Like all Internet of Thing (IoT) devices – of which GSMA Intelligence forecasts that there will be more than 25 billion by 2025 – cars are getting increasingly smart by connecting to the Internet to collect and transmit useful data.
But with increased connectivity comes increased entry points for cyberattacks, which in the case of moving cars, could prove life-threatening.
Sign up for our free weekly newsletterSubscribe
Paradoxically, the amplified complexity of modern cars makes securing them harder and hacking them potentially easier.
“The sheer fact that a vehicle contains millions of lines of code from multiple vendors creates vulnerabilities,” Dan Sahar, VP of Product at Israeli automotive security firm Upstream Security, tells NoCamels.
Shahar says there are multiple channels through which one can infiltrate a car’s inner networks, like the peripheral connectivity ports such as Bluetooth, WiFi and on-board diagnostics; as well as automotive cloud servers such as telematics, which could allow hackers to take control over multiple vehicles at once; and other mobile applications packaged together with the car.
Currently, Karamba Security, another Israeli automotive security startup, estimates there are an average of 300,000 known attacks per month on cars. The combination of the potentially devastating security risks and the high frequency of attacks on automotive networks now require automotive cybersecurity companies to assume a crucial role in public safety.
Here are seven Israeli companies using innovative solutions to meet the challenge head-on. They were all featured at the annual Cybertech 2019 event in Tel Aviv in January, the largest annual cybersecurity event in the world outside the US.
Argus Cyber Security
Argus has become global leader in automotive and aviation cybersecurity, providing manufacturers, their Tier 1 suppliers, fleet operators, aftermarket connectivity providers and other customers with powerful technological solutions for combatting threats against connected cars, aircrafts, and commercial vehicles.
Argus was founded in 2013 by three graduates of the Israeli military’s elite IDF intelligence Unit 8200 — Ofer Ben-Noon, Oron Lavi, and CTO Yaron Galula — and a prominent Israeli entrepreneur, Zohar Zisapel. It quickly became a global leader in the industry and is one of the only companies working to come up with cybersecurity solutions for a future autonomous car.
In 2017, Argus was acquired by German automotive giant Continental, the world’s second-largest supplier of car parts with over $40 billion in annual sales for a reported $400 million. As part of the agreement, Argus became part of Continental subsidiary Elektrobit (EB), a stand-alone software company, while retaining its independence and its Tel Aviv headquarters.
Argus also has offices in Michigan, Silicon Valley, Stuttgart, and Tokyo.
Argus has since partnered with key companies, devising threat-specific security solutions, layering targeted protective measures throughout core elements of the vehicle’s functionality: connectivity, in-vehicle networks, and electronic control units (ECUs). Application hardening prompts original equipment manufacturers (OEMs) with a digital signature during product assembly, in order to build an OEM application ecosystem and later prevent unauthorized applications from running. An intrusion detection and prevention system employs context-aware heuristic and learning algorithms to detect threats against in-vehicle networks and block them in real time. Cyber-safe communication channels are installed between the more sensitive ECUs, filtering rules protect ECUs against attacks, and compromised ECUs are blocked from attacking the network.
Beyond securing the inner functionality of the vehicle, Argus uses Aftermarket Protection to retrofit cars already in use with updated protective measures – all without modifying the hardware or software of the vehicle – and provides OEMs and fleet operators with an automotive network management platform. The Security Operations Center (SOC) monitors the individual health of each vehicle as well as the fleet’s collective health to prevent larger attacks.
With decades of experience providing cybersecurity solutions to Israeli Air Force systems such as the Iron Dome, the Arrow III, and Israeli F-35, the GuardKnox team applies its vast knowledge to provide comprehensive cyber defense for connected and autonomous vehicles.
GuardKnox approaches automotive cybersecurity with a primary focus on restricted communication between the car’s various networks. GuardKnox’s patented Communication Lockdown system prevents attacks from altering the functionality of the vehicle without requires constant online connectivity.
And it can defend against both known or unknown attacks, the company says.
GuardKnox technology filters all messages received by the vehicle through three levels of verification. The system first validates the legality of the message’s source at the routing layer, the legality of the message’s content at the content layer, and finally that the message is both legitimate and relevant to the specific function to which it was relayed.
This creates a purely deterministic system that has zero false positives, GuardKnox says.
Its patented cyber solution Service-Oriented Architecture (SOA) enables customization of the vehicle and secured high-performance, on-board data storage and processing for automotive manufacturers.
GuardKnox says its “cybersecurity solution family is the foundational layer for added connectivity, services and personalization – creating an improved end-user experience and revenue generating opportunities for manufacturers. As a complete ECU, it integrates seamlessly into the vehicle, the value chain and the vehicle production process.”
Founded in 2016, the company says it has raised a significant yet undisclosed amount in a financing round.
Founded in 2017, Upstream offers the world’s first cloud-based security solution for connected and autonomous fleets. Using data analytics and powerful machine learning algorithms, Upstream’s Automotive Cybersecurity system detects and prevents both cyber-attacks and policy infringements.
The system provides fleet operators with a high-visibility platform security management platform for monitoring fleet and policy health and improving overall fleet performance.
Upstream has raised $11 million for its beta-stage services, with an office in San Mateo, California.
Upstream says the improved functionality of connected cars relative to their older counterpart models is also their biggest weakness. The two-way channel of communication between individual cars and the fleet server makes them vulnerable to cyber-attacks, so Upstream protects their cars at the source of all communication – the demarcation point between the operational network (OT) and the information network (IT), or data center.
Given the often-scattered nature of policy infringement incidents like fraud or misuse, Upstream analyzes all incidents in search of larger trends whose impact may be more detrimental to other fleet drivers. Correlation between data helps Upstream create driver profiles, so that any future deviation from recorded tendencies can be marked as suspected fraud.
Upstream specializes not only in detecting and preventing security threats but also providing the tools to discover larger causes and more accurately anticipate future threats.
Karamba simplifies automotive cybersecurity by dividing attacks on connected cars into two categories of infiltration: those carried out from the outside in through externally connected ECUs and direct attacks on in-vehicle networks, in which the hacker can use an unauthorized source to command ECUs from within. By shutting down both vectors in the event of an attack, Karamba protects cars against all external threats.
Cars’ ECUs are responsible for controlling a vehicle’s core functionality, which makes it essential to maintain that all commands to the ECUs align with the settings installed by the original equipment manufacturer (OEM). Karamba automatically generates an ECU-specific security policy based on the unit’s factory settings, allowing the car to autonomously shut down exploits. This approach customizes solutions to the unique build of any given vehicle and ensures a remarkably efficient, zero false positive rate for detecting mid-ride security threats.
Founded in 2015, the company has so far raised $27 million.
Cybersecurity startup Regulus Cyber is the first company offering advanced sensor security solutions for an array of vehicles, maintaining uninterrupted operation under malicious attacks and inadvertent sensor interference.
Regulus has developed and received $6.3 million in funding for three distinct safety programs, each responsible for protecting specific entry vectors of potential attacks on the vehicle.
The award-winning Regulus Pyramid suite protects the car’s sensors from spoofing – unauthorized signals posing as legitimate satellite messages – and jamming – attacks disabling the sensors’ ability to receive input signals. Pyramid GNSS defends the cars’ Global Navigation Satellite System receivers; Pyramid Radar ensures accurate RADAR detection of the range, angle, and velocity of objects between 0.2 and 200 meters from the vehicle; and lastly, Pyramid LiDAR filters out fake signals, maintaining that the sensors correctly identify surrounding objects.
C2A Security is a Jerusalem-based cybersecurity startup founded in 2016 that provides in-vehicle solutions for connected vehicles.
C2a Security says it developed a revolutionary safety and security layer for next-generation vehicles starting from the chip level that protects connected cars from malicious attacks. “These solutions include patent-pending firewall type functionality into the car network, multi-network anomaly detection, microprocessor protection and diagnostics over IP infrastructure,” C2A says.
The startup was founded by Michael Dick, also the co-founder of NDS,
acquired by Cisco for $5 billion in 2012.
C2a Security recently raised a $6.5 million Series A funding round led by Maniv Mobility, a venture capital fund dedicated exclusively to mobility initiative, Israeli VC fund ICV, with participation from Labs/02, OurCrowd’s seed-stage incubator focused on deep technology.
As the first automotive cybersecurity company to offer multi-layer deterministic and heuristic anomaly detection and threat prevention solutions for connected cars, SafeRide Technologies recently augmented its suite of security solutions with advanced AI technology.
In January, SafeRide introduced vXRay, a behavioral profiling and anomaly detection solution for Security Operation Centers (SOCs) in connected cars. Without any dependencies or prior knowledge of the vehicle’s behavioral protocols, vXRay uses machine learning to create an individual behavioral profile, which the system uses to identify abnormal behavior and alert the car’s SOC. vSentry AI – a central member of the vSentry suite – relies on vXRay to prevent zero-day attacks against the vehicle by detecting unknown vulnerabilities before the attack occurs.
The vSentry suite also comprises vSentry Core, a multi-layer deterministic and policy-based solution that protects connected ECUs at a zero false-positive rate, as well as vSentry Cloud, real-time alert, remediation, and key management software for SOCs.
SafeRide was founded in 2016 by Israeli entrepreneurs Yossi Vardi and Hilik Stein. In addition to its Tel Aviv headquarters, SafeRide has offices in San Jose, California, and Munich.
NOTE: This article was updated on March 10, 2019 to add SafeRide Technologies to the list.