xCarbon

xCarbon

Frictionless IDPS for multipurpose ECUs that will suit EEA designs

xCarbon
Balance of Security and Performance

Balance of Security and Performance

Minimal ECU performance impact by considering EEA and ECU integration.

Modular and Configurable

Modular and Configurable

AUTOSAR compatible. Enabling adequate features and configurations to meet different vehicles and service levels.

Ahead of Threats

Ahead of Threats

Deploy virtual patches or IPS rules to prevent and intercept an exploit.

Frictionless IDPS for ECU Hardening

Stay ahead of trending cyberattacks and future regulatory changes with VicOne's Intrusion Detect & Protect System (IDPS) - xCarbon. Designed for hardened security, this robust software-based security agent includes critical software that can be config for critical ECU components such as in-vehicle infotainment system (IVI), telematics box (TCU), and gateways while balancing security and performance. Additionally, in-vehicle network communications are heavily guarded, monitored, and analyzed through Controller Area Network (CAN) anomaly detection and Ethernet intrusion detection, thus providing timely alerts for when threats arise.

xCarbon is 100% AUTOSAR IDS protocol compatible. It provides superior detection in the vehicle, allowing SOC's to quickly understand the nature of the attack. This contrasts with agentless solutions, which are unable to identify details on the attacks occurring on the vehicle side. Additionally, the agent performs real-time protection to timely mitigate attacks by execute pre-defined rules or up-to-date commands from VSOC.

Frictionless IDPS for ECU Hardening

A Dynamic and Intelligent Detection and Response for Your Vehicle

VicOne's xCarbon (IDPS) encompasses multiple software components that uses known intrusion signatures to detect and analyze traffic, while proactively filtering malicious packets and blocking offending IPs. Detection logs and telemetry data are gathered from the vehicle and optimized before being sent to VicOne's xNexus and other VSOC for analysis; with AUTOSAR IDS protocol compatible.

A Dynamic and Intelligent Detection and Response for Your Vehicle

Advanced System Protection

  • Approved Application Listings. Rule-based application control ensuring the integrity of authorized applications
  • System Exploit Prevention. Analyzes and pinpoints unusual system activity to prevent vulnerability exploitation and privilege escalation

Next-Gen Ethernet Firewall

  • Ethernet intrusion detection. Signature-based intrusion detection identifying suspicious events through deep packet inspection
  • Virtual patch. Prevent attacks targeting known vulnerabilities with predefined signatures
  • Domain/IP filtering. Detect connections to malicious domain names and IP addresses

CAN Anomaly Detection

  • Malicious CAN message detection. Distinguish the system behavior against the normal behavior to detect malicious activity

Intelligent Sensor

  • Telemetry Data Collection. Automated process used to collect system activities and critical events for off-board analysis and data forensics, while also protecting the ECU

Secure Log Service

  • Securely maintain log records over extended periods of time and upload to the cloud with an encrypted connection

Stay Atop Vulnerabilities

xCarbon is designed to protect against known and unknown vulnerabilities, but if an exploit does arise, the Virtual Patch and IPS rules acts as a safety measure by implementing layers of security policies and rules that prevent and intercept an exploit from taking network paths to and from a vulnerability.

  • Virtual Patch
  • Intrusion Prevention System (IPS) Rules
VicOne customers protected ahead of patch

VicOne customers protected ahead of patch

Vulnerability Introduced

Vulnerability Introduced

Vulnerability Discovered

Vulnerability Discovered

Vulnerability Privately Disclosed

Vulnerability Privately Disclosed

Virtual Patch Created

Patch Available

Patch Available

Vulnerability Publicly Disclosed

Vulnerability Publicly Disclosed

Patch Installed

Patch Installed

Other security vendors' customers at risk

Other security vendors' customers at risk

Comprehensive Detection Enabled By Automotive Security Foresight

Not all data are equal and VicOne ensures that the right technique is deployed at the right time. Along each step of the data collection, from executing IDPS Rules, to machine learning and threat expert rules, these detection techniques progressively analyzes and filters out the threats for maximum detection and protection without false positives. Aside from broad protection, this results is an overall reduction of bandwidth which can further be investigated and blocked if malicious.

Comprehensive Detection Enabled By <span class='text-red-primary'>Automotive Security Foresight</span>
Critical Logs to reduce bandwidth

Other Features

Lockdown and Monitor mode
Lockdown and Monitor mode
Lockdown the ECU and monitor for suspicious activities
Configurable Policy
Configurable Policy
Author flexible policies that can be used across your entire fleet
Automotive Security Foresight
Automotive Security Foresight
Leverages Automotive Security Foresight (ASF) to provide up to the date protection against potential threats

Use Cases

Protecting a Telematics Control Unit From Remote Attacks
Protecting a Telematics Control Unit From Remote Attacks
Use Cases

Blog

The Green Light for Secure Connected Cars: VicOne’s 2022 Automotive Cybersecurity Report
November 29, 2022

The Green Light for Secure Connected Cars: VicOne’s 2022 Automotive Cybersecurity Report

In its first annual cybersecurity report, VicOne looks back at the prominent automotive threats in 2022, shares security predictions for the near future, and gives recommendations for securing the road ahead for connected cars.

VicOne
VicOne
VicOne’s Security Assessment Tool Supports SOAFEE’s Security-Driven SDV
November 23, 2022

VicOne’s Security Assessment Tool Supports SOAFEE’s Security-Driven SDV

VicOne’s security assessment tool, which is equipped with its own attack simulator, can help OEMs and suppliers ensure security from the design phase and prepare for future threats.

VicOne
VicOne
OpenSSL Releases Official Advisory to Address Buffer Overflow Vulnerabilities
November 16, 2022

OpenSSL Releases Official Advisory to Address Buffer Overflow Vulnerabilities

OpenSSL, a widely used open-source cryptography library, has released OpenSSL version 3.0.7 to address CVE-2022-3786 and CVE-2022-3602, which affect versions 3.0.0 to 3.0.6.

VicOne
VicOne

Start your journey to better automotive cybersecurity