Modern vehicles are getting smarter and smarter every day. It helps us work smarter, more efficient and opens up new possibilities. But with all technology of today, security becomes more and more important. That’s why security was one of the main reasons for us to develop our own hardware.
The CubiQ was designed with security as one of the primary design features:
Secure back-end link
The CubiQ uses Transport Layer Security (TLS 1.2) with a 2048-bit certificate for server authentication and AES256 data encryption to secure the back-end connection. Additionally, a private APN with IP-sec secured VPN-tunnels are used to connect our devices over the telecom network to our cloud.
Firmware signing
Firmware is signed with a 2048-bit certificate which is securely stored in the cloud protected by several AWS security measures. Firmware is downloaded to the device using the secure back-end link.
Firmware encryption
Firmware is encrypted with AES256 using a secret key stored in the device bootloader.
SMS-command signing
SMS-commands are signed with HMAC-SHA256 using a secret per-device key which is dynamically deployed to the device over the secure back-end link. This secret key is periodically replaced by a new key.
Device ROM and bootloader protection
The bootloader and firmware ROM are secured with special hardware protection options provided by the used components.
Read more about our security here.