Blackberry Unleashes Automotive Software Scanning Tool Jarvis

Home > News > Content

【Summary】Jarvis is designed to streamline various aspects of software development for self-driving platforms, including regulatory compliance, coding bottlenecks and security exploits.

Michael Cheng    Mar 04, 2018 11:10 AM PT
Blackberry Unleashes Automotive Software Scanning Tool Jarvis

Developing software that underpins self-driving cars is extremely tedious. Perhaps one of the most demanding (and important) aspects of software development is checking code for issues.

Blackberry recently introduced a cutting-edge solution to this challenge, which is prevalent in the autonomous driving industry. At the North American International Auto Show, the company unveiled Jarvis, a robust software-scanning tool that detects security flaws, improves compliance and reduces coding bottlenecks. Jarvis is compatible with software for both connected and self-driving vehicles.

"Future cars will have half a billion lines of code, from 50 to 100 different providers: a humongous mobile computer running around the world," said BlackBerry CEO John Chen. "We want to secure all those endpoints."

Code Testing and Deployment

Time is clearly a major concern in the race to commercialize autonomous vehicles. Automakers and tech companies in the sector are scrambling to release their driverless offerings as soon as possible, in order to make a significant impact on the traditional automotive market.

Blackberry's Jarvis can support such tight goals by sifting through binary code in software of modern vehicles, searching for security loopholes, exploits and non-conforming variables.

To clarify, the analysis tool is not suitable for real-time cybersecurity protection during operation. Moreover, it is not software used for autonomous driving maneuvers. Jarvis makes software code stronger by detecting inconsistencies and errors before deployment in commercial markets.

Businesses that develop software for self-driving cars may also use Jarvis to decrease employment costs. Instead of hiring security teams to do the work, which can get expensive (due to the level of expertise required), companies can setup the tool to scan the entire software supply chain. 

With that being said, Jarvis is customizable to meet the specific needs of automakers. The pay-as-you-go, cloud-based service can also handle binaries that were not built by the car manufacturer. In a case study about the tool, the application was able to decrease security assessment from 30 days to seven minutes.

Compliance in Software Development

Jarvis is designed to streamline various aspects of software development for self-driving platforms, including regulatory compliance. For instance, the tool is capable of verifying compliance with Motor Industry Software Reliability Association (MISRA) guidelines. Such standards were established decades ago.

Several automakers and automotive component suppliers contribute to MISRA as committee members, namely AB Automotive Electronics, Ford and Jaguar Land Rover. The latter car manufacturer is currently working with Blackberry on testing the analysis tool.

"In this future world where you've got … a connected vehicle that's getting downloads from the cloud, or syncing with your smartphone, or it's an autonomous vehicle that's managing the route or whatever might be the case. All of these software modules have to be secured," explained Ken Washington, CTO of Ford.

Another type of scan that Jarvis specializes in is cyclomatic complexity. This metric can be used to determine the level of code complexity in the driverless platform. Developers may use the tool to keep codes clean and easily maintainable, as well as reduce the application of redundant conditions.

Prev                  Next
Writer's other posts
    Related Content