An endpoint-cloud integrated malware protection solution designed for GB 44495 and UN R155 compliance. Covering in-vehicle SDKs, offline scanning, cloud hash checking, signature updates, policy operations, event reporting, and audit tracking to help automakers build a continuous malware defense system.
V-Shield is an endpoint-cloud integrated malware scanning solution for smart vehicles and automaker cloud platforms.
GB 44495 and UN R155 require automakers to establish mechanisms for the identification, detection, protection, response, recording, and continuous improvement regarding malware (including viruses). V-Shield fully supports OEMs in meeting these mandatory compliance requirements through integrated detection, signature updates, and audit reporting.
A collaborative system designed for automotive businesses, supporting virus operations and closed-loop governance for large-scale fleets.
Minimalist in-vehicle integration for Android and Linux. Includes file scanning, APK installation checks, USB scanning, scheduled scans, and offline queues.
Enterprise-controlled hub for signature and policy distribution. Includes API gateway, asset registry, policy center, update center, and cloud checking proxy.
From detection alerts to visual governance. Includes event, reporting, and audit centers, with seamless integration into TSP and data lakes.
Lightweight, low-power, tailored for complex vehicle environments
Local File Scanning
APK Installation Check
USB/Peripheral Scan
Scheduled/Idle Scan
Local Signature Management
Local Policy Cache
Cloud Check API
Offline Event Queue
CPU/IO Resource Control
Block/Isolate/Clean Actions
Security operations hub supporting millions of concurrent vehicles
API Security Gateway
Endpoint Asset Inventory
License Activation
Scan & Action Policies
Signature Canary/Full Updates
Cloud Hash Check Proxy
Event Aggregation
Multi-dimensional Reports
Compliance Audit Center
System Integration Adapters
1. Trigger Scan (USB/Install/Timer)
2. Local Signature Check (ms response)
3. Generate File Hash
4. Cloud Hash Check (if online)
5. Cloud Returns Risk Verdict
6. Endpoint Blocks/Isolates
7. Report to Event Center
8. SOC Correlation & Fleet Alert
Real-time interception of malicious code when owners download from app stores or install third-party APKs via ADB.
Automatically triggers a full scan when a USB drive is inserted, preventing USB viruses from infecting the infotainment system.
Executes deep full-disk scans during vehicle sleep, charging, or idle times to avoid consuming compute resources while driving.
For large unknown files, only the Hash is extracted and sent to the cloud for comparison, saving massive bandwidth and memory.
Supports incremental signature pushes. OEMs can verify in test fleets before full deployment, with one-click rollback if false positives occur.
Automatically generates regulatory-compliant reports on malware detection rates, signature versions, and action logs for certification audits.
| Product | Main Value | Relation to V-Shield |
|---|---|---|
| S3-VSOC | Cloud security operations and closed-loop response | Receives malware detection alerts from V-Shield to correlate with other network logs. |
| V-SafetyMind | Cabin full-domain security and privacy protection | V-Shield focuses on low-level malware; V-SafetyMind focuses on permissions and LLM behaviors. |
| V-Guard | LLM input/output and tool call guardrails | V-Guard defends against semantic inputs, while V-Shield defends against malicious files. They complement each other. |
It is a malware defense system tailored for smart vehicles. Through the synergy of a lightweight in-vehicle SDK and the automaker’s cloud management platform, it creates a closed loop of detection, updates, event reporting, and compliance.
V-Shield is highly optimized for the automotive compute environment, strictly controlling CPU, I/O, and network usage so driving safety processes are never impacted. Moreover, its signature and policy distribution are fully controlled by the automaker, supporting deep integration with OTA, TSP, and SOC.
Regulations mandate vehicles to have malware protection capabilities. V-Shield provides everything from local scanning and cloud checking to event reporting and audit logs, serving directly as technical proof for OEMs to pass mandatory certifications.
For small files or known threats, local lightweight signatures provide millisecond offline detection. For large files, unknown APKs, or rapidly updating threats, the system extracts the Hash and queries the cloud, balancing offline availability with cloud compute power.
The cloud platform manages signature versions. It supports full/incremental pushes and canary releases by vehicle model or region. If a new signature causes false positives, operators can roll back to the previous stable version with one click.
Yes. Without a network, the SDK relies entirely on cached policies and offline signatures to detect and block threats. Security events are stored in a local queue and automatically uploaded when the network recovers.
The SDK provides strict resource control policies, allowing caps on CPU usage, I/O throttling, and pause/resume mechanisms (e.g., automatically pausing scans when the vehicle shifts into Drive or CPU load exceeds 80%).
All data is reported directly to the automaker’s privately deployed V-Shield cloud platform, or pushed to the OEM’s existing SOC/Data Lake via adapters. Callisto does not access sensitive vehicle data.