Carwall sits in the vehicle ECUs and ‘learns’ the factory settings. If hackers breach the manufacturer’s cyber security and tries to infect the ECUs of in-service vehicles, Karamba’s software detects the impending change to factory settings and blocks activation.
David Barzilai, the company’s chairman and co-founder, said with tens of millions of lines of code in car software, it is impossible to guarantee all security bugs are eliminated. Carwall does not stop a hacker exploiting a security bug to transmit malware to a vehicle’s ECUs but it does prevent that malware being activated.
When Carwall detects foreign activity or code on an ECU it sends an alert to the manufacturer and system providers’ details on security bugs the hackers exploited, the code they attempted to run and the function it would execute. According to Barzilai, as the factory settings are definitive, Carwall does not produce false positives.
The software can be installed retrospectively to in-service vehicles by authorised distributers but cannot prevent individual hacks where the hacker can physically connect the vehicle’s CANbus architecture.