By Tom Wallace
General, IoT Security,
Jun 14, 2018
The New Rules of Hacking Prevention
Hacking has undergone big changes over the past decade. Motivations have changed to now being financially motivated and proving a capacity to subvert a sovereign adversary. The technical sophistication of hackers has also grown significantly, with well-funded players now building armies of hackers with the most specialized skills.
Simultaneously, we have seen an explosion in Internet connected devices and consumer products. We believe these two trends auger a perfect storm for malicious actors, where targeted campaigns can last years and with patience and resourcefulness, the results can affect massive damage on lives and society.
Who are We?
Dellfer was founded to secure connected cars and more generally, any device connected to the Internet that is susceptible to this new era of hacking. By 2020, anywhere from 152 million (HIS Automotive) to a quarter of a billion cars (Gartner) will have embedded connectivity in them as smart cars, making this a huge surface area of attack to protect.
Our mission is to save lives and ensure these consumer devices are fully secured against any hack possible. We are a team of cryptography experts and long-time IOT security practitioners that have experience working in everything from smart city meter infrastructure, mobile phones, government jammers, building automation, printers and many more small footprint architectures such as those involved in connected vehicles.
We came to some clear conclusions when we analyzed the automotive market for potential solutions to this serious problem in that domain:
- With 100 million lines of code in every connected car, any smart vehicle is susceptible to the same vulnerability issues we’ve seen in all coding environments. While the operating systems are more specific, code will have known and unknown vulnerabilities in it, just like any application that is developed by engineers. This will make it susceptible to zero day attacks. We also noted at automotive engineers all throughout the supply chain also use reusable objects in their coding to speed up release to production.
- Connected vehicles have cyber kinetic potential and will attract nation state actors and cyber criminals looking to profit from extortion. While Cyber-Physical Systems (CPSes) have their origin in more general Internet of Things (IoT) and Industrial Control Systems (ICS), the term applies here as well. Any direct or indirect attack on the connected vehicle could lead to death of one or many lives, and as such the threat must be taken seriously. Because we believe Dellfer is the maximum defense code can have, we find it to be a perfect fit with the connected vehicle market where the stakes are supremely high.
- There are important architectural differences that make many offerings from the enterprise environment irrelevant. Many of the recent security innovations have been designed with the idea of large storage repositories, highly descriptive logging and at least 10/100 Mbit networks presumed. This has no fit with connected vehicle architecture, where storage space is limited, the CAN bus data field is only 8 KB large and CPU power is limited. The value of any security innovation must be evaluated against the real and pervasive constraints of connected car architecture.
- In security, hardware security solutions are depreciated over 5 years and refreshed. With cars, the longevity and after-market fixes that make for an attractive TCO equation to the buyer must be taken into account for any proposed security solution.
We felt a new approach was needed for the connected vehicle that was lightweight but highly self-contained in its ability to enforce security. With our prior IoT work, we had worked with control flow integrity in other sectors and felt it offered to highest potential to truly change the game for connected vehicle security.
Our best is that a CFI-based solution will enable us the chance to confer maximum protection on a connected vehicle from the inside out. To us, this will be a more effective way of securing portable, mobile connected devices than trying to analyze signals of behavior after the fact. This is the bet we have made behind ZeroDayGuard, the name of our solution.
What Makes Us Different?
We firmly believe our expertise working in small footprint environments is an advantage for us in servicing the automotive cybersecurity market, however in addition to that we feel our technology makes us unique as well:
- Comprehensiveness – Integrity monitoring can be implemented in different ways, and we believe we made the right choices for ensuring the right balance between security protection and overhead of processing to achieve it.
- Requires no updating or downtime – Code protected by Dellfer is intrinsically changed to be protected, no matter where it runs, no signature updates or re-boots required, perfect for IoT and connected cars.
- Hassle free enablement – What could be easier than simply pressing a button to submit a file to us or changing the command for compiling your application? Adding Dellfer to IoT code does not require any developer training or changes to source code. It just works and it’s automatic.
- It’s deterministic – What this means is that it is highly precise and not guessing at a security determination. ZeroDayGuard enforces a deterministic path and any deviation from that path is known to be bad and worth sounding the bells on.