AUTOCRYPT announced that it has signed a R&D business agreement with IOTCUBE, a software vulnerability analysis solution developer, in response to vehicle open-source software security threats.

In 2018, IOTCUBE was established as a spin-off of Korea University’s Software Security Research Center. Since 2015, the Research Center has been conducting joint research with Carnegie Mellon University in the USA, Federal Institute of Technology Zürich in Switzerland, and Oxford University in England. IOTCUBE is an automatic vulnerability analysis platform, that have Korean and international patents for its code-level vulnerability analysis based on SBOM (Software Bill of Materials), and not only detects vulnerabilities but also provides information on code-correction measures and preventive risk management.

AUTOCRYPT has been conducting research on open-source vulnerability analysis and response for automobiles to strengthen open-source security, also widely used in automotive software development.

This year alone, in response to the increasingly stringent automobile global security regulations and the mandatory submission of SBOM in the US, AUTOCRYPT has been providing security consulting to about 20 manufacturers and parts makers, participating in the mass production of over 15 million security-equipped vehicles.

“As over 99% of the currently developed software uses open source, the risk factors are latent, such as the recent Log4j vulnerability”, said Eui-Seok Kim adding, “Open-source security will be a strong competitive edge for AUTOCRYPT in the development of automotive-only software that requires perfect security”.

Original article link :