In connected car news are the Car Connectivity Consortium, VicOne, 42Crunch, Toyota and Pioneer.
CCC Digital Key APP
The Car Connectivity Consortium (CCC), a cross-industry standards organization dedicated to advancing device-to-car connectivity solutions, announced that the CCC Digital Key™ Applet Protection Profile complies with the standards of the renowned German Federal Office for Information Security (BSI), becoming the only digital key application to receive this security designation. The BSI certification ensures this element of the larger CCC Digital Key architecture meets their highest threshold for security, so device and vehicle OEMs can ensure their users are able to securely and safely access their vehicles, create and delete digital keys, share a digital key with others, and start their vehicle. With digital keys, manufacturers must ensure their implementations are designed to prevent known hardware- and software-based attacks, such as tampering, storage intrusion, cloning, relay attacks, and unauthorized access.
“We appreciate how the CCC has incorporated the highest cybersecurity requirements into its standard since inception,” remarked Dr. Gerhard Schabhüser from BSI. “Our mission is to shape information security in digitization through prevention, detection, and reaction. Implementing a ‘security-by-design’ approach, as the CCC Digital Key does, allows us to deliver on this, so we are pleased to verify their protection profile and further protect consumers.”
“Security without compromise has been one of our chief priorities in developing the CCC Digital Key specification,” said Alysia Johnson, president of the CCC. “Receiving verification for a key component of our specification from such a credible government agency enables device manufacturers around the world that have been CCC Digital Key certified to signal that their implementation is secure and trusted.”
The BSI verification applies to the CCC Digital Key Release 3, which defines the standardized interface between the vehicle and the device as an NFC-based wireless interface designed for direct vehicle-to-device communication and will be implemented in future specification updates. To learn more about the CCC and CCC Digital Key, please visit carconnectivity.org.//
VicOne & 42Crunch Enhance API Security
VicOne, an automotive cybersecurity solutions leader announced a partnership with 42Crunch (https://42crunch.com/) to enhance the security of application programming interfaces (APIs) for the software-defined vehicle (SDV) and broader connected-vehicle ecosystem. Through the partnership, automotive original equipment manufacturers (OEMs) and suppliers achieve differentiating benefits:
“Whereas automotive cybersecurity not long ago focused almost exclusively on in-vehicle APIs, it must today account for API attacks within and among vehicles, the cloud and mobile”
Post this
- Quicker and more accurate detection of the latest Open Worldwide Application Security Project (OWASP) Top 10 API security vulnerabilities during development.
- Accelerated identification of potential threats at application runtime.
- Improved dynamic risk assessment through integration of API security events along with other automotive data and security events.
- Better compliance with regulations such as UN Regulation No. 155 – Cyber security and cyber security management system and ISO/SAE 21434:2021 Road vehicles Cybersecurity engineering.
The cyber-attack surface has expanded rapidly with the trend toward SDVs and increasing reliance on the cloud and APIs. VicOne noted that API-related incidents contributed to 12 percent of automotive security incidents from the second half of 2022 to the first half of 2023. To date, it has been challenging to attain security visibility across the broadening automotive ecosystem, but the VicOne/42Crunch partnership promises to eliminate unknown security blind spots.
“Our API security testing and protection services are used by Fortune 500 enterprises and over 1 million developers worldwide, and we are thrilled to partner with VicOne to bring these capabilities to the automotive ecosystem,” said Jacques Declas, chief executive officer (CEO) of 42Crunch. “APIs are inherently easy to expose but difficult to defend. As the automotive industry relies more heavily on APIs in SDVs, OEMs and their suppliers will be uniquely equipped through our partnership with VicOne to tackle threats and comply with evolving cybersecurity mandates by integrating diverse sensor data for comprehensive risk assessment and actionable insights.”
According to a Gartner® report, Innovation Insight for API Protection, “API protection products provide three main types of functionality — discovery, posture management and runtime protection.”1 Utilizing 42Crunch’s API Audit vulnerability testing solution and API Firewall in tandem with artificial intelligence (AI)/Large Language Modeling (LLM) via the VicOne xNexus next-generation vehicle security operations center (VSOC) platform, OEMs and suppliers gain precise, contextualized and actionable threat insights to enhance risk visibility across the full ecosystem, optimize resource allocation, accelerate attack investigations and eliminate wasted effort in chasing “false positives.”
Furthermore, data from VicOne’s xCarbon VSOC sensor and smart cockpit protection can be correlated into clear narratives to facilitate continuous and dynamic risk assessment across the automotive supply chain. VicOne’s xZETA automotive vulnerability and SBOM management system scans vehicle software to identify zero-day, undisclosed and known vulnerabilities, malware, ransomware, and advanced persistent threats. Information feeds back into Threat and Risk Assessment (TARA) results to ensure alignment with ISO/SAE 21434 processes and enable continuous monitoring.
“Whereas automotive cybersecurity not long ago focused almost exclusively on in-vehicle APIs, it must today account for API attacks within and among vehicles, the cloud and mobile,” said Max Cheng, CEO of VicOne. “This partnership brings together 42Crunch’s proven expertise in API security and ours in automotive cybersecurity to enable a solution engineered for the new, more complex reality in this industry.”
MIPS SoC AI Solutions @Computex
MIPS, a leading developer of efficient and configurable IP compute cores, will showcase the company’s latest innovations and suite of system deployments at Computex 2024.
As part of its activities at Computex 2024, MIPS will highlight its latest solutions demonstrating the company’s differentiation around data movement to enable customers to achieve Edge AI innovation. MIPS’ architecture enables a bespoke solution with tight integration of the CPU to the overall System-on-Chip (SoC) architecture, managing data movement and memory balancing to predict and solve bottlenecks caused by the increasing throughput demands of new use-cases in AI.
“We are excited to participate in Computex 2024 where we will show how we’ve evolved as a company and are developing RISC-V tools that give edge AI Embedded customers the freedom to innovate compute,” said Durgesh Srivastava, CTO of MIPS. “We remain committed to providing our customers and partners with the innovative solutions they need to succeed in today’s rapidly evolving accelerated computing markets. We are anticipating a lot of interest in our technology at the show and look forward to connecting with ecosystem partners, our customers and fellow industry leaders.”
During the show two demos will also be featured in the MIPS meeting room #2549 at the Grand Hyatt Taipei, showcasing real-time system deployments, as well as elements of the MIPS’ multi-threading and RISC-V capabilities. Demos and highlights include:
Multi-threading Application Demonstration:
- A demo of MIPS’ multithreading capabilities of the MIPS P8700 Series multiprocessor when used with an embedded application
Synopsys Simulation Demonstration:
- A software model of the multithreaded MIPS P8700 Series CPU running on Synopsys’ Virtualizer simulation environment
For close to two decades, MIPS has established a leading position with its deep technical expertise and intellectual property (IP) with billions of MIPS-based chips in many devices and systems around the world. Today, the company is building off this innovation and expertise to give customers the freedom to build unique products for specific workloads utilizing MIPS’ industry-leading cores.
Company representatives, including members of the new MIPS executive leadership team, will be available to meet with journalists, analysts, customers and partners throughout the week at Computex 2024. MIPS will also be on hand to meet with attendees, explore new partnership opportunities and promote the company’s active recruitment initiatives.
For additional information about MIPS, please visit https://mips.com.
10-Speaker Pioneer Sound in Toyota Land Cruiser 250 SUV
Pioneer is pleased to announce that its 10-speaker sound system is available as an automaker’s option for the new Toyota Land Cruiser 250 SUV, which started shipping in Japan on April 18, 2024.
The 10-speaker sound system offered for the Land Cruiser 250 is the culmination of our years of engineering expertise in in-vehicle sound solutions. It delivers solid, faithful bass that goes well with the outstanding road-handling capability of the SUV and recreates an immersive acoustic environment inside the vehicle.
The sound system boasts an 8-channel amplifier and 10 speakers, including full-range and midrange units and a subwoofer, placed strategically inside the vehicle. Two-way speakers are placed at an optimal angle and location at the right and left ends of the dashboard panel to create a clear, three-dimensional sound field. The subwoofer mounted inside the liftgate is specifically designed to use the vehicle as its enclosure without compromising the cargo space to delivers powerful, dynamic bass to every passenger on board. The 8-channel class D amplifier, which was redesigned into a simplified structure, achieves noise-free, high-fidelity reproduction of music and up-converts compressed audio to near-Hi-Res quality.