Cyber Immunity is the new normal: Kaspersky will protect connected cars

At its annual Kaspersky Cyber Security Weekend META the company announced that it is developing an Automotive Gateway to help manufacturers meet the new UN Cyber ​​Security Requirements for Smart Vehicles.

Kaspersky is developing the Kaspersky Automotive Secure Gateway (KASG) based on the KasperskyOS operating system – a platform for developing solutions that are inherently secure. The gateway can be installed on the telematics or central unit of a car with ARM architecture. Such a solution will protect the car from hacking, provide a safe update of both the gateway itself and the car’s electronic components over the air, allow to collect logs from the car’s internal network and send them to the security monitoring center.

The development started after the publication of regulatory documents on cybersecurity in the automotive industry. They were prepared by the UN Commission WP.29, which includes 63 countries. Some of the documents entered into force in 2022. By 2024, according to the new requirements, a certification system must be introduced that obliges manufacturers to comply with cybersecurity requirements and integrate security solutions into cars at the assembly line stage.

The regulatory framework stipulates that new systems for cars should be designed and developed according to the Secure-by-Design principle. This means that security must be built into solutions at the design and development stage. Kaspersky provides this principle with its own Cyber Immune operating system – KasperskyOS.

Kaspersky develops the Kaspersky Automotive Secure Gateway in accordance with the requirements not only for cybersecurity, but also with the international standard for functional security (Safety) ISO 26262.

“The safety issues of connected cars are so important today that they are being discussed at the level of international organisations. This is an example of how the industry itself comes to cybersecurity experts for solutions and is ready to certify them and make them mandatory. The regulatory requirements of the UN Commission WP.29 gave a serious impetus to the development of the information security market in the automotive industry. We started developing Kaspersky Automotive Secure Gateway by analysing the requirements of the new regulation and creating a threat model for connected vehicles. We expect that many manufacturers will be interested in our development,” comments Andrey Suvorov, Head of KasperskyOS Business Unit at Kaspersky.