Security

BlackBerry launches Jarvis code-scanning security tool for automotive software

The pay-as-you-go tool could also be used in the future in healthcare, aerospace, and other industries.

Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • BlackBerry Jarvis is a cloud-based security tool that uses code-scanning to find software vulnerabilities in connected cars.
  • The service could be expanded to work in other industries, and could provide a pivot point for BlackBerry to regain market share in the security space.

A new security solution from BlackBerry could help automakers scan their vehicle software for any potential vulnerabilities. BlackBerry Jarvis, unveiled in a keynote address at the North American International Automotive Show (NAIAS) on Monday, is a cloud-based code-scanning solution that quickly identifies flaws.

It's no secret that BlackBerry has struggled to find its feet after the fall of its smartphone hardware business. With the rise of the connected car and autonomous vehicles, however, BlackBerry could carve out a niche for itself as the go-to security provider in the space. The firm has already begun marketing its QNX platform to secure autonomous vehicles, and Jarvis could help fill the in gaps on the software side of things.

In a press release, BlackBerry noted that Jarvis can scan automotive software and deliver answers about potential problems within minutes. This replaces a complicated manual scanning process, potentially saving developers money, time, and energy, the release noted.

SEE: Network security policy template (Tech Pro Research)

In the keynote address, BlackBerry CEO John Chen noted that the solution will first be available to the automotive industry, as it has the clearest addressable need. However, he said, it could eventually be expanded to assist in fields such as healthcare, industrial automation, aerospace, and defense.

"Connected and autonomous vehicles require some of the most complex software ever developed, creating a significant challenge for automakers who must ensure the code complies with industry and manufacturer-specific standards while simultaneously battle-hardening a very large and tempting attack surface for cybercriminals," Chen said in the release.

Modern automobiles are complex, but the fact that their software components are often written by third-party suppliers and can number into the hundreds adds to that complexity. It also makes them harder to secure, and can create bottlenecks in production and security, the release noted. Jarvis aims to provide a single-pane view into the entire code base, with additional insights on how to protect current vulnerabilities and predict future issues.

Jarvis is a pay-as-you-go product, and can be customized based on the needs of the given manufacturer, according to the release. Users access Jarvis through an online portal, and can then scan binary files no matter what stage of the software development process they represent.

"This includes the capability to evaluate new software under consideration as well as the ability to assess existing software already in production," the release said. "Once scanned, development teams have immediate access to the results via user-friendly dashboards with specific cautions and advisories."

Jarvis will also help software stay compliant with MISRA and CERT, or with any custom rules that the manufacturer defines, the release said. Automakers like Jaguar Land Rover have already begun using Jarvis.

Also see

connected car online
Image: iStockphoto/UmbertoPantalone

About Conner Forrest

Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.

Editor's Picks

Free Newsletters, In your Inbox