After recent WikiLeaks revelations over the possibility of the CIA hacking automotive software, BlackBerry has said that its multi-level cyber security is able to withstand such threats.
WikiLeaks revealed that the CIA emails listed several different targets, including the BlackBerry QNX OS-based platforms.
Marty Beard, BlackBerry’s chief operating officer stated in a blog that it is a risk BlackBerry is aware of and that to mitigate such risks requires a “different, better approach to security and system design”. That approach is embodied by BlackBerry QNX, he claims.
Beard notes that in a standard OS, if an attacker gains root access, they can do anything. “That’s why most cyberattacks ultimately boil down to fooling the OS into thinking the attacker is a root user – which gives them full access to any system (in essence, having the key to every room and safe),” he wrote. However, he maintains “that is not the case with QNX OS. In our OS model, systems can be constructed in which no single process is running as root – you create a truly rootless system.”
He also claimed that the QNX Software Development Platform SDP 7.0 is “much more than an OS – it is a 64-bit OS and a multi-level platform featuring a policy-driven security model which incorporates BlackBerry’s best-in-class security technology”. He added that it is the “most advanced and secure embedded platform on the market, designed from the ground-up for security and availability. And it will be certified to ISO 26262 ASIL D – the highest safety delegation possible for a vehicle.”
BlackBerry claims its QNX software is in 60 million cars represented by more than 240 car models. QNX software can not only be found in a vehicle’s in-vehicle infotainment system, but also in support of vehicle telematics, instrument clusters and advanced driver assistance systems (ADAS).