
CycurIDS-ETH: Intrusion detection for Ethernet-based E/E architectures
Intrusion detection systems (IDS) are becoming the inevitable choice for continuously effective risk management. At the same time, a change in E/E architectures is taking place: OEMs are meeting the high performance requirements of increasingly connected and automated vehicles with Ethernet-based E/E architectures.
With CycurIDS-ETH, ESCRYPT now offers an intrusion detection system that monitors Ethernet traffic in the vehicle for potential cyber attacks. The CycurIDS-ETH sensors use heuristic, signature-based detection on the ECUs and log detected anomalies either locally or forward them to the Vehicle Security Operations Center (VSOC). As a ready-to-use software solution, CycurIDS-ETH runs either completely on the Ethernet switch or on microcontrollers or microprocessors.
The configuration of CycurIDS-ETH is based on manufacturer network description files (e.g. ARXML for vehicle Ethernet networks). A dedicated configuration GUI with automatic rule generation allows further fine tuning of sensor settings. As a result CycurIDS-ETH supports both specification- and anomaly-based intrusion detection, identifying malicious diagnostic requests – such as attempts to shut down specific ECUs – while driving.
Learn more in the recorded ESCRYPT webinar "Intrusion detection for Ethernet-based E/E architectures".