UNECE WP.29 audits are set to begin in 2022 and many automakers are in the midst of implementing processes in alignment with ISO/SAE 21434: Road Vehicles – Cybersecurity Engineering. One
Security research & development is critical to Block Harbor. It’s our way to identify problems and solutions that make the future of vehicles safer.
UNECE WP.29 audits are set to begin in 2022 and many automakers are in the midst of implementing processes in alignment with ISO/SAE 21434: Road Vehicles – Cybersecurity Engineering. One
The previous posts outlined how to think about what a security design for ISO/SAE 21434 might look like. ISO/SAE 21434 in it’s current state is vague, we want to be
TARA completed, now what? Below is an outline of the subsequent steps taken after completing a TARA within the organization. TARA documents will provide crucial information in determining how security
Concept Phase. The Internet of Things, sounds simple enough right? What about when we integrate embedded devices into the IoT. If not already, in the near future, homes, sidewalks, vehicles,
This year has been a huge success for Block Harbor and we’re proud to be part of pushing our industry forward. Consumer Electronics Show (CES) Early in the year we
THE BACKGROUND. An automotive supplier, well known for smart systems, reached out to us after they suffered a Ransomware attack (we’ll call them “Tyrel Industries” for purposes of this Case
The purpose of a security operation center (SOC) is to protect an organization from cyber attacks by setting up defenses, monitoring to detect cyber incidents, enforcing security policies, and responding
Block Harbor, a solutions partner for Keysight Technologies, actively works with Keysight to develop the Keysight Automotive Cybersecurity Penetration Testing Platform. We support Keysight’s team in developing more automotive security testing capabilities into the system, helping support it’s impressive suite of useful security tools. Further, we’re looking at ways to use this platform to build out bigger automation environments to support automakers and suppliers with their challenges in ensuring vehicles are secure and stay secure. Stay tuned, or reach out to learn more.
Block Harbor partnered with Itemis around their Yakindu Security Analyst tool because it’s a great solution to perform Threat Analyses and Risk Assessments (TARAs). In particular, Security Analyst becomes more useful over time by building up a big database of items/components, threat scenarios, risks, and security controls to be reused for other systems, effectively making compliance to ISO/SAE 21434: Vehicle Cybersecurity Engineering more feasible. Both used internally and for our customers at Block Harbor, this partnership allows us to work together to hone a great tool in this space (and integrate with it in some of our toolchain).
Block Harbor is an active supporter of OpenXSAM, an exchange format to rapidly (and programmatically) exchange vehicle cybersecurity engineering data between tools to really speed up implementations of processes in standards like ISO/SAE 21434: Vehicle Cybersecurity Engineering. We believe open exchange formats like this enable innovation and automation to take the wheel and keep vehicles safe.
Block Harbor is a member of the GENIVI Alliance, where we support their Security Team to help ensure that GENIVI is a leader in automotive security, especially around the open standards that we develop.
Block Harbor supports the Automotive Security Research Group (ASRG), a non-profit focused on making automotive cybersecurity accessible to all. In particular, Block Harbor’s team members lead the Detroit Chapter and the North/Central/South Americas region. Further, Block Harbor supports development of the software that powers the ASRG community.
Between customer engagements, Block Harbor identifies publicly available automotive systems to execute security testing against to responsibly disclose issues. This helps us keep our skills sharp while providing research input to the industry to, ultimately, keep vehicles safe.
Current target: 2021 Mach E
Vehicle cybersecurity engineering is an incredible challenge that can only be done well with a helping hand from automation. In our lab space, we have vehicle test benches that each represent a vehicle make/model subsystem. We’re running security tests against those test benches 24/7 to constantly give us and our customers insight into the security posture of their vehicle.
