Software Vulnerability Management
The Challenge of Visibility
Performing risk assessments at the vehicle software component level are challenging for numerous reasons. The amount of code involved is staggering, access to the code may be restricted and the overall process depends on all the players in the automotive OEM’s complex supply-chain.
Automated scanning of binaries can reduce the challenge into manageable scales. Combined with HARMAN OTA Solution, an OEM’s binaries repository can now benefit from a periodic scanning of all components under management. With the continuous update of threat intelligence database of Common Vulnerabilities and Exposures (CVEs) and proprietary threats data, OEMs can quickly be notified of zero-day vulnerabilities and assess their impact on vehicles that are in production.
- Automated scanning of binaries before update campaigns are activated
- An up-to-date security score to help OEMs identify risk level in deploying software components
- Continuous monitoring of deployed binaries, identification and alerting of zero-day vulnerabilities
- A full impact analysis at the binary level to assess the level of an OEM's fleet exposure
Binaries Vulnerability Scan
Increase Visibility into the Binaries and Potential Vulnerabilities
The new cybersecurity add-on to HARMAN OTA solution allows the automated triggering of scanning of binaries for cybersecurity vulnerabilities, provides a cybersecurity “risk score” to binaries under HARMAN’s OTA solution management and support campaign initiation decisions. An automotive OEM has little visibility into the source code and potential vulnerabilities that lie within it. With this HARMAN add-on, OEMs will now be able to be alerted on component-level vulnerabilities throughout the supply chain, and further assess the risk and impact of zero-day vulnerabilities while shortening response time from identification to full recovery.