.

Prospect

In view of the important impact of traffic safety, social security and even national security, vehicle cyber security has been highly valued by various automobile powers, and relevant regulations and standards have been promulgated one after another. In China, various state departments are speeding up the research and gradual establishment of management methods for the safety of ICVs. Relevant regulatory requirements have been introduced one after another, and relevant standards are being formulated rapidly. In 2021 alone, there were more than 10 international and domestic regulations. For example, the "Guidelines for the Access Management of Intelligent Connected Vehicle Manufacturers and Products (Trial)", "Guidelines for the Access Management of Intelligent Connected Vehicle Manufacturers and Products", "General Technical Requirements for Automotive Information Security" issued by MIIT, Several Regulations on Automotive Data Security Management (Draft for Comments), etc., all put forward specific requirements for automotive cyber security. This solution covers all elements of a intelligent vehicle, and has already achieved mass production applications in mainstream car companies. At the same time, the company has established good cooperative relations with product-related suppliers (including chip manufacturers, hardware development boards, software and hardware development environments, third-party software suppliers, etc.), and has accumulated standardization organizations, scientific research institutes, industry alliances, OEM Partner resources such as automobile manufacturers, security chip manufacturers, and software developers have first-mover advantages in technology accumulation in vertical fields and occupation of industry resources, which will create a huge market prospect with sustainable development for the solution.