Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Karamba Advances Autonomous Car Security, Raises New Funding

    By
    SEAN MICHAEL KERNER
    -
    September 29, 2016
    Share
    Facebook
    Twitter
    Linkedin

      Vehicle security vendor Karamba Security today announced new features for autonomous car security as well as a new $2.5 million round of funding.

      Total funding to date for Karamba now stands at $5 million from investors including Fontinalis Partners, YL Ventures and GlenRock.

      Karamba first announced its Carwall security platform on June 16 as a platform to help protect electronic control units (ECUs) from potential security risks. Karamba is now enhancing Carwall with new capabilities to help defend against in-memory attacks as well as autonomous vehicle security.

      “We are adding in-memory protection, extending the security policy beyond just whitelists to function calling,” David Barzilai, executive chairman and co-founder of Karamba, told eWEEK.

      Karamba’s new feature is timely given that security researchers from Chinese firm Tencent publicly disclosed on Sept. 20 that they were able to remotely hack a Tesla vehicle by way of an in-memory attack. Tesla has since patched its software for the reported flaw. Barzilai said that with an in-memory vulnerability, hackers are able to exploit bugs in a system process. Once attackers have some degree of control over a system process, they are able to send malicious packets.

      Karamba’s new in-memory layer first establishes a baseline from factory settings of how memory is supposed to be used in a car, according to Barzilai.

      “Once we see something that is outside of what we know from the factory settings, we can abort the malicious process,” he said. “So our approach is to block attackers from getting into the ECU.”

      The basic premise behind Karamba’s technology is that a car’s operating system runtime should not be able to be changed by users, Barzilai said. Any required change should only be permitted by the vehicle vendor in a controlled and inspected manner.

      In-memory attacks against vehicle ECUs follow the same basic methodology as in-memory attacks against desktops and servers. The big difference though is that with embedded systems, for the most part, the same memory safety security controls are not present by default. On a typical Windows operating system, there are Data Execution Protection (DEP) and Address Space Layout Randomization (ASLR) features that aim to reduce the risks of certain classes of memory attacks. Barzilai noted that there aren’t enough system resources to run DEP or ASLR on an ECU.

      “The common denominator for all memory attacks is when a function call returns a different address than it does in the factory default,” he said. “That’s where we catch the malicious process and abort it.”

      The need for improved vehicle security is likely to grow in the coming decade as an increasing volume of autonomous vehicles get on the road loaded with multiple ECUs. There are already some initial attempts at regulating autonomous vehicle security around the world as well.

      “I think that regulations are important,” Barzilai said. “I think regulators are looking for insights from vendors like Karamba about what can be done to protect the car and not endanger the driver.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×