As connected and electrified SDVs increase their market share significantly, software is becoming a central part of automotive design and development. This industry transformation introduces new development challenges for OEMs, such as integrating code from dozens of sources and protecting vehicle software and networks from ever-increasing cyber security risks.
In this complex ecosystem, both OEMs and suppliers are embracing security-by-design concepts based on building security into the vehicle design from the outset. This "shift left" approach identifies security issues during development and is more effective and less expensive than discovering a defect at a later stage.
DevSecOps (Development-Security-Operations) is a software development approach that automates the integration of security practices at every phase of the product lifecycle - from initial design through integration, testing, delivery and deployment. By integrating security measures from the start of development, DevSecOps can help automotive manufacturers reduce development time and costs, improve product quality and accelerate time to market.
The newly launched Argus DevSecOps platform is an innovative comprehensive solution aimed at helping automotive manufacturers incorporate security and compliance protection early in the development lifecycle. With security checks integrated continuously into the deployment pipeline - rather than at the end - developers can find and fix security vulnerabilities early, hence avoiding the higher costs of detecting vulnerabilities in production software.
"Forward-thinking automotive manufacturers are adopting a DevSecOps approach, applying security measures in every stage of the software development cycle," said Dorothy Amy, Frost & Sullivan Analyst. "Argus' new DevSecOps platform, combined with their vehicle security and fleet protection offerings, are key factors contributing to Argus' leadership position in the newly released Frost Radar: Automotive Cyber Security, 2024 report."
Using state-of-the-art tools and methods designed specifically for the automotive sector, this single coherent platform automates the entire DevSecOps process. The Argus DevSecOps platform comprises the following key components:
- Security AutoDesigner – Automates vehicle-level and ECU-level threat analysis and risk assessment (TARA) to identify vulnerabilities during the architecture design stage
- Code Security Manager – Analyzes code, automatically extracts Software Bill of Materials (SBOM), and scans for security flaws to enable immediate developer remediation
- Security AutoTester – Brings automotive software developers enterprise-grade automatic security testing such as fuzz and penetration testing
- SW Supply Chain Security – Extracts SBOM from binary files received from suppliers and scans for known vulnerabilities to comply with regulations and assure product security
The Argus DevSecOps platform leverages Argus' proven automotive cyber security knowledge and capabilities, making cyber security accessible to all automotive software development teams. For example, the Security AutoTester includes over 200 built-in automotive test cases for comprehensive fuzzing coverage, and Security AutoDesigner includes a database of over 100 threats, prioritized from low to critical. By offering these capabilities as a single, out of the box solution for the entire DevSecOps process, automotive manufacturers can automate and streamline secure product development. To date, several automotive manufacturers have already adopted the Argus DevSecOps platform. In addition, Argus DevSecOps platform is integrated with strategic technology partners such as dSPACE and Check Point Software Technologies, to enhance product security capabilities.
"Many of today's automotive manufacturers are embracing security-by-design concepts to streamline product development, improve quality and achieve compliance," said Ran Ish-Shalom, Argus VP Strategy and Product. "The Argus DevSecOps platform applies this shift left approach in practice, while leveraging our automotive domain expertise and proven cyber security and testing capabilities to help OEMs modernize and secure their SDV development toolchain."
About Argus Cyber Security
Argus, a global leader in automotive cyber security, provides DevSecOps, vehicle security and fleet protection technologies and services for automakers and their suppliers. Our solutions ensure that vehicle components, networks and fleets are secured and compliant throughout their life cycle.
Argus' innovative methods and solutions are based on decades of cyber security and automotive research and have culminated in over 100 granted and pending patents.
Founded in 2014, Argus is headquartered in Israel, with offices in USA, Germany, France, Japan, and Korea.
Photo: https://mma.prnewswire.com/media/2407664/Argus_Cyber_Security.jpg
Contact:
Rachel Pekin
Vice President Marketing
E-Mail: [email protected]
Naomi Lahner
FleishmanHillard
Email: [email protected]
SOURCE Argus Cyber Security
Share this article