This article introduces the in-vehicle Ethernet/IP firewall, which is the basis of in-vehicle security.
ESCRYPT is the security brand of ETAS.
Overview
Comprehensive security measures are essential to effectively deal with cyber security threats in the automotive industry, where autonomous driving and connectivity are becoming more advanced. ESCRYPT's automotive Ethernet firewall, ESCRYPT CycurGATE, is a market-proven and essential solution for today's and tomorrow's gateways with ever-increasing security requirements.
A perfect balance of hardware/software co-design
ESCRYPT CycurGATE is embedded directly into Ethernet switches to centrally monitor and manage the entire packet flow without the interference of host controllers or individual ECUs. This firewall can be used as a library or as a standalone solution.
It also achieves an optimal balance of hardware/software co-design, allowing you to take full advantage of the hardware acceleration of Ethernet switches. It minimizes latency on the firewall by fusing the hardware mechanism of the Ethernet switch with software algorithms.
ESCRYPT's c-library-based firewall solution is tailored to run on microcontrollers and microprocessors.
Applications of ESCRYPT CycurGATE
■ A firewall to protect against a wide range of cyberattacks
DoS (denial of service) attacks
Block unauthorized communication to individual ECUs or entire networks
Secure external interface
■ Data routing effectively controls data flow between network segments/domains
system solution
A Security Strategy Across the Vehicle Lifecycle
■ Intrusion detection/intrusion prevention capabilities require comprehensive security mechanisms that are lastingly effective.
■ ESCRYPT CycurIDS, an intrusion detection system, monitors network traffic to detect and record anomalies and typical attack signatures.
ESCRYPT also offers a Cyber Defense Center backend, ESCRYPT CycurGUARD.
The system evaluates information from IDS components, detects recent attack trends, helps identify the cause of security incidents,
You can define countermeasures to distribute across fleet vehicles.
feature
■ Various configurations and updates are possible
Supports OTA updates and is a future-proof solution, so it can respond appropriately to constantly changing threats
■ Suspicious data can be recorded and processed statistically
■ Provides all important filtering mechanisms
■ Equipped with all important filter mechanisms
Stateless packet inspection
Dynamic stateful inspection
deep packet inspection
Message blacklist and whitelist support
■ Routing and firewall functions
Compatible with ESCRYPT's Ethernet IDS feature
customer benefits
費用対効果が高く、追加のハードウェアが不要で、統合が容易
■ ESCRYPT CycurGATE runs directly on the Ethernet switch CPU, so there is no resource consumption on the host microcontroller
■ A software-only version is also available and can be integrated into any uC/uP
■ No need to change existing hardware/software
excellent transparency
■ Can be easily configured according to the security standard being used
■ Not black Box security
Continuous updates provide future scalability
Development based on the highest quality standards* for automotive use
*ASPICE etc.
Click here to download detailed materials
For more information, please download the document below.
*This material is the same as the material in "ESCRYPT CycurIDS attack detection, policy enforcement, real-time analysis".
Inquiry
If you have any questions regarding this product, please contact us using the form below.
Click here for related products
security products
In-vehicle Ethernet compatible media converter
Click here if you want to evaluate 1000BASE-T1↓
Click here if you want to evaluate 100BASE-T1↓
Recommended articles related to in-vehicle Ethernet
Click here if you want to study the basics of in-vehicle Ethernet PHY ↓
Click here if you want to study the basics of in-vehicle Ethernet Switch ↓