Kaspersky has announced that is developing an Automotive Secure Gateway (KASG) based on its KasperskyOS operating system.
At its annual Kaspersky Cyber Security Weekend META last month, the cybersecurity company told media that the gateway can be installed on the telematics or central unit of a car with ARM architecture. Such a solution will protect the car from hacking, provide a safe update of both the gateway itself and the car’s electronic components over the air, allow collect logs to be collected from the car’s internal network and send them to the security monitoring center.
The development started after the publication of regulatory documents on cybersecurity in the automotive industry, prepared by the UN Commission WP.29, which includes 63 countries. Some of the requirements came into force in 2022. By 2024, a certification system must be introduced that obliges manufacturers to comply with cybersecurity requirements and integrate security solutions into cars at the assembly line stage.
The regulatory framework stipulates that new systems for cars should be designed and developed according to the Secure-by-Design principle. This means that security must be built into solutions at the design and development stage. Kaspersky provides this principle with its cyber Immune operating system, KasperskyOS.
Kaspersky develops the Kaspersky Automotive Secure Gateway in accordance with requirements not only for cybersecurity, but also with the international standard for functional security, ISO 26262.
“The safety issues of connected cars are so important today that they are being discussed at the level of international organisations,” says Andrey Suvorov, head of the KasperskyOS business unit at Kaspersky. “This is an example of how the industry itself comes to cybersecurity experts for solutions and is ready to certify them and make them mandatory.
“The regulatory requirements of the UN Commission WP.29 gave a serious impetus to the development of the information security market in the automotive industry. We started developing Kaspersky Automotive Secure Gateway by analysing the requirements of the new regulation and creating a threat model for connected vehicles.”
Cyber Immunity is an IT system’s “inherent” protection — its ability to withstand cyberattacks without any additional (applied) security tools. The overwhelming majority of types of attacks on a Cyber Immune system are ineffective and unable to impact its critical functions.
Kaspersky says it devised the Cyber Immune approach to creating IT solutions and developed its own KasperskyOS operating system as a platform for building Cyber Immune products. Cyber Immune products that run on KasperskyOS are in demand in industries where IT systems are subject to higher cybersecurity, reliability and predictability requirements, such as manufacturing, the energy sector, transport infrastructure, and smart city systems.
* For more information, visit https://os.kaspersky.com/