Although there was the hack heard around the world of the Jeep Cherokee, there are many companies working on automotive cybersecurity, that were nominated for the Tech CARS Awards. We asked the companies nominated to send us profiles of their companies. The only problem with cybersecurity companies is that they can’t reveal exact details of how they protect systems or hackers many figure out what they are doing. Here are the automotive connected car cybersecurity companies that were chosen by social media nominations, database analysis and other methods. Each company profile has explanations of the technology and how it works.
Security Innovation’s Aerolink
Aerolink is a full-featured, universal implementation of the European and US Connected Vehicle security standards, ETSI TS 103 097 (Europe) and IEEE Standard 1609.2 (US). The V2X security implementation includes all functionality necessary to support both standards-based secure messaging and the emerging certificate management protocols in use in the two regions.
As a key player in the development of the certificate management protocols, Security Innovation is uniquely positioned to ensure that the Aerolink implementation is fully up-to-date with the latest versions of the standards. Aerolink also features a robust, thread-safe design, and an abstraction layer to allow the easy incorporation of cryptographic hardware to support both hardware protection of signing keys and hardware acceleration of verification. Aerolink supports a huge variety of operating systems and platforms from nearly all the leading V2X suppliers. Aerolink will be securing V2X communications in the Model Year 2017 Cadillac CTS and many other makes/models in the coming years.
HARMAN’s5+1 Security Framework Solution
Addressing security risks associated with the connected car is becoming an increasing imperative for automakers and consumers. While the benefits of the connected car are undeniable — enabling features like cloud-based services, downloadable apps, integration with personal devices of the consumers and vehicle data analytics — the hacks and unwanted intrusions are becoming a growing concern as hackers have an increasing number of entry points into the car. HARMAN’s unique “defense-in-depth” automotive 5+1 cyber security framework is changing the way we secure the connected car. The five layers include:
- Hardware Protection: Trusted Execution Environment which physically isolates sensitive information from the so called “Normal World” or “Untrusted World”
- Hypervisor: Separates vehicle critical functions from user infotainment functions
- OS level security such as mandatory access control
- Application sandboxing between the entertainment apps
- Network protection using mutual authentication, secure encryption, Intrusion Detection Systems and Firewalls
These are in addition to OTA updateability, a crucial component responsible for installation of security-related updates and patches to guard against zero-day vulnerabilities or any security flaw that is detected in the field. The layered framework was architected to meet the following security goals – system integrity, sensitive asset protection, including data at rest and data in transit, authentication, and authorization.
Argus Cyber Security
Argus is an automotive cyber security pioneer, helping car manufacturers, their Tier 1 suppliers and aftermarket connectivity providers protect connected cars and commercial vehicles from car-hacking. Founded in 2013 by cyber security experts, Argus solutions combine innovative security methods and proven computer networking know-how with deep understanding of automotive best practices. Argus’ R&D is based in Tel-Aviv, Israel, with offices in Michigan, the Silicon Valley, Stuttgart and Tokyo.
Argus provides innovative Intrusion Prevention Systems (IPS) for OEMs, Tier 1s and Aftermarket Telematics Providers. As a government tested solution, The Argus IPS protects a vehicle’s critical components from being hacked, and generates reports and alerts for remote monitoring of vehicles’ cyber health. Argus incorporates both innovative security methods and proven computer networking practices into comprehensive solutions for the automotive industry to prevent cyber attacks.
Malicious attacks are identified by utilizing Argus patent-pending Deep Packet Inspection (DPI) algorithms. This unique technology scans all traffic in a vehicle’s network, identifies abnormal transmissions and enables real-time response to threats.
whiteCryption’s software-based solution secures the connected car at both the manufacturer and user levels with a combination of two security components – Cryptanium Code Protection (software application hardening) and Cryptanium Secure Key Box (white-box cryptography).
whiteCryption secures car infotainment, navigation, diagnostics system and OTA software updates and protects mobile applications that communicate with the vehicle.
Cryptanium Code Protection and Secure Key Box not only protect the driver from data breaches or worse – the takeover of vital automobile controls – but also protect the manufacturer from potential damaging brand attention or lawsuit. For manufacturers, Cryptanium secures the car operation, including over-the-air (OTA) software updates, navigation, diagnostics system, vehicle data, speed and driving habits, as well as infotainment data and apps integrity. For users, Cryptanium protects mobile applications that are responsible for vehicle locks/unlocks; remote starts, steering and braking; vehicle status; authentication and other vehicle communications functions that would otherwise lead to vulnerabilities and security risks.
Which connected car cybersecurity company should win the Tech CARS Award? Vote now.