黑莓推出Jarvis服务 帮助发现汽车软件安全漏洞 附:Blackberry Jarvis介绍视频-黑莓手机爱好者
BerryLink
专注黑莓,为你而在

黑莓推出Jarvis服务 帮助发现汽车软件安全漏洞 附:Blackberry Jarvis介绍视频

腾讯科技讯 1月16日消息,黑莓周一宣布,该公司推出了一款名为“Jarvis”的新服务,该服务旨在帮助汽车制造商测试他们安装在车内的代码,从而帮助发现汽车软件的安全漏洞。

Blackberry Jarvis

Blackberry Jarvis

Jarvis服务主要利用“静态分析(static analysis)”技术来发现用户使用的预建应用二进制程序中所存在的漏洞,这一方法能够为汽车制造商提供找到那些漏洞的信息,从而帮助汽车制造商或用户预先探测到这些漏洞并采取修复措施,这样也就帮助汽车和用户避免了被黑客利用该漏洞发动攻击的风险。

黑莓表示,围绕“Blackberry Jarvis”安全服务,该公司已与汽车制造商塔塔汽车(Tata Motors)旗下的捷豹路虎(Jaguar Land Rover)展开了相关测试,后者首席执行官表示,“Blackberry Jarvis”安全服务将评估代码的时间从30天缩短至7分钟。

黑莓公司称,一旦“Blackberry Jarvis”安全服务启动,汽车制造商将可以在线访问,并可利用该服务对在各个阶段的软件开发进行安全扫描。黑莓表示,公司提供“Blackberry Jarvis”安全服务,将以“现收现付”(pay-as-you-go)方式进行。

如今,汽车越来越多地接入互联网,而且无人驾驶汽车也越来越多,因此,向汽车制造商提供安全工具就有着非常重要的意义了。即使一辆汽车当前仍处于安全模式,但事实上,汽车制造商还是需要考虑安全漏洞问题,特别是从过去存在的一些情况来看。此前,黑客就利用汽车的代码漏洞来操控不同的汽车功能。

黑莓的这项新服务主要就是针对汽车市场,因为汽车制造商通常使用成百上千个不同的软件,当然也包括一些来自其它企业预先安装的软件。Jarvis功能可以帮助汽车制造商率先扫描那些预装的二进制程序,包括那些并非这些厂商原装的程序在内,从而帮助汽车制造商最终获得更加安全的软件。

当然,这一新服务的推出,对黑莓本身也大有好处,毕竟这一新服务可以帮助黑莓在智能手机行业之外能够更加深入地向汽车市场迈进。事实上,黑莓公司有过涉足汽车市场的经历,那就是在该公司于2010年收购了QNX软件系统之后。这一交易让黑莓新增了QNX产品,即一个类似于Unix的操作系统,可以用于汽车之类的嵌入式应用程序。与此同时,QNX也帮助黑莓公司支撑了向其它市场进军的雄心,例如智能家具和医疗健康等市场。

黑莓Blackberry Jarvis服务官方介绍宣传视频

汽车安全保护当前遇到的一些障碍

供应链的复杂性
汽车软件由多层供应商构建,其中没有建立标准。

源代码访问
并不是供应链中的所有供应商都提供源代码中的软件。

昂贵的手动代码检查
需要数千名工程师和多年的工作来手动检查每个汽车模型迭代建立的1亿行代码。

黑莓Blackberry Jarvis服务可解决以上的问题。

Jarvis将通过软件即服务模式投入使用。用户使用Jarvis服务时需要付费,具体金额将根据他们需要扫描和捆绑购买的数据量来定。当然,Jarvis功能是完全自动化的,因此,黑莓希望该服务能够鼓励用户更加频繁地扫描他们的软件。

未来,黑莓可能会把Jarvis服务拓展到汽车行业之外的其它市场,因为像航空、医疗健康、甚至国防等其它行业也可能会充分利用黑莓的这种静态分析功能。

*部分转载原文经BerryLink再次编辑,并补充视频与图片。

黑莓官方新闻稿原文:(EN)

BlackBerry Launches Game Changing Cybersecurity Product: BlackBerry Jarvis

DETROIT, MICHIGAN–(Jan. 15, 2018) – In a keynote address at the North American International Automotive Show (NAIAS), BlackBerry Limited (NYSE:BB)(TSX:BB) Executive Chairman and CEO, John Chen, today unveiled BlackBerry Jarvis, a transformational software cybersecurity product. BlackBerry is initially marketing this solution to automakers, whose complex software supply chains create compelling and urgent use cases that Jarvis can help solve today. BlackBerry also noted that Jarvis is applicable to other industry segments, citing healthcare, industrial automation, aerospace, and defense as examples of other fields with immediate need for this product.

Built on the company’s decades of cybersecurity expertise and proprietary technology, Jarvis is a one-of-its-kind cloud-based static binary code scanning solution that identifies vulnerabilities in software used in automobiles. Jarvis scans and delivers deep actionable insights in minutes, what would otherwise involve manually scanning that will take large numbers of experts and an impractical amount of time.

“Connected and autonomous vehicles require some of the most complex software ever developed, creating a significant challenge for automakers who must ensure the code complies with industry and manufacturer-specific standards while simultaneously battle-hardening a very large and tempting attack surface for cybercriminals,” said John Chen, Executive Chairman and CEO, BlackBerry.

Exacerbating the challenge for OEMs is the fact that vehicles use hundreds of software components, many of which are written by an expansive network of third party suppliers spread across several tiers. This distributed supply chain offers many advantages while also increasing opportunities for human error that can slow down production cycles and impact overall quality.

Mr. Chen continued: “Jarvis is a game-changer for OEMs because for the first time they have a complete, consistent, and near real-time view into the security posture of a vehicle’s entire code base along with the insights and deep learning needed to predict and fix vulnerabilities, ensure compliance, and remain a step ahead of bad actors.”

How Jarvis Works

Offered on a pay-as-you-go usage basis, Jarvis is customized for the unique needs of each OEM and their entire software supply chain. Once initiated, automakers will have online access to Jarvis and can scan any number of binary files at every stage of software development. This includes the capability to evaluate new software under consideration as well as the ability to assess existing software already in production. Once scanned, development teams have immediate access to the results via user-friendly dashboards with specific cautions and advisories.

In addition to cost and time savings, BlackBerry Jarvis helps ensure that production software adheres to industry standards such as MISRA and CERT, and enables OEMs to define custom rules to meet organization-specific objectives.

Proven and Tested

BlackBerry has already begun trialing Jarvis with some of the world’s largest automakers.

“Jaguar Land Rover and BlackBerry share a common objective in bringing the most intelligent vehicles to reality,” said Dr. Ralf Speth, CEO, Jaguar Land Rover. “BlackBerry Jarvis addresses the software cybersecurity needs of the automotive industry. In our independent study, Jarvis delivered excellent efficiencies in time-to-market, significantly reducing the time to security assess code from thirty days to seven minutes. The productivity delivered by Jarvis combined with BlackBerry’s trusted security heritage can transform vehicle safety.”

Providing the Secure Foundation for Connected and Autonomous Vehicles

As a leader in safety-certified, secure, and reliable software for the automobile industry, BlackBerry currently provides OEMs around the world with state-of-the-art cybersecurity technology to mitigate the risk of cyberattacks targeting a vehicle’s software. BlackBerry’s pedigree in security and continued innovation has led to recent automotive design wins with Baidu, Delphi, Denso, NVIDIA, Qualcomm, Visteon, and others. To learn more about BlackBerry’s trusted secure embedded software platform for the autonomous vehicle market, please visit BlackBerry.com/QNX.

Additional information on BlackBerry Jarvis can be found at BlackBerry.com/Jarvis.

About BlackBerry

BlackBerry is a cybersecurity software and services company dedicated to securing the Enterprise of Things. Based in Waterloo, Ontario, the company was founded in 1984 and operates in North America, Europe, Asia, Australia, Middle East, Latin America and Africa. The Company trades under the ticker symbols “BB” on the Toronto Stock Exchange and “BB” on the New York Stock Exchange. For more information, visit www.BlackBerry.com.

BlackBerry and related trademarks, names and logos are the property of BlackBerry Limited and are registered and/or used in the U.S. and countries around the world. All other marks are the property of their respective owners. BlackBerry is not responsible for any third-party products or services.(BerryLink.cn)

Media Contacts:
BlackBerry
(519) 597-7273
mediarelations@BlackBerry.com

Investor Contact:
BlackBerry Investor Relations
(519) 888-7465
investor_relations@BlackBerry.com

berrylink

berrylink

网站编辑 at BerryLink
黑莓,为你而在....
热情,奉献,坚持——发自内心的喜爱.
berrylink

Latest posts by berrylink (see all)

请遵循网络共享条款,保留原作者与链接:黑莓手机爱好者 » 黑莓推出Jarvis服务 帮助发现汽车软件安全漏洞 附:Blackberry Jarvis介绍视频

分享到:更多 ()

评论 抢沙发

评论前必须登录!

BerryLink专注BlackBerry的开放式平台,邀您加入

加入我们团队成员