Protection at every level
Built-in redundancy and safety checks to ensure driver safety and vehicle functionality at all times.
Sophisticated, multi-layered security using the latest approaches to quickly identify, stop and mitigate the impact of cyber attacks.
Data privacy & security is designed into every solution, from in-vehicle software & firmware to encryption in the cloud.
Operational principles that follow rigorous internal procedures and industry best practices to keep every customer safe & secure.
Functional Safety
ISO 26262 Certified and ASIL-D Rated
The only ISO 26262 certified (by UL) over-the-air software update product with an ASIL-D rating for deploying software and firmware updates to any ECU with safety and confidence.
Vehicle Safe State Checks
Customizable "safe state" checks to ensure road vehicles are in a safe state (not in motion) before and after performing any ECU software updates that could result in a human safety hazard.
Firmware Assurance Checks
Sibros' system ensures only valid versions of OEM signed software or firmware can be installed to mitigate risks of incorrect parameter settings or malware intrusion.
Unprogrammed ECU Checks
Continuous monitoring of ECUs to ensure they are fully and correctly programmed, operating as intended.
Concept Testing
We ensure the functional safety of all new products and concepts with extensive concept testing and analysis prior to customer release.
Cybersecurity
WP.29 R155 & R156 Compliance
Technology features and mechanisms for Cybersecurity Management Systems (CSMS) and Software Update Management Systems (SUMS) to help OEMs achieve R155 and R156 regulatory compliance.
IEEE Uptane Cybersecurity Standard
Our systems employ the compromise-resistant Uptane framework, designed to provide multi-layer cybersecurity and threat protection against bad actors for over-the-air software updates in ground vehicles.
Secure Communication
Utilization of HTTPS/MQTTS to ensure secure and reliable data exchange between vehicles and the cloud.
Multiple Signature Points
Approval and authentication of commands and updates to require signature keys across multiple access points and users to prevent tampering and unauthorized usage.
Unique Version Identifiers
All software versions, update packages, system changes, and associated vehicles utilize unique identifiers for consistency, transparency, verification, and traceability.
Full Cyberattack-Type Protection
Sibros’ multi-layer authentication & security approach protects against a multitude of malicious activities such as eavesdropping, drop-request, slow-retrieval, freeze attacks, rollback attacks, and more.
Data Protection
GDPR Compliance
Compliance with user privacy and data rights as outlined in the EU General Data Protection Regulation (GDPR) and other comparable international data protection standards.
CCPA Compliance
Compliance with customer consent and right-to-use requirements for data collection and storage as outlined in the California Consumer Privacy Act.
ISO 27001
Certified for Information Security Management Systems and best practices that safeguard all forms of information and protect the integrity, confidentiality and availability of data.
TISAX
Compliance with the European automotive standard for a consistent approach to enterprise information security systems.
Operations
SOC 2 Type II
Certification by the American Institute of CPAs (AICPA) Systems and Organization Controls (SOC) for internal controls and efficacy of how we safeguard customer data.
ISO 9001:2015
Certified for Quality Management Systems (QMS) and frameworks to continually improve our products and services we deliver to you.
Incident Response & Risk Management
Our dedicated Risk Committee oversees the detection, assessment, and documentation of potential threats per the guidelines outlined in our Incident Response Policy.
Continual Staff Training
Ongoing communication and training is required across the organization on all new operational procedures, obligatory compliance topics and related best practices.
Secure Onboarding & Offboarding
All employees undergo a thorough vetting process, including multiple interviews, a criminal background check, and introductory training. Upon departure, employee access to company systems, services, and applications is immediately disabled.
FAQ Safety and Security
Ecosystem / Foundation
All access needs authorization and is granted on a need-to-know basis. All employees are background checked as part of their onboarding process.
Sibros follows an approach of security designed from the ground up and built into the DNA of the product. This includes in-vehicle secure communications and secure storage / HSM integrations.
Our solution is assessed to TISAX, SSAE 16/18 SOC 2 Type 2, ISO 26262 (ASIL-D) in place with ISO 27001, ISO 21434, and ISO 24089 in progress. Sibros also addresses and supports security regulations such as UNECE WP.29 R155 and R156, with AIS 189, AIS 190 under review; as well as privacy regulations such as GDPR and CCPA, with Indian DPDP under review.
Privacy by Design
Sibros acts as a data processor. The OEM is the data controller.
All changes for cloud and firmware are reviewed.
Sibros has a very well defined incident management process, and security incident management and breach response processes.
With the following reviews and assessments:
- Components vulnerability review (firmware and cloud software)
- Cloud infrastructure vulnerability review (cloud software)
- OWASP IOT ASVS assessment (firmware)
- Cloud posture assessments
- AWS GuardDuty, GCP SCC, and other cloud threat assessment tooling
Support for 0x27 and key exchange, secure storage and symmetric key handling to be determined by target ECU.
The following are used:
- MQTT(s) over Mutual TLS
- HTTPS over TLS
Sibros Armor includes the following checks and failsafes:
- 2-way authentication of communication between vehicle and cloud
- Device provisioning framework incorporating secure integrations with manufacturing
- DeviceID and Vehicle Identification (VIN) with a data abstraction framework that incorporates Privacy by Design
- Role-based Access Control (RBAC)
- Approval workflow for deployments and changes for systems
- SSO and MFA for user authentication
- In-vehicle secure communications
- Secure storage / HSM integrations
Sibros primarily uses a Globally Unique Identifier (GUID) to create a link between device identification information such as Vehicle Identification Number (VIN) / Electronic Serial Number (ESN) and the data collected by Deep Logger, Deep Updater, and Deep Commander.
Deep Logger
Security is designed into the solution. Additionally, it is assessed to TISAX, SSAE 16/18 SOC 2 Type 2, ISO 26262 in place with ISO 27001, ISO 21434, and ISO 24089 in progress.
Log files are archived and optionally compressed. They are also handled securely and not directly uploaded into the system. The only reference information is in the system, and the S3 bucket is only used for storage of files that are uploaded as GUID’s (Globally Unique Identifiers).
Deep Updater
- Drop request: Attacks that block network traffic (in-vehicle or outside) to prevent vehicles from updating software
- Eavesdrop: Attacks that listen to network traffic to reverse-engineer ECU firmware.
- Freeze attack: Indefinitely sends an ECU the last known update, even if there may be newer updates on the repository.
- Mixed-bundles: Attackers force ECUs to install incompatible software updates to cause ECU interoperability failure.
- Slow-retrieval: Slows down delivery of ECU updates so that a known security vulnerability can be exploited.
- Partial-bundle: Causes some ECUs to not install the latest updates by dropping traffic to these ECUs.
- Rollback: Causes an ECU to install outdated software with known vulnerabilities.
- Arbitrary software: Attackers use compromised repository keys to release an arbitrary combination of new images to cause ECUs to fail.
- Mix-and-match: Most severe of all attacks installing arbitrary software on ECU to modify vehicle performance.
Uptane is the first security framework for automotive OTA updates that provides serious compromise resilience, meaning that it can withstand attacks on servers, networks, keys, or devices. The differences are as follows:
- A single server that is compromised cannot compromise more of the system.
- It is possible to recover from a single key compromise.
- The complete vehicle IP address is not readily accessible.
- Network security is not the only security control.
- Delivery authenticity is validated separately from firmware authenticity.
- Vehicle manifest and vehicle component authenticity are validated.
- Component and ECU rollback and replacement attacks are easily detected and remediated.
The following measures are taken:
- Device provisioning
- HSM integration
- In-vehicle secure communications
- Provisioning of EOL integrations and device provisioning
- Uptane keys and component replacements
Cloud
The following measures and practices are implemented:
- Access is restricted to authorized personnel; SSO and MFA are enforced.
- Access is monitored with alerts triggered for unauthorized access.
- Keys are segregated and signatures are firmware validated.
- Mutual Transport Layer Security (TLS) with certificate for all command and control processes is used.
- Permitted actions and values are configured via protobuf, which is controlled and managed with approvals.
The following are used:
- Static analysis of code (SAST)
- Secrets review
- Dependency checking (vulnerability assessments)
- OWASP Top 10
- OWASP API Top 10
- OWASP IOT ASVS
- CI/CD review of SBOM
