Software Integrity Blog

Archive for the 'Automotive Security' Category

 

Securing IoT, Atlanta ransomware, Congress on cybersecurity

The Black Duck blog and Open Source Insight become part of the Synopsys Software Integrity blog in early April.  You’ll still get the latest open source security and license compliance news, insights, and opinions you’ve come to expect, plus the latest software security trends, news, tips, best practices, and thought leadership every week.  Don’t delay, […]

Continue Reading...

Posted in Automotive Security, Internet of Things

 

Who owns Linux? TRITON attack, app security testing, future of GDPR

We look at the three reasons you must attend the FLIGHT Amsterdam conference; how to build outstanding projects in the open source community; and why isn’t every app being security tested? Plus, going in-depth into the TRITON attack, why 2018 is the year of open source, how open source is driving both IoT and AI, […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Automotive Security, Data Breach, Open Source Security, Security Standards and Compliance

 

What’s under your hood? Connected car security and you

The auto industry constantly debuts new entertainment and safety features, but how secure is connected car software? How do you build in connected car security?

Continue Reading...

Posted in Automotive Security

 

Are there ever legitimate reasons for hacking a car?

Before the public sessions kick off at Black Hat on Wednesday and Thursday, there are four days of training courses. The course I took part in this year was a two-day, hands-on car hacking course. My instructor, Robert Leale, is the founder and coordinator for the car hacking village at DEF CON. Both the weekend […]

Continue Reading...

Posted in Automotive Security

 

OTA updates driving connected car revolution?

Fiat Chrysler Automobiles (FCA) announced recently that it was recalling 7,802 Dodge Challengers to “update transmission software,” in response to vehicle movement (“rolling”) after drivers shifted into park. While 7,802 pales compared to the 811,000 recalled from inadvertent “rolling” last year, the concept of pulling cars away from customers for a software upgrade is beginning […]

Continue Reading...

Posted in Automotive Security

 

MISRA: Ensuring software safety and security from the start

Developing software is an art. Developing safe and secure software is not only an art, but requires a mindset that anticipates potential bugs, security vulnerabilities, and system failures. Both quality and security are hard to add to a product after its inception. It simply isn’t practical to add on to a product as quality and security […]

Continue Reading...

Posted in Automotive Security, Security Standards and Compliance

 

Fault Injection Podcast .004: Driving automotive software security

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about automotive software security and the future of connected cars. You can always join the discussion by sending […]

Continue Reading...

Posted in Automotive Security, Internet of Things, Podcasts, Security Standards and Compliance

 

New car communications could give hackers a free ride

Adding communications to cars and the transportation infrastructure provides cool new services (e.g., safe driving, faster transit times, etc.). From a security perspective, it also widens the threat landscape. Potentially, a bad actor sitting along the roadside with wireless access might be able to mess with the internal workings of your car or the traffic lights […]

Continue Reading...

Posted in Automotive Security, Data Breach

 

4 risks in connected cars

Black Duck (now Synopsys) held its inaugural European user conference this month in Amsterdam. Turnout was great, with almost 100 representatives from European businesses attending our training and presentations. I was privileged to lead a panel discussion on the security implications of open source in connected cars. Gordon Haff, Technology Evangelist at Red Hat, and Simon Gutteridge, […]

Continue Reading...

Posted in Automotive Security, Webinars

 

Automotive security goes beyond the car

There’s been a fair share of attention paid to the security inside the connected car. There’s also been a significant uptick in new devices and apps that communicate with the vehicle from afar. These devices and apps use traditional means of communication (e.g., Bluetooth, Wi-Fi, etc.). They also make some very common software mistakes. For instance, […]

Continue Reading...

Posted in Automotive Security, Mobile Application Security