Have you ever wondered how microcontrollers in vehicles manage memory access behind the scenes? This episode sheds light on the Memory Protection Unit, an essential yet sometimes overlooked hardware layer designed to stop unauthorized reads, writes, and execution. We revisit fundamental principles—like differentiating between the Core MPU (CMPU) and the System MPU (SMPU)—and explain how each can become a target for cyber attackers.

Through detailed automotive cyber security case studies involving two newly discovered vulnerabilities, we reveal how a privileged attacker might disable the SMPU entirely. When that happens, carefully drawn security boundaries collapse, exposing critical sections of code and data. The conversation further explores how incomplete hardware locking mechanisms can nullify protective features, leaving devices open to unexpected exploits.

Despite these alarming scenarios, there are proven strategies for mitigating threats. We discuss testing every crucial claim in the datasheet, adopting multiple layers of security, and monitoring vendor errata to stay informed about updated countermeasures. This episode will challenge listeners to question assumptions and take a closer look at an automotive security architecture often assumed to be rock-solid.

Chapters:
(00:00) Introduction to Automotive Memory Protection Units
(01:43) From MMUs to MPUs
(03:08) The MPU: A Modern Day Cyber Sentinel
(05:18) Protection Units in the Automotive Domain
(08:09) Types of MPUs
(08:21) Core MPU (CMPU)
(09:01) System MPU (SMPU)
(09:54) Peripheral Protection Unit (PPU)
(11:54) Some background: The PowerPC architecture
(13:23) The MPU Vulnerabilities
(14:48) The Core MPU and its Limitations
(17:06) The System MPU (SMPU)
(19:38) Configuring the SMPU
(21:50) The SMPU Vulnerability
(23:10) Disclosure to STMicroelectronics
(25:55) Disclosure to NXP
(28:05) MPU Mitigations
(28:55) Concluding remarks
(29:48) Outro on the MPU PlaxidityX Case Study

Contact us:
https://www.linkedin.com/company/plaxidityx/
https://www.youtube.com/@PlaxidityX
contact@plaxidityx.com

This episode explores AI’s transformative role in automotive cyber security. As vehicles become increasingly connected and autonomous, cyber threats have evolved, but AI provides the precision and speed needed to counter these challenges.

Join us as we unpack the critical role of AI in protecting modern vehicles, from anomaly detection to sophisticated threat investigation using generative AI and large language models. Additionally, we discuss the dark side of AI, where attackers use it to create adaptive malware and targeted phishing, raising the stakes for cyber security in the automotive industry. Listeners will discover the power of generative AI (GenAI) and large language models (LLMs) in revolutionizing threat investigations, enabling quick identification of vulnerabilities and predictive analyses of possible attack scenarios. We also cover the benefits of XDR platforms, which integrate AI to offer holistic security for connected vehicle fleets.

Whether you’re in cyber security or the automotive industry, this episode reveals how AI innovations are paving the way for more secure and resilient vehicles. Tune in to discover the latest advancements in AI-driven automotive security and the proactive measures required to stay ahead of evolving cyber threats.

Chapters:

• (00:00) Introduction to AI’s Role in Transforming Automotive Cyber Security
• (01:17) The Value of AI in Automotive Cyber Security
• (03:17) AI-Powered Anomaly Detection in Vehicle Data
• (05:17) GenAI and LLMs: Revolutionizing Threat Investigations
• (08:27) The Dark Side of AI: Powering Advanced Cyber Attacks
• (10:04) XDR: The AI-Driven Defense Against Evolving Cyber Threats on Fleets
• (12:15) Race Against Time: Automotive Cyber security Must Evolve or Be Left Behind
• (13:13) Outro on the Critical Role of AI in Protecting Modern Vehicles

Contact us:
https://www.linkedin.com/company/plaxidityx/
https://www.youtube.com/@PlaxidityX
contact@plaxidityx.com

Intrusion Detection System Managers (IdsM) play a vital role in modern automotive cybersecurity, addressing the challenges posed by complex security events and regulatory requirements. IdsM solutions filter and standardize event data from AUTOSAR and Linux ECUs, reducing inefficiencies in monitoring and analysis.

In this episode, we will explore how challenges related to fragmented formats, limited ECU storage, and escalating data volumes are addressed by IdsM. By filtering irrelevant events locally, these solutions enhance fleet automotive security monitoring while reducing costs.

Join us to discover how PlaxidityX’s IdsM for Linux provides OEMs and Tier 1 suppliers with faster time-to-market, reduced development costs, and an enhanced approach to securing connected vehicles.

Chapters:

(00:00) Introduction to Intrusion Detection in Connected Vehicles
(00:43) Regulatory Challenges & The Need for Security Event Monitoring
(03:36) Introduction to Intrusion Detection System Managers (ITSM)
(05:12) AutoSAR vs. Linux: The Standardization Gap
(06:13) Cross-Platform ITSM Solutions
(07:07) Key Benefits for OEMs & Tier One Suppliers
(08:13) Wrap-Up & Closing Remarks

Contact us:
https://www.linkedin.com/company/plaxidityx/
https://www.youtube.com/@PlaxidityX
contact@plaxidityx.com