vSentry™ - Intelligent Cybersecurity Software Solution for Commercial Fleets and Private Vehicles

Solution Technical Brochure

Comprehensive Multi-Tier Fleet , Vehicle and ECU Protection

vSentry™ Software Suite provides multi-tier fleet and vehicle protection, from vehicle/ground level and up to the fleet/cloud level.

The suite is split into two main layers:

  • Cloud layer: vSentry™ Fleet – Fleet-level protection software that complements the Fleet Management System or Security Operations Center (SOC) facility with cyber security analytics and accurate behavioural analytics, common policy implementation and rapid prevention and containment and imminent threats
  • Ground layer: vSentry™ Vehicle – In vehicle embedded protection software for ground level protection, including overall vehicle-level and application-level protetion

Intelligence Core for Maximum Prevention

vSentry™ employs an intelligence-based analytical processing core called vSentry™ Intelligence Core (IC). vSentry™ IC performs behavioural profiling of components and layers within the vehicle and at the fleet level. The advanced algorithms allow building a model that represents the behaviour of a real-world system from data that represents samples of its behavior to establish a “positive” behavioural baseline. The intelligence based behavioural modelling facility complements an police/control mechanism that enforces a behavioural baseline through segregation rules.

Some of the benefits that vSentry™ IC provides:

  • Intelligent Identification of anomalies in complex scenarios
  • Easy calibration for positive behaviour patterns
  • Agile adaptation to new types of platforms

Combined Integrated Intelligent Analytics and Segregated Control

The protection mechanisms of vSentry™ employ two parallel subsystems for optimal monitoring/analytics and threat/anomaly control & containment through segregation means.

  • Integrated Behavioural Monitoring and Analytics facility
  • Behavioural control and operations segregation facility

Full Vehicle System Protection Coverage – Connectivity, ECU/Application and Platform/Core

Vehicle/Fleet protection is split into 3 main layers:

  • Platform Protection – vehicle core operational facilities in charge of basic/critical operations, including Engine (ECU), and Break (BCU), Gear applications and more.
  • (Advanced) Applications Protection – including applications that provide driving facilitation and improve transit experience, including audio/visual (AV) applications, climate control applications, etc
  • Connectivity/Network Protection – external connectivity/access interfaces such as cellular connectivity and internal connectivity/access interfaces such as CANBUS and other internal networks

Connectivity
(Gateway, Telematics etc)

(Advanced) Application
(AV, CC etc)

Platform/Core
(ECU, BCU, etc)

The following figure illustrates a ECU/application bus architecture:

With vSentry™ Intelligent Analytics and Segregated control layers which are based on an Intelligence core,

Full ECU/Application Protection Coverage

ECU/Application protection is split into 3 main layers:

  • Platform/Core Protection – ECU Operating System, including core operational facilities in charge of basic/critical operation instrumentation, such as Linux/AGL/Geneve.
  • Applications Protection – Including applications/processes that execute and support the ECU main functionality
  • Connectivity/Network Protection – including protection for ECU external and internal network connectivity interfaces such as CAN bus, V2X control channels, Cellular/IP channels and other types of networks

Connectivity
(Gateway, Telematics etc)

(Advanced) Application
(AV, CC etc)

Platform/Core
(ECU, BCU, etc)

Full Threat Lifecycle Coverage

vSentry™ employs mechanisms to track threats throughout their lifecycle, in order to identify the threat in the earliest stage and prevent the problem.

Easy Deployment Management, Integration and Business Enablement

vSentry™ Vehicle is offered in two main editions:

  • vSentry™ Vehicle, Commercial Edition – advanced vehicle protection embedded ECU software tailored for vehicle business/operations critical applications
  • vSentry™ Vehicle, Open Edition – basic vehicle protection open-source software tailored for consumer applications

The software offers easy deployment, management and integration with the following features:

  • API for easy system integration and custom application development
  • CLI for easy engineering terminal management
  • Platform abstraction layer for easy portability

vSentry™ Open Platform API for Custom Monitoring and Control Applications

vSentry™ defines an Application Programming Interface (API) that allows downstream automotive service and product vendors to leverage the data collected by the protection engine for developing custom analytical applications, and enablement of advanced intelligent business models.
In additional the monitoring API, vSentry™ provides a variety of standard management/control interfaces for management of the system’s cyber security control and segregation facility, including REST, XML, CLI, SSH etc. With this API vendors can implement custom policy applications that define the unique protection schemes they look to conceptualize and employ in their vehicles and fleets.

Optimized Fleet Protection via Fleet-Level Cloud Analytics, Incident Segregation/Containment and Cross Fleet Cyber Security Policy Enforcement

vSentry™ Fleet Protection ties the dots together. With fleet level aggregated analytics and central control over cyber security policy, service providers can ensure optimal protection of vehicles based on accurate, big-data driven, behavioural profiling. The analytical profiling facility is complemented by cyber security control and administration facility to ensure central propagation of cyber security policy and rapid reaction to imminent incidents for quick containment.