Skip to main content

Karamba’s Carwall thwarts mass hacks

Karamba Security’s Carwall software is said to prevent ‘mass hacks’ of vehicles’ on-board systems including those for connected and autonomous driving. Carwall sits in the vehicle ECUs and ‘learns’ the factory settings. If hackers breach the manufacturer’s cyber security and tries to infect the ECUs of in-service vehicles, Karamba’s software detects the impending change to factory settings and blocks activation. David Barzilai, the company’s chairman and co-founder, said with tens of millions of l
September 13, 2016 Read time: 2 mins
8519 Karamba Security’s Carwall software is said to prevent ‘mass hacks’ of vehicles’ on-board systems including those for connected and autonomous driving.  

Carwall sits in the vehicle ECUs and ‘learns’ the factory settings. If hackers breach the manufacturer’s cyber security and tries to infect the ECUs of in-service vehicles, Karamba’s software detects the impending change to factory settings and blocks activation.
 
David Barzilai, the company’s chairman and co-founder, said with tens of millions of lines of code in car software, it is impossible to guarantee all security bugs are eliminated. Carwall does not stop a hacker exploiting a security bug to transmit malware to a vehicle’s ECUs but it does prevent that malware being activated.

When Carwall detects foreign activity or code on an ECU it sends an alert to the manufacturer and system providers’ details on security bugs the hackers exploited, the code they attempted to run and the function it would execute. According to Barzilai, as the factory settings are definitive, Carwall does not produce false positives.

The software can be installed retrospectively to in-service vehicles by authorised distributers but cannot prevent individual hacks where the hacker can physically connect the vehicle’s CANbus architecture.

Related Content

  • August 8, 2017
    Asecap Days delves beneath the surface of tolling
    Colin Sowman picks his highlights from Asecap’s 45th annual Study and Information Days in Paris. European tolling association Asecap holds annual Study & Information Days, provides delegates with updates on the latest moves and thinking in the tolling sector and is a key meeting place for concessionaires from 22 countries. The importance of road transport to the French economy was highlighted by the country’s director general of transport infrastructures, François Poupard, in the opening session. He told th
  • February 2, 2012
    Communications for cooperative infrastructures and safety
    Scott Andrews of Cogenia Partners, LLC details the findings of the VII Proof Of Concept work carried out to verify the effectiveness of 5.9GHz-based communication for future US cooperative infrastructures
  • August 21, 2014
    Ken Leonard talks to ITS International
    Ken Leonard, director of the USDOT’s ITS Joint Program office made time in his schedule during the Helsinki Congress to speak to ITS International. It has been 18 months since Ken Leonard took over as the director of the Intelligent Transportation Systems Joint Program Office at the US Department of Transportation. With 30 years of technical experience behind him, to say he is enjoying the challenge would be to put it mildly: “It is incredibly exciting to be working in intelligent transportation systems, th
  • November 10, 2017
    Making connections without compromising security
    We listen in as global experts discuss connected vehicles and cybersecurity. By 2019 there will be almost 44 million connected cars globally and by 2022 that figure will be nearer 70 million; some 40% will be electric powered, according to market analyst Frost & Sullivan. But its report said the issue of end-to-end security for the new technology is still under debate, as vehicle OEMs engage with vendors to test specific security application areas for both over-the-air and vehicle-to-exterior services.