ESCRYPT Intrusion detection and prevention solution | ETAS

Two colleagues collaborate in a brightly lit, modern office. A woman leans over to offer assistance to a man seated at a desk, who is using a computer mouse. Multiple computer monitors are visible, suggesting a technology-focused workspace.

The ESCRYPT Intrusion detection and prevention solution (IDPS) safeguards the vehicle network and various vehicle computer units (e.g. Gateways, High Performance Compute, ADAS, Zone Controller). Our components cover everything from deeply embedded security for Ethernet switches to simple integration into user applications, while also offering support for AUTOSAR security event management. Beyond local prevention, our solution enables fleet operators to establish a lifecycle of continuous security improvements, identify emerging security threats, implement dedicated incident response, and maintain a stable security level throughout the entire lifecycle.

Download Flyer

Your benefits

Advanced features

Offers best-in-class features and comprehensive coverage of automotive-specific protocols, including UDS, SOME/IP, DoIP.

Optimized for ECUs

Field-proven ready-to-use solution, pre-integration in Linux and QNX.

Cybersecurity homologation

Enables compliance with mandatory regulations, such as UN R-155 and the ISO/SAE 21434 standard.

Build the intrusion detection system (IDS) you need

ESCRYPT Host-based IDS

ESCRYPT Host-based IDS is an automotive software solution for detecting and managing security event information on Linux, QNX, and Android-based ECUs. It features a set of security sensors and basic configuration, adaptable to various monitoring scopes. Its rule-based approach is efficient and deterministic, leveraging existing system features and supporting additional custom security sensors.

Learn more about ESCRYPT Host-based IDS

ESCRYPT CycurGATE and ESCRYPT CycurIDS-ETH

ESCRYPT CycurGATE and ESCRYPT CycurIDS-ETH are automotive firewall and IDS solutions for automotive Ethernet, designed to prevent and detect attacks. These products achieve high performance through hardware-software co-design in automotive switches, support stateless, stateful, and deep packet inspections, and employ an efficient and deterministic rule-based approach. CycurIDS-ETH extends CycurGATE with enhanced security event generation and behavior analysis.

Learn more about ESCRYPT CycurGATE

Learn more about ESCRYPT CycurIDS-ETH

ESCRYPT CycurIDS-CAN

ESCRYPT CycurIDS-CAN is an automotive IDS for the Controller Area Network (CAN) to detect attacks. The provided configuration tool allows automated rule generation from OEM vehicle network specification files and extension with expert-created rules. This efficient and deterministic rule-based approach also supports complete simulation and testing of IDS on a developer computer using collected vehicle traces.

Learn more about ESCRYPT CycurIDS-CAN

Continuous fleet-wide security monitoring over the entire vehicle lifecycle

Increasing connectivity entails a rising risk of cyberattacks on vehicles. ETAS has an answer to this: the ESCRYPT Intrusion detection and prevention Solution IDPS.

Holistic end-to-end solution

Maintaining the appropriate security of a connected fleet is a holistic and continuous activity. Detailed knowledge of the security status and potential attacks is paramount and required by upcoming regulations and standards.

Consequently, a lifecycle approach is necessary, encompassing active security monitoring of in-vehicle components and their communication, the fleet’s IT infrastructure, and the overall automotive threat landscape.

This diagram illustrates ESCRYPT's in-vehicle distributed Intrusion Detection System (IDS). It highlights the key components and their interactions, from IDS sensors identifying security incidents to the Vehicle Security Operations Center (SOC) analyzing events and deciding on countermeasures. The system includes various ESCRYPT products like CycurIDS, CycurGATE, and CycurIDS-M. It covers different vehicle control units such as the classic/adaptive AR ECU and Telematics Control Unit.

Efficient risk management for the entire lifecycle of vehicles

IDS sensors elicit security event information where it matters

This diagram illustrates the architecture of an in-vehicle distributed Intrusion Detection System (IDS). It shows how various components work together to identify and respond to security threats at both the host and network levels. Key elements include IDS Sensors in the Vehicle Computer, Telematics Control Unit, and Gateway, along with the associated ESCRYPT CycurIDS software modules (M and R). The diagram also highlights available ESCRYPT IDS Sensor options for different communication interfaces (ETH, CAN, and GATE).

IDS sensors elicit security event information where it matters

Network-based intrusion detection for CAN and CAN FD with ESCRYPT CycurIDS-CAN
Network-based intrusion detection for Ethernet with ESCRYPT CycurIDS-ETH
Automotive Ethernet firewall with ESCRYPT CycurGATE
Host-based intrusion detection especially for systems with rich operating systems and external interfaces

ESCRYPT CycurGATE

ESCRYPT CycurIDS

Numbers zero and two with two people discussing

Distributed IDS framework selects, persists and forwards the relevant security event information

A man is sitting at his desk in front of multiple computer screens. He appears to be working on the design of a car.

Distributed IDS framework selects, persists and forwards the relevant security event information

Host-based IDS for vehicle computers
- For larger platforms, i.e. μPs running adaptive AUTOSAR and/or POSIX OS (Linux, QNX)
- Manages security event information on ECUs, vehicle domains, or the complete vehicle. Compliant with the AUTOSAR IDS Manager specification, the ESCRYPT CycurIDS-M variants can be customized for any filtering, persistence, and reporting strategy.
A reporter add-on for transferring the security event information from the vehicle to the VSOC

ESCRYPT CycurIDS

The ESCRYPT Vehicle security operations center enables fleet-wide monitoring

his diagram illustrates the ESCRYPT CycurGUARD security solution for vehicle fleets. It shows how data flows from vehicles through a mobile network operator, to a vehicle backend, and then into the CycurGUARD system for threat detection and analysis. Key components include the Intrusion Detection System (IDS), Fleet Backend, Vehicle Database, ESCRYPT VSOC (Vehicle Security Operations Center), SIEM (Security Information and Event Management), and security analysts.

The ESCRYPT Vehicle security operations center enables fleet-wide monitoring

Unites all security event information sources from vehicle fleets and vehicle backend systems, supporting ESCRYPT CycurGUARD, ETAS’ backend solution for onboarding security events.
Provides a comprehensive vehicle security operation service from a single source.

ESCRYPT Vehicle security operations center

ETAS and Deutsche Telekom partner on cybersecurity monitoring for vehicle fleets

Deutsche Telekom and ETAS representatives at a business conference, signing a partnership agreement.

ETAS and Deutsche Telekom Security GmbH cooperate on providing vehicle fleets with protection against cyberattacks. Together, the two partners offer an integrated, holistic solution comprising onboard detection of cyberattacks and fleet-wide cybersecurity monitoring through a vehicle security operations center (VSOC). This collaboration enables vehicle manufacturers to continuously monitor and manage their fleet-related cybersecurity risks in accordance with UN Regulation No. 155 (UN R155).

Learn more