Introduction
The ecFirewall is an innovative security solution specifically designed for embedded systems in industries such as automotive, aerospace, and others. Based on existing specifications and protocols, ecFirewall offers automated rule set generation and intelligent detection of misbehavior to ensure the security and integrity of communication systems. With its ability to detect anomalies and initiate targeted countermeasures, ecFirewall is the ideal solution for modern, safety-critical applications.
Key Features
1. Automated Rule Set Generation
- Rule sets are automatically generated based on existing specifications and protocols, significantly simplifying implementation and minimizing human errors.
- Supports common communication protocols such as CAN, CAN FD, Ethernet, and more.
2. Detectable Misbehavior
- Timing: Detection of anomalies in the timing of messages (e.g., minimum delta time, cycle time).
- Location: Identification of misbehavior based on the bus system through which messages are sent.
- Range: Validation of data length (DLC) and signal values for plausibility.
- Protocol Sequences: Detection of deviations in the expected sequence of messages.
- Extended Detection: Additional specific rules can be added as needed.
3. Decision on Severity, Urgency, and Impact
- ecFirewall evaluates detected anomalies based on their severity, urgency, and impact on the system.
- Targeted countermeasures are initiated based on this evaluation.
4. Definition of (Temporary) Actions/Countermeasures
- Delay Message Distribution: Suspicious messages are delayed to allow further analysis.
- Discard Messages: Critical or harmful messages are discarded to protect the system.
- Modify Message Content: Specific parts of a message can be modified to neutralize potential attacks.
5. Updatability and Evolutionary Adaptation
- ecFirewall is updatable, enabling continuous adaptation of rules over time.
- New threats and requirements can be quickly integrated without fundamentally changing the system architecture.
Applications
Automotive:
- Protection of vehicle networks (e.g., CAN, CAN FD) against cyberattacks and malfunctions.
- Compliance with security standards such as ISO 21434 and UNECE R155.
Aerospace:
- Securing avionics systems and flight control networks.
- Compliance with certification standards such as DO-326A and DO-356A.
Industrial Automation:
- Protection of industrial control systems (ICS) and SCADA networks.
- Detection and defense against attacks on critical infrastructure.
Medical Technology:
- Securing medical devices and networks against unauthorized access and manipulation.
- Compliance with standards such as IEC 62304 and FDA requirements.
Benefits
- Enhanced Security: Protection against cyberattacks, malfunctions, and unauthorized access.
- Real-Time Capability: Rapid detection and response to anomalies without compromising system performance.
- Flexibility: Adaptable to various protocols and use cases.
- Future-Proof: Updatable rule sets enable continuous adaptation to new threats.
- Easy Integration: Automated rule set generation and comprehensive documentation simplify implementation.
Technical Specifications
- Supported Protocols: CAN, CAN FD, Ethernet, and more.
- Detection Mechanisms: Timing, Location, Range, Protocol Sequences, and extended rules.
- Countermeasures: Delay, Discard, Modify messages.
- Updatability: Evolutionary adaptation of rules over time.
- Licensing Model: Flexible (commercial licenses and custom adaptations available).
With ecFirewall, you set new standards in security and reliability for embedded systems. Trust our expertise to protect your applications in automotive, aerospace, and other industries against modern threats.
Contact
For more information, a demo, or personalized consultation, contact us at sales@easycore.com or visit our website https://www.easycore.com/contact.