New Cybersecurity ISTANA PKI for Smart Car Manufacturers

WISeKey International Holding Ltd , a leading Swiss cybersecurity and IoT solutions company,  announced that it has launched its advanced ISTANA PKI platform specifically tailored to the needs of IoT ecosystems.

ISTANA PKI platform allows smart car manufactures to validate the authenticity of different vehicle components.  Certificate-based security also protects onboard communication between vehicle components and enables secure over-the-air software updates.  Additionally, authentication certificates can be used by employees, dealers and suppliers to access car components to diagnose mechanical/technical issues and update software, from any location.  Finally, the ISTANA PKI platform allows users to securely interact with a car’s smart features using smartphones and other devices.

Currently, WISeKey is working with several smart car manufacturers and its ISTANA PKI platform is already active in several large-scale projects.   A recent example is a strategic contract signed with a leading European automobile manufacturer, cementing its role in the Connected Car sector.   The agreement includes the integration of WISeKey IoT and PKI with the manufacturer’s connected car solutions allowing them to authenticate legitimate car components and also enable owners to securely interact with the car’s smart features.

WISeKey’s total identifiable 5-year ISTANA revenues from the car manufacturing industry are expected to be in excess of CHF 30 Million, of which approximately CHF 2.5 Million and CHF 7.0 Million are expected to be realized in 2017 and 2018, respectively.

Virtually all new cars on the market today include electronic technologies that could pose vulnerabilities to hacking or privacy intrusions if data security is not addressed.   Embedded WISeKey hardware security in the car protects the “identity” of each device, prevents unauthorized tampering, and protects the privacy and security of the vast amount of data these devices generate. BI Intelligence expects 94 million connected cars to be sold in 2021 (with 82% to be connected cars), representing a compound annual growth rate of 35% from 21 million connected cars sold in 2016.

A fundamental principle behind the security of WISeKey Semiconductors is that its chips not only control how devices perform under normal conditions, but also control how these devices react when attacked or tampered with in any way, including self-destruction. WISeKey Semiconductor chips are designed to authenticate individual car components within the vehicle itself, ensure that only legitimate software is installed in the car, authenticate users and ensure that only legitimate users have access to the connected car functions and encrypt data to make it tamperproof and private.

Thomas Moretti, WISeKey’s Senior VP of Signing Services and IoT PKI, said, “Leveraging this heritage, the new generation ISTANA PKI provides complete identity lifecycle management for IoT ecosystems.  Provided as software or a managed service, ISTANA PKI offers a platform that meets the highest standards needed to issue, manage and validate digital credentials for IoT, and is scalable to support environments with hundreds of millions of devices, by leveraging WISeKey’s RoT strategy.”

“As cars continue to evolve, essentially becoming motorized computers, they are vulnerable to the very same threats and attacks as home computers, laptops and smartphones.  Unless appropriate cybersecurity measures are implemented, hackers can remotely access the vehicle’s computer system, manipulate the brakes, engine, and transmission. Our technology is designed to help verify legitimate car systems, protect the data they create and avoid malicious hacking,” said Carlos Moreira, CEO of WISeKey.

 Added IoT Security from WISeKey Semiconductors

In the network world, valuable encryption keys are protected in special cryptographic hardware called Secure Elements that prevent the unauthorized use or export of keys, ensure consistent handling of encryption, and even allow critical pieces of software to run in a protected environment.  Examples include the secure chip on smartcards, the SIM in cell phones and encryption chips in major telecommunications devices such as Internet routers and switches.

WISeKey Semiconductor brings a 25-year heritage delivering certified Secure Elements in the most risk-sensitive applications including government ID cards and passports, credit cards and Pay TV access cards, and specialty crypto tokens.  WISeKey Semiconductor’s VaultIC chips are specifically tailored to the needs of IoT devices which often have low power capabilities and the need to be securely updateable in the field.

Bernard Vian, General Manager of WISeKey Semiconductor, said, “Through QuoVadis Istana PKI and VaultIC, WISeKey is the only vendor able to provide both the PKI and hardware Secure Elements tailored to the Root of Trust needs of IoT and with a proven track record in delivering secure solutions to IoT manufacturers and ecosystems.”