A system and a method of managing program memory on a storage device. The method may include: receiving storage block information, including at least one of: storage block size of a storage device and block utilization limit of the storage device; receiving at least one first object file including a plurality of object code segments and a respective plurality of linker placeholders; sparsely stacking the object code segments to produce two or more libraries according to the storage block information; replacing the plurality of linker placeholders with actual addresses of sections of program memory according to the stacking of object code segments; and storing the plurality of object code segments on the storage device according to the actual addresses.
A system and method for securing data communication in an in-vehicle network may include a security unit adapted to authenticate communication of data between first and second components connected to the network. A security unit may authenticate a communication related to an update of firmware. If a communication of data cannot be authenticated, the security unit may block the communication.
A module for providing security to an in-vehicle communication network having a bus and at least one node connected to the bus, the module including: a memory having software including a model of an expected behavior of data communications over the portion of the in- vehicle communication network; and a processor that processes, responsive to the software in the memory, a plurality of messages registered from a portion of the in-vehicle network to: determine, based on the model and a context comprising attributes of the plurality of messages, whether or not at least one of the messages complies with the model; and if the at least one message does not comply with the model, then perform at least one action on the message.
A system and method for detecting cyber threats in a vehicle may detecting an event related to exploitation of a component connected to an in-vehicle network based on a deviation of execution of executable code from a reference execution behavior. A deviation may be detected based on a set of whitelists and blacklists. An event related to a deviation may be recorded.
A method of identifying a node of a plurality of nodes in an in-vehicle communications network that transmitted a waveform propagating in the network, comprising providing a library of fingerprints having a unique library fingerprint for waveforms transmitted by each node and comparing a fingerprint generated for the propagating voltage waveform with library fingerprints to determine which node transmitted the waveform.