Connected vehicles face several security risks, including unauthorized access to sensitive vehicle information (such as driving patterns through vehicle tracking and driver profiling), data privacy breaches due to weak encryption, and malicious manipulation of over-the-air (OTA) software updates. These risks allow attackers to inject malicious code into the vehicle’s systems and manipulate telemetry data to create false information.
To provide runtime protection against advanced threats and exploits, we are excited to announce the availability of the VM-Series Virtual Next-Generation Firewalls on Connected Mobility Solution (CMS) on AWS. This integration enables OEM vendors and car manufacturers to use the VM-Series Virtual Firewalls to secure applications built using the Connected Vehicle Solutions marketplace.
Connected Mobility Solution (CMS) on AWS is a well-architected connected mobility offering designed to accelerate the development of innovative use cases, reduce friction, time, and cost to develop, deploy, and manage connected vehicle assets. It aims to solve complex connected vehicle use cases for automotive customers, including telemetry data insights and analytics, fleet management, insurance and warranty claims, and improving developer productivity. Connected Mobility Solution on AWS provides purpose-built connected vehicle accelerators (modules) for our customers to use to build their next-generation connected vehicle solutions. CMS accelerators include vehicle connect and store, vehicle provisioning, alerts management, EV battery health visualization, vehicle simulator, API Module, and predictive maintenance module.
Palo Alto Networks VM-Series Virtual Next-Generation Firewalls consistently protect public and private clouds, virtualized data centers, and branch environments by delivering inline network security and threat prevention. Powered by Precision-AI, VM-Series Virtual Firewalls provide the world’s most effective network security to any network and any cloud, making it automatable, scalable, and easy to deploy.
With the VM-Series support on private and public cloud, you can:
To illustrate the importance of security for connected vehicles, consider a recent example involving a vulnerability in one of the large car manufacturers. Hackers exploited this vulnerability on the company’s website, allowing them to hack and track millions of vehicles. They even built small custom applications to send commands to scan any internet-connected vehicle, gain access to the car's location, unlock the cars, and even start the ignition. Similar vulnerabilities have been detected in vehicles from other manufacturers. As more car providers enable smartphone features, the attack surface for the connected vehicles will only increase.
When vulnerabilities are detected, car manufacturers work to analyze and patch them. However, it takes time to address these issues, and even after patching, systems remain vulnerable to unpatched and unknown vulnerabilities. To overcome such security risks, you need security that is always ON. This is where the VM-Series comes into play. VM-Series Next-Generation Firewalls can protect your cars from both known and unknown threats, and grant access based on user identity.
Figure 1. VM-Series listing in the Automotive Cloud Developer Portal (ACDP)
For connected cars today, software updates occur over the air. To keep the car safe for driving and prevent the download of vulnerable software, it is crucial to verify that the car can download and receive software updates only from legitimate websites. The VM-Series Virtual Next-Generation Firewalls, combined with Advanced URL filtering, ensure that the car downloads software updates solely from approved websites while blocking connections to malicious websites identified by Palo Alto Networks.
In addition, the User-ID capability provided by Palo Alto Networks on VM-Series restricts the management of car operations from a mobile device to only authorized users with proper permission. This includes starting software updates, turning on the car, honking the horn, and more.
As more car manufacturers collect data from vehicles—such as battery health, charging patterns, and the condition of components like oil levels and brakes—for diagnostic purposes, it becomes crucial that this information is transmitted only to legitimate websites and endpoints. Without proper protection, a car's telemetry data could fall into the hands of malicious actors, who could use it to gain control of the vehicle’s operations or introduce additional malware. The VM-Series can ensure that car components send telemetry data only to the correct endpoints and websites, keeping your vehicle safe from these threats.
To start using VM-Series to protect your connected vehicles, please visit the AWS CMS website, deploy the ACDP module first, and start using VM-Series today!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 5 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
