Chinese automaker BYD has announced a strategic partnership with cybersecurity firm Karamba Security to bolster the protection of its connected vehicles. The collaboration was revealed at the Escar USA conference, where BYD disclosed its intent to deploy Karamba’s VCode software to enhance cybersecurity measures within its supply chain.
VCode, a cutting-edge cybersecurity solution, specializes in automatically identifying and addressing security vulnerabilities in electronic control units (ECUs) used in vehicles. By generating a detailed Software Bill of Materials (SBOM) for each ECU, VCode enables BYD to proactively detect and mitigate potential cybersecurity risks before they impact vehicle production.
See also: U.S. Commerce Secretary Warns of Potential Ban on Chinese Connected Vehicles
One key feature of VCode is its ability to evaluate product security, providing BYD with internal security scores that can also be shared with customers. This transparency allows BYD to demonstrate its commitment to cybersecurity to its customer base.
Moreover, VCode’s on-premises deployment ensures that it can effectively identify and address common security issues such as weak passwords, software library vulnerabilities, and lax file permissions within connected systems. The software also includes a filtering tool, enabling BYD to focus on actionable insights and prioritize critical security tasks.
See also: BYD Revamps Smart Driving Teams to Ramp Up Investment in Technology
The move comes amidst increasing regulatory scrutiny on the cybersecurity of connected vehicles. Under United Nations regulation No. 155, automakers are required to safeguard connected vehicles and their systems from potential cyberattacks. This regulation, initially applicable to vehicles produced in UN member countries, has recently been extended to cover bikes and scooters as well.
Karamba Security’s CEO, Ami Dotan, emphasized the importance of meeting cybersecurity regulations without compromising product development efforts. Dotan stated, “Karamba Security is proud to help successfully bridge U.S., European, Chinese, and other nations’ manufacturers with their global markets by ensuring they meet rigid cybersecurity regulations and protect their customers.”