BYD has selected Karamba Security's VCode to comply with global automotive cybersecurity regulations. The Chinese electric vehicle manufacturer will use Karamba’s VCode to create a software bill of materials (SBOM) for electronic control units (ECUs), manage supply-chain security and ensure that firmware used is free from critical vulnerabilities. This move will also help BYD's compliance with mandatory cybersecurity regulations in many major global markets.
Karamba Security is a specialist in end-to-end product cybersecurity, including automotive ECUs, and other internet of things and edge products. With the rise of safety and privacy risks brought about by vehicle and IoT product hacking, regulators have made it compulsory for original equipment manufacturers and suppliers to secure their devices. Karamba's software solutions allow OEMs and suppliers to meet global cybersecurity regulations without disrupting research and development or product time to market.
According to Karamba, its VCode helps customers to automatically create an SBOM of their devices and automatically identifies cybersecurity issues in their supply chain and addresses them before production. The solution identifies, prioritizes and mitigates security gaps in the software image and serves as a product security scorecard both internally and for customers and auditors.
VCode binary analysis software works seamlessly with continuous integration/continuous design (CI/CD) pipelines or runs stand-alone on customers' premises. It identifies vulnerabilities covering a wide range of security misconfigurations and coding errors including weak passwords, risky tools, suspicious data, unsecure binaries and more.
“Karamba Security is proud to help successfully bridge U.S., European, Chinese and other nations’ OEMs with their global markets by ensuring they meet rigid cybersecurity regulations and protect their customers,” said Ami Dotan, co-founder and CEO of Karamba Security. “Karamba, regulators and automotive manufacturers are united in our commitment to secure vehicles and global supply chains against hackers, who are blind to nationality and are willing to put customer safety and privacy at risk for financial or terrorist reasons.”
