Anomaly Detection and Cyber Resilience

Host-based Intrusion Detection and Response for Automotive ECUs

Host-Based Software Anomaly Detection Technology

AnCyR is a patent-pending technology that is the first host-based anomaly detection optimized for automotive ECU intrusion detection (IDS) cybersecurity. AnCyR is based on five years of research at the University of Arizona with support from the National Science Foundation. AnCyR’s anomaly detection technology combines statistical, probabilistic, and machine learning algorithms to accurately detect attacks with best-in-class false positives, latency, and overhead.


Best In Show Winners Badge Web Best In Show Winners Badge Web

AnCyR can be Broadly Deployed


  • Runs on ECU for rapid detection
  • No dependencies with other ECUs or cloud-based analysis

Accurate Detection including Zero-Day Attacks

  • Detects changes in software operation caused by zero-day attacks
  • Attacks detected including buffer overflows, code injection, ROP, and more


  • AnCyR can be compiled to any processor platform
  • Scalable from microcontrollers to multicore processors
  • Cloud and Vehicle Security Operations Center (VSOC) agnostic

Low Latency and Overhead

  • Detects attacks in real-time in milliseconds
  • Optimized for ECUs and has low memory and performance overhead

Best-In-Class Detection Accuracy

AnCyR monitors software subcomponents using a synergistic combination of statistical, probabilistic, and machine learning algorithms to achieve high attack detection with best-in-class false positives.


Cybersecurity Runtime Awareness Recommended by UNECE R155

UNECE WP.29 R155 regulation for cybersecurity in vehicles recommends runtime awareness to detect cyberattacks and intrusions

Strengthen your ISO/SAE 21434 cybersecurity management system with runtime cybersecurity monitoring

Contact us for a demonstration of AnCyR.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.