In a keynote address at the North American International Automotive Show (NAIAS), BlackBerry Executive Chairman and CEO, John Chen, unveiled BlackBerry Jarvis, a transformational software cybersecurity product.
BlackBerry is initially marketing this solution to automakers, whose complex software supply chains create compelling and urgent use cases that Jarvis can help solve today. BlackBerry also noted that Jarvis is applicable to other industry segments, citing healthcare, industrial automation, aerospace, and defense as examples of other fields with immediate need for this product.
Built on the company’s decades of cybersecurity expertise and proprietary technology, Jarvis is a one-of-its-kind cloud-based static binary code scanning solution that identifies vulnerabilities in software used in automobiles.
Jarvis scans and delivers deep actionable insights in minutes, what would otherwise involve manually scanning that will take large numbers of experts and an impractical amount of time.
John Chen, Executive Chairman and CEO, BlackBerry said,
“Connected and autonomous vehicles require some of the most complex software ever developed, creating a significant challenge for automakers who must ensure the code complies with industry and manufacturer-specific standards while simultaneously battle-hardening a very large and tempting attack surface for cybercriminals,”
Exacerbating the challenge for OEMs is the fact that vehicles use hundreds of software components, many of which are written by an expansive network of third-party suppliers spread across several tiers. This distributed supply chain offers many advantages while also increasing opportunities for human error that can slow down production cycles and impact overall quality.
“Jarvis is a game-changer for OEMs because for the first time they have a complete, consistent, and near real-time view into the security posture of a vehicle’s entire code base along with the insights and deep learning needed to predict and fix vulnerabilities, ensure compliance, and remain a step ahead of bad actors.”
BlackBerry Jarvis inspects binary files in an easy, quick, scalable, and cost-effective way, and delivers deep insights into the quality and security of software components.
A modern car has over 100 million lines of software. As the software in a car grows so does the attack surface, which makes it more vulnerable to cyberattacks. Each poorly constructed piece of software represents a potential vulnerability that can be exploited by attackers.
Offered on a pay-as-you-go usage basis, Jarvis is customized for the unique needs of each OEM and their entire software supply chain. Once initiated, automakers will have online access to Jarvis and can scan any number of binary files at every stage of software development. This includes the capability to evaluate new software under consideration as well as the ability to assess existing software already in production.
Once scanned, development teams have immediate access to the results via user-friendly dashboards with specific cautions and advisories.
In addition to cost and time savings, BlackBerry Jarvis helps ensure that production software adheres to industry standards such as MISRA and CERT, and enables OEMs to define custom rules to meet organization-specific objectives.
Proven and Tested
BlackBerry has already begun trialing Jarvis with some of the world’s largest automakers.
Dr. Ralf Speth, CEO, Jaguar Land Rover said,
“Jaguar Land Rover and BlackBerry share a common objective in bringing the most intelligent vehicles to reality,”
“BlackBerry Jarvis addresses the software cybersecurity needs of the automotive industry. In our independent study, Jarvis delivered excellent efficiencies in time-to-market, significantly reducing the time to security assess code from thirty days to seven minutes. The productivity delivered by Jarvis combined with BlackBerry’s trusted security heritage can transform vehicle safety.”