Automotive Cybersecurity News: New Center, Partnerships & GuardKnox Tech

In automotive cyberscecurity news there were anouncements from ZF, Trend Micro and Luxoft.

ZF AI & Cybersecurity

ZF is establishing a Technology Center for Artificial Intelligence (AI) and Cybersecurity in Saarbrücken. As part of a worldwide network, the technology group is already developing AI applications for systems and components as well as for making production and services safer, more intelligent and efficient. With the new “ZF AI & Cybersecurity Center,” ZF will now expand its activities in the area of AI research and will coordinate and control the company’s future AI activities from here. Wolf-Henning Scheider, Chief Executive Officer of ZF Friedrichshafen AG, announced the location for the Technology Center today in the presence of Saarland Minister-President Tobias Hans. Scheider also announced that as a new shareholder of the German Research Center for Artificial Intelligence (DFKI) and strategic partner of the Helmholtz Center for Information Security (CISPA), ZF will cooperate closely with these leading research institutions in the future. This deal is expected to be finalised in the second quarter of 2019 and is subject to formal approval of all current shareholders.

“With the new Technology Center for Artificial Intelligence and Cybersecurity, we are taking our Group-wide expertise in these key digital technologies to a new level. We are also in close proximity to the most respected research institutions in these disciplines which will strengthen our cooperation,” explained Wolf-Henning Scheider. “We plan to recruit around 100 new, highly qualified people in Saarbrücken – and work with them to drive forward sophisticated developments for new, digitally connected and automated mobility solutions,” continued Scheider.

Two thirds of these 100 specialists based in Saarbrücken will focus on AI, the remaining third will focus on cybersecurity. These new colleagues will complement the more than 300 colleagues worldwide – based at the company’s headquarters for R&D in Friedrichshafen and at other locations in Germany and abroad – that are already developing solutions in the fields of Artificial Intelligence, Industry 4.0 and Cybersecurity and use them in products and services. In the future, these activities will be coordinated at the joint “ZF AI & Cybersecurity Center” and supplemented by the latest research and development results to support all ZF divisions worldwide. The objective is to create a common global AI platform for the optimization of existing or development of new applications, products, services and processes.

Trend Micro & Luxoft

Trend Micro Incorporated a global leader in cybersecurity solutions, nnounced a strategic partnership with Luxoft Holding, Inc. , a global digital strategy and engineering firm. The two companies will jointly introduce and deploy the Intrusion Detection System (IDS) and Intrusion Prevention Systems (IPS), a comprehensive cybersecurity solution designed to detect, mitigate and respond to cyber-attacks on connected cars.

The automotive industry is rapidly evolving. In fact, Gartner estimates that by 2025 more than 1.1 billion connected consumer and commercial vehicles will be on the roads.1 Connected cars and mobility services offer a wealth of new opportunities, but with the introduction of always-on connectivity and on-demand services, new cybersecurity threats leave carmakers vulnerable to attack. Trend Micro continues to see increased interest from cybercriminals in attacking connected devices – and cars will be no exception.

“We’re delighted to be joining forces with Luxoft to tackle the growing challenge of securing connected cars,” said Akihiko Omikawa, executive vice president for IoT security at Trend Micro. “Connected devices of all kinds must be secured from the beginning, and this solution will allow car makers to build in the necessary mitigations to block cyber threats. By combining Luxoft’s automotive capabilities and expertise with Trend Micro’s leading expertise in cybersecurity, we will be able to tackle the new challenges brought by the digitalization of in-car systems.”

The upcoming IDPS solution developed specifically for cars, will be enhanced with machine learning techniques to identify anomalies in communication, behavior and the state of components. The machine learning will be fed by data collected from advanced detection mechanisms from the in-car technology. In addition, the solution will provide car manufacturers’ insights from Trend Micro’s global threat intelligence, with information on threats, vulnerabilities and remediation from the company’s expansive global data set. The IDPS will include a data collection and detection engine, offering another level of protection against intrusion for in-car systems.

Key features of the IDPS solution include:

  • Securing vehicle-to-everything (V2X) communication, both physical and remote
  • Protecting cloud and mobility services, including over-the-air updates and asset management
  • Establishing secure operation of car components, like Electronic Control Units (ECUs), actuators, sensors, etc.
  • Providing sustainable cybersecurity protection level via continuous threat research and proactive control mechanisms.

T-Systems and Argus Work Together for Automotive Cyber Defense

T-Systems and Argus Cyber Security, an independent subsidiary of the technology company Continental, will work together on cyber defense for cars. This was announced by the companies at the Hanover Industrial Trade Fair. T-Systems is planning a Security Operations Center specializing in vehicles (Automotive SOC). The company announced this in mid-March. With Argus the company is now bringing an important partner on board.

The Israeli automotive cyber security specialist has a highly developed Information and Event Management System (SIEM) for cars as well as in-vehicle solutions. Car manufacturers (OEMs) and fleet operators use it to identify anomalies for connected vehicles. Attacks from the Internet are increasing rapidly. T-Systems CEO Adel Al-Saleh says: “We are currently seeing a new peak of 32 million daily attacks on our systems. Attackers don’t stop in front of our cars either. The connected vehicle needs a digital bodyguard and real-time cyber defense.”

GuardKnox Guarding Networks, Services and EV Charging Grids

GuardKnox Cyber Technology is making moves in the connected and autonomous vehicle space. The company shared it’s lstest developments Palo Alto Networks, Patented Service Oriented Architecture (SOA) and EV-ECU- a cybersecurity solutions for the EV Charging Grid.

Palo Alto Network Partnership

Palo Alto Networks® and GuardKnox partnership recently formed a partnership that has come up with an end-to-end cybersecurity solution that combines secure in-vehicle communication lockdown with a secure communication channel between the vehicle and remote databases at OEMs, fleet management companies, car dealerships and mobile app stores.

External network security between the vehicle and the OEM cloud is provided by the Palo Alto Networks  GlobalProtect™ secure communication channel while in-vehicle network security is provided by the GuardKnox Secure Network Orchestrator™ solution. Palo Alto Networks’ shared network ownership model reduces the operational burden of deploying its GlobalProtect security to connected cars. Palo Alto Networks® manages the cloud network infrastructure, ensuring reliability, scalability and availability while the OEM, fleet management company or dealership focuses their efforts on deploying their OTA updates.

A key milestone on the way to fully autonomous vehicles is securely connecting cars to the Internet. These vehicles, connected vehicles offer a variety of operational benefits and cost-savings to OEMs and fleet management companies such as:

  • Upgraded  telematics with user functionality
  • Fleet management
  • Over-the-air (OTA) software updates
  • Driver behaviors and patterns based on in-vehicle data

The potential risks of OTA updates are two-fold:

  • Hackers could access an ECU or any domain controller to perform a variety of malicious actions or to steal the vehicle
  • Hackers could manipulate data during transfer in order to steal personal information, overcome a vehicle’s security mechanisms or even take control of the car.

As such it is imperative to have an end-to-end cybersecurity system that can ensure the integrity and security of both the internal and external vehicle networks.

GuardKnox’s Communication Lockdown™ methodology provides the highest level of in-vehicle security by permitting only authorized communication, examining their routing, content, and contextual layers and locking every field in every message within the vehicle to prevent unauthorized manipulation. By utilizing these strict rule sets, only vetted communication is passed onto the in-vehicle network.

OEMs, fleet management companies, and providers of ride-sharing applications (to name a few examples) can save time and earn more money by integrating the combined Palo Alto Networks -GuardKnox end-to-end solution to provide cybersecurity for:

  • Periodic OTA maintenance and new feature updates
  • Generating new revenues from downloadable premium configurations or personalized functionality including engine tuning, gear shifting, suspension performance and more.
  • Scheduling proactive maintenance at services centers
  • Gathering data about driving habits
  • Storing driving preferences of multiple drivers of the same vehicle

GuardKnox Services Oriented Architecture (SOA)

The GuardKnox Patented Services Oriented Architecture (SOA) Provides Foundation for Future of Secure Subscription-Based Services and Customization of Connected and Autonomous Vehicles

 GuardKnox’s Secure Network Orchestrator (SNO™) product line includes SOA and Communication Lockdown methodology, enabling a multi-platform and multi-service approach with the ability to host multiple operating systems and services, mission and non-mission critical, on one ECU with secure separation and full permission control.

 This is the 2nd patent GuardKnox has earned for its automotive Services Oriented Architecture  The company has several other granted patents on its software and hardware automotive cybersecurity technologies- GuardKnox has earned 5 US patents over the past year for its cybersecurity and connecetd solutions.

GuardKnox’s SOA enables additional levels of connectivity and customization through access control and service level partitioning to maintain vehicle integrity while increasing driver personalization. The SOA has a secure separation (both hardware and software) between all resources, application groups, and operating systems, simplifying edge computing capabilities by providing ample processing resources with maximal flexibility both in interface support and provision for future software extensions/additional service being added.

Cybersecurity: the Foundation for services and personalization

 GuardKnox’s SOA technology creates the secure environment which enables added services and applications by hosting downloads or upgrades on the SNO platform throughout the lifecycle of the vehicle. This enables mission critical and non-mission critical applications to run simultaneously   without interference; if one application should be compromised, all others will not be affected. This in essence converts the driver of a vehicle to a subscriber of features and functions of the connected and/or autonomous vehicle.

According to Guardknox Shlisel, “Our SOA technology will take connected vehicles to the next level and serve as the foundational layer for added connectivity — enabling unlimited, secure customization and personalization. With GuardKnox’s SOA, OEMs and Tier 1s have ample opportunities to monetize their vehicles, while offering drivers customizable options that suits their lifestyles.”

He continued, “Think of temporary added traction for a snowy day in the south or added horsepower for towing on your mountain vacation. One day you will be able to change the style of your dashboard by downloading an app, like you change the background on your cellphone. But as we continue to add connectivity, we are making vehicles more vulnerable to potential attacks. GuardKnox is providing an in-vehicle secure landing point for hosting, processing, downloading and OTA updates. Furthermore, creating new markets and new revenue streams for OEMs.”

GuardKnox’s Central SNO™ Gateway/Domain Controller

GuardKnox’s Central SNO™ Gateway/Domain Controller serves as a high-powered vehicle cybersecurity platform, not only providing centralized protection to all ECUs in the vehicle, but also serving as the foundational layer for future personalization and customization of the vehicle. The SNO fits seamlessly into the automotive ecosystem, alleviating the need for any third-party or software only integration.

Shlisel added, “Importantly, unlike other cybersecurity options, our SNO is a full hardware architecture and software stack solution, completely autonomous and does not require any constant online connectivity. By its nature, it can defend against both known or unknown attacks.”

Furthermore, SOA enables seamless application switching, utility and processing without any interruptions in functionality. GuardKnox patented SOA and Communication Lockdown™ methodology enable the production of secured high-performance ECUs outside of the central domain controller, and are positioned within the vehicle for secured data processing and storage — enabling additional revenue streams for automotive manufacturers while providing a more extensive and personalized driver experience.


There is a sense of urgency to cope with this dangerous and expensive threat both within and outside the EV charging context.  By 2020, the sales of BEVs are expected to quadruple—around 5% of the overall global light-vehicle market. By 2040, the sales of electric vehicles will comprise 54% sales worldwide.

The electric vehicle charging infrastructure is rapidly growing—although a single standard for supporting the infrastructure has yet to emerge, the electric vehicle market is dynamic high-growth market in which developing EVs for the mass market is still in its infancy. Manufacturing BEVs and the global deployment of the charging stations are just two of many pieces need to support the transportation revolution already underway.

Solutions for both challenges require hardware and software-based cybersecurity to protect from many of the same risks already associated with connected vehicles, including cyber-hijacking of billing systems, vehicles or the grid; ransomware; stealing personal data, financial information or energy; and tampering with communications between EVs, billing and financial systems and grid-related infrastructure.

With a full software stack and hardware architecture, GuardKnox’s patented technologies adhere to the most stringent security and safety standards. SNO™ solutions comply with GDPR (General Data Protection Regulation) and offer in vehicle protection from EV charging.

GuardKnox has created a complete Electric Vehicle Electric Control Unit (EV ECU), it integrates a large number of protocols (with overlapping features and capabilities) that are used for communication and control between various components of the electric grid. Most of the protocols were developed, tested and deployed over large periods of time and reflect the challenges and the threats at the time of their development.

Each country usually uses a specific set of communication and control protocols, not always identical with sets used in neighboring countries. This potentially creates a challenge for EVs roaming between different countries, presenting a challenge in the EV ecosystem. The adoption and deployment of the new communication and control protocols can better support the effort to cope with cyber-attacks from country to country. Guardknox’s EV ECU/V2G system tackles these challenges as well as:

  • Perform V2G communication
    • PLC (ISO15118)
    • CAN (CHAdeMO and GB/T)
    • Abstraction of Charging Protocols
  • Manage and monitor charging procedure
  • Maintain and ensure safety of charging operation
    • Up to ASIL-D
  • Protect the in-vehicle network from external threats
    • Patented Lockdown Methodology
    • Defense in depth design
  • Ensure security of sensitive data
    • Encryption capabilities (data-on-the-move)
    • Secure storage (data-at-rest)
    • Cryptographic authentication
  • Applications
    • 3rd party or OEM applications can run safely and securely
    • Hosted operating systems (Hypervisor)
  • OTA
    • Firmware encryption and authentication
    • Secure boot

Solutions for these challenges require hardware and software-based cybersecurity to protect from many of the same risks already associated with connected vehicles — including cyber-hijacking of billing systems, vehicles or the grid; stealing personal data, financial information or energy; and more.

GuardKnox offers a deterministic approach to cybersecurity that makes it uniquely suitable for use in a large ecosystem composed of millions of devices like EV charging networks. GuardKnox’s patented three-layer Communication Lockdown™ methodology examines all messages on the routing layer, the content layer and the contextual layer. It permits only allowed “legal” communication while dropping all unauthorized or improper communication.

GuardKnox’s patented Service-Oriented Architecture (SOA) enables customization of the vehicle and secured on-board data storage and processing for automotive manufacturers. The high-performance Secure Network Orchestrator™ (SNO) platform houses SOA and allows unified communication as well as access control and service level partitioning.

The EV ECU product line is part of GuardKnox’s SNO product line.

While this product is currently not in a productions vehicle, GuardKnox is in the process of answering RFPs and RFQs for major OEMs, often time in conjunction with Tier 1 suppliers and has a have done and are continuing to do on-going projects with the VW group, DXC technologies, Porsche and Daimler.

Electric vehicles and the charging ecosystem, including the power grid, is a new territory for all players involved. The industry is still developing yet alone maturing. Automotive manufacturers and Tier 1 Suppliers are unsure how to effectively address the cybersecurity vulnerabilities in electric vehicles. There is a plethora of vulnerabilities when discussing EV charging from the payment applications, connectivity to the chargers as well as the grid, induction charging and much much more.

Employing an EV ECU with a Service-Oriented Architecture with secure separation and service level partitioning, will enables driver access to unlimited personalization without the vulnerabilities of malicious hacking attempts. Sensitive data, such as financial information, is protected. Furthermore, in conjunction with Palo Alto Networks, any transfer of data over the cloud or to OEM back ends is fully protected from end-to-end. This architecture will allow the revolutionary EV ECU to download, host and process applications, services and data with extra computing resources as the needs are developed and matured.

Most of the communication and control protocols in use today don’t keep pace with the rapid developments in the hacking industry and leave a large attack surface that can be exploited by multiple adversary players (from disgruntled workers to state-sponsored organizations) for cyber-attacks in a large set of formats culminating with the interference within the grid operation, governance, stability and availability (DDOS – Distributed Denial of Service, Ransomware, Exfiltration of Personal, Proprietary and Confidential Data, Steal of electricity from the grid, Worms/Viruses/ Trojans, etc. to name only a few).

There is a sense of urgency to cope with this dangerous and expensive threat both within and outside the EV charging context.

With a full software stack and hardware architecture, GuardKnox’s patented technologies adhere to the most stringent security (ISO 15408), safety (ISO 26262) and PLC (ISO 15118) standards. Additionally, the EV ECU complies with GDPR (General Data Protection Regulation). By implementing the Service-Oriented Architecture in EV ECUs, manufacturers have the extra high-powered computing resources to securely adapt to whatever the future may bring in terms of added services and application

Read all Automotive Cybersecurity.


You are welcome to subscribe to receive email notification of publication of Connected Car News Cybersecurity, you can also get weekly news summaries or daily emails.