SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
Story image
ProvenRun & Renault division Ampere boost car cybersecurity
Wed, 7th Feb 2024

In a positive development for the automotive industry's cybersecurity, ProvenRun has teamed up with Ampere, a division of the Renault Group. Their mission is to ensure secure onboard communications for future Software Defined Vehicle (SDV) Platforms. An innovative Protocol Breaker, created to build secure communication pathways among systems, plays a central role in this partnership.

With the increasing prominence of digital cockpits and a higher volume of critical data flowing between cars and servers, a new approach to cybersecurity in the automotive industry is essential. In response, Provenrun and Ampere have devised a state-of-the-art protocol breaker. This isolates two communication segments: the "front" and the "back". Such segmentation leverages Provenrun's ProvenCore, a system with a world-first Common Criteria EAL7 certification, which offers near-perfect cybersecurity credentials to ensure the safety of critical vehicle functions.

ProvenRun's security IP, co-developed with Ampere software and systems teams, provides a secure data transfer environment, ensuring reliable vehicle system operations required for advanced vehicle features such as autonomous driving and real-time navigation.

The protocol breaker operates by dividing and isolating two communication segments. The Front segment interfaces with all connected and exposed ECUs, striking as the first defensive line against incoming data. It scrutinises all data for integrity and authenticity, and only secure verified communications are passed on to critical systems. The Back segment interacts with vital vehicle functions, ensuring the data obtained from the Front segment is well-formatted and safe for these systems to process.

The protocol breaker unites two cybersecurity technologies: the Rust programming language and the ProvenCore secure operating system. The Rust programming language, which underpins the development of the Protocol Breaker, is renowned for its focus on memory safety and concurrency, reducing common vulnerabilities exploited in cybersecurity. ProvenCore, with its world-first Common Criteria EAL7 certification, ensures a secure divide between the front and back sections of the protocol breaker, maintaining the safety of critical vehicle functions.

This collaboration signifies a major advancement in automotive cybersecurity, leveraging the mutual strengths of ProvenRun's cybersecurity expertise and Ampere's advanced vehicle software architecture. Henry Bzeih, VP Software & Systems at Ampere, applauds this union, stating, "ProvenCore OS EAL7 certification has no equivalent on the market which is a concrete proof of excellence. It convinced us to use their product but moreover to co-create IP with them! ProvenRun cybersecurity competences joint to Ampere software expertise will allow our SDV platform introduction while ensuring a secure by design approach."

A live demonstration took place at the Consumer Electronics Show (CES) in Las Vegas to showcase the practical application and effectiveness of the protocol breaker. Thierry Chesnais, CEO of ProvenRun, was keen about his presence at the CES, stating, "The live demonstration at CES is not just a demonstration of technological prowess, but a testament to the commitment we share with Ampere to advancing automotive security. Seeing our joint solution in action at such a prestigious event will highlight the tangible benefits of our collaboration."