Cybellum, a product security platform in based in Tel Aviv, has debuted a comprehensive system-level cybersecurity for vehicles and products that unifies assessments of its firmware, components, and software bill of materials (SBOMs) at the Escar USA conference 2022 in Ypsilanti.
The conference runs through June 16 at the Roy E. Wilbanks Golf Clubhouse at the Eagle Crest Golf Club.
Cybersecurity has become a challenge for vehicles and device manufacturers due to supply chain vulnerabilities and coding errors by internal development teams, which creates potential threat actors. In addition, the creation of SBOMs and handling several uncovered vulnerabilities has become labor intensive and costly than just scanning and detecting threats.
“One of the key barriers that teams are faced with is the limited view they have into their devices, which results in their inability to comprehensively assess their overall security posture,” says Eran Rosenberg, vice president of product at Cybellum.
“Instead, they labor over multiple disconnected subcomponent assessments, trying to figure out how one component relates to the other, what is the impact of a certain vulnerability on the whole device security, and what could be the potential for damage.”
The resulting process is time consuming, expensive, and error prone, which is difficult to manage throughout the device lifecycle. Product teams are unable to assess overall potential risk, have no visibility at the product system level, and they are left with complex processes that don’t scale.
Cybellum states it solves these issues by providing product security teams with the ability to view the systems architecture, relations between components, and any connections to external networks as it automatically defines a product of vehicle system’s potential damage impact.
While analyzing risks by drilling down from the system view to the component level, the so-called “system of systems” can define and set countermeasures like firewalls and IDS/IPS within the device and see the immediate impact on the overall security risk score.
“At Cybellum, we’ve extended our award-winning Cyber Digital Twins technology to deliver the much-needed full system view,” says Rosenberg. “System of systems provides unprecedented visibility and control for product security teams.
“It enables improved time to market with simpler and quicker system level assessments. It also minimizes security risks with enhanced control over system-level risk and improves compliance with regulations and standards that require device/system level cybersecurity management.”
For information about the conference, visit here.
For more information about Cybellum, visit here.
