A programmatic approach to automotive testing

Between Wi-Fi, Bluetooth, GPS and critical safety systems such as anti-collision, braking, tire pressure systems, today’s vehicles are more connected than ever. Since many vehicles rely on wirelessly connected sensors to run those systems, the risk of a compromise is elevated. Some threats to vehicles include tampering with the boot software so the car doesn’t start, tampering with the tire pressure system to make the car think it has a flat or setting the altitude to zero in a GPS system so that it continues to crash.

Meanwhile, the same kind of vulnerabilities are seen across the board – default credentials that may also be shared across an entire fleet of vehicles, exposed interfaces and wiring, and insecure Wi-Fi. Vehicles are built with trust, meaning as the connected components talk to each other they trust each other inherently. If a criminal gains access to just one of those components, he or she can manipulate the rest.

X-Force® Red’s automotive testing team of engineers and automotive enthusiasts are also security experts. They can test suppliers’ vehicle components, the integration of those components, and the vehicle’s entire connected ecosystem, from applications to Wi-Fi connectivity and more. 

X-Force Red shield

X-Force Red Automotive Testing services provide

Access to best-in-class security testers

Built-in security

X-Force Red automotive testers work side-by-side with your engineers throughout the design phase – from picking secure parts to building in security requirements and processes.

Agility to meet on-demand testing requirements

Comprehensive testing

X-Force Red tests hardware, supplier components, integration, connected services, autonomous sensor controls, fusion sub-systems and more.

Centralized communication and collaboration through X-Force Red portal

Engineered remediation

X-Force Red provides actionable engineering recommendations to fix critical security flaws during design and beyond.

X-Force Red automotive testing helps

Schedule real-time security testing and vulnerability assessments

Reduce risk and minimize impact

X-Force Red uncovers and helps fix vulnerabilities impacting the safety of vehicles and reliability of the connected network.

Collaborate for remediation before cybercriminals know updates exist

Find unknown vulnerabilities

X-Force Red manually tests the entire vehicle system, which includes pulling apart components such as electronic control units, reverse engineering firmware and reviewing source code.

Centralized communication and collaboration through X-Force Red portal

Strengthen security at a predictable cost

Under X-Force Red’s subscription service, clients pay a monthly fixed rate and can change what they tested without drawing up new contracts.

Resources

Plug-ins can increase risk

Find out how X-Force Red helped a car manufacturer identify and fix vulnerabilities in an aftermarket car “plug-in” solution.

2018 IBM X-Force Threat Intelligence Index

Get a better understanding of the current threat landscape.

Priming your digital immune system

Identify critical vulnerabilities using the tools, techniques and practices criminals use.