CycurIDS-ETH: Intrusion detection for Ethernet-based E/E architectures
For continuous and effective risk management, in-vehicle attack detection via intrusion detection systems (IDS) will become the method of choice. A simultaneous change is taking place in E/E architectures. OEMs are increasingly responding to the high performance requirements of connected and automated vehicles with Ethernet-based E/E architectures.
ETAS now offers CycurIDS-ETH, an IDS solution that monitors Ethernet-based data traffic in the vehicle to watch for potential cyberattacks. The CycurIDS-ETH sensors make use of heuristic, signature-based detection on the ECUs and either log known anomalies locally or forward them to a vehicle security operations center (VSOC). As a ready-to-use software solution, CycurIDS-ETH can run completely on the Ethernet-switch or on microcontrollers or microprocessors.
The configuration of CycurIDS-ETH is based on the manufacturer’s network description files (e.g. ARXML for vehicle Ethernet networks). A proprietary configuration GUI with automatic rule generation makes it possible to fine-tune the sensor settings further. With all these features, CycurIDS-ETH supports both specification- and anomaly-based intrusion detection and identifies malicious diagnostic queries – attempts to shut down certain control units, for example – during vehicle operation.
Learn more in the recording of the ETAS webinar Intrusion detection for Ethernet-based E/E architectures.