LDRA and OpenSynergy partner to promote defense-in-depth strategy for embedded automotive applications
LDRA, a provider of automated software verification, source code analysis and test tools, and OpenSynergy, specialist in embedded automotive software, are partnering to support and promote a defense-in-depth strategy combining hypervisor technology with secure coding techniques.
Automotive connectivity is an ongoing concern, with vulnerability to attacks from bad actors being demonstrated in models from a range of manufacturers. Further, several features of connected EVs such as the batteries and their charging systems are associated with inherent safety implications.
Automotive application developers are already familiar with the demands of functional safety standards, including ISO 26262’s defined development, validation, and verification processes, and with the capacity of the LDRA tool suite to help achieve those aims.
The benefits of virtualization in the automotive sector are also well known, and OpenSynergy COQOS hypervisors present an opportunity for development teams to realize reduced cost; reduced device seize, weight and power (SWaP); improved CPU performance, and a convenient migration path for unmodified legacy applications.
It is their capacity to provide a mechanism for domain separation, however, that is critical to automotive cybersecurity. The need for inter-process communication (IPC) between those domains is inevitable and a likely source of vulnerabilities. The role of secure application code is pivotal in that context because the code handling the data processed by IPCs has a key role to play in defending a potential weakness in a virtualized architecture.
OpenSynergy focuses on the automotive virtual platform COQOS Hypervisor SDK based on VIRTIO technology. The hypervisor on this platform runs directly on the System-on-Chip (SoC) application cores and creates several virtual machines (VMs). Each VM is isolated from the others. This separation makes it possible to run functions with different real-time behavior and functional safety requirements simultaneously on a single SoC.
The wisdom of a defense-in-depth strategy is unquestionable. Defenses against cyberattack are often envisaged as analogous to a medieval castle with moats, perimeter walls and armed soldiers all operating independently. But the combination of LDRA’s secure coding and OpenSynergy’s hypervisor technology goes beyond that analogy by combining defenses that are mutually supportive, ensuring a level of security that they could not provide independently.—Matthias Stumpf, Vice President (VP) Sales OpenSynergy
Automotive application software developers have a lot to contend with. The demands of ISO 26262 are challenging enough, and the emergence of the connected car with its implications for cybersecurity only adds to those challenges. By providing a tool suite that allows security and functional safety objectives to be fulfilled concurrently and accommodates a focus on the secure coding of software associated with inter-process communications, we hope to help lighten the load.—Ian Hennell, Operations Director, LDRA
Both the LDRA tool suite and the OpenSynergy hypervisors have been certified by SGS TüV as suitable for development of safety-related software compliant with ISO 26262. In addition, the LDRA tool suite offers tool qualification support packs for the qualification of LDRA tools for high assurance applications requiring regulatory approval.