New Auto-ISAC Members
The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes two members, TuSimple and Yamaha Motor Group and two strategic partners, ArmorText and Celerium.
The inclusion of these four companies increases the strength of the Auto-ISAC’s position as the voice of the global auto cybersecurity information sharing community as it works to prevent cyber threats to the connected vehicle.
The Auto-ISAC was formed by automakers in 2015 to promote collaboration between suppliers, commercial vehicle companies and automobile manufacturers around vehicle cybersecurity issues. Additionally, the Auto-ISAC has a strategic partner program that brings great value to our membership collaborating with innovators who support learning and sharing tools and techniques in managing the emerging complexity of automotive cybersecurity.
The Auto-ISAC operates as a central hub to share and analyze intelligence about emerging cybersecurity risks. The focus of the Auto-ISAC is to foster global collaboration for mitigating the risks of a cyber-attack and to create a safe, efficient, secure and resilient global connected vehicle ecosystem.
Cyber Security for for GNSS Spoofing
Regulus Cyber, the first company to provide a solution for smart-sensor security, introduced a breakthrough software-only cybersecurity solution designed to protect global navigation satellite system users (GNSS, also known as GPS) from spoofing attacks. The new Regulus Pyramid GNSS is the industry’s first stand-alone software solution that doesn’t require any additional hardware to protect a GPS receiver or Chipsets – ensuring the security and reliability that are essential to safe and accurate navigation across a wide range of applications including automotive, mobile, aviation, maritime and critical infrastructure.
GPS spoofing is a remote attack that transmits fake PNT (Position, Navigation, Time) information, enabling a hacker to take control of a target using satellite navigation and affect critical functions, such as time-sync, speed control, steering, navigation, location, privacy and more.
GPS spoofing attacks are notoriously difficult to detect and guard against, and becoming increasingly frequent as hackers use spoofing for personal monetary gain and various other intentions. The Regulus Pyramid GNSS™ solution uses proprietary algorithms to accurately determine when spoofing occurs and provide real-time protection at the receiver level.
Regulus Pyramid GNSS supplements GPS receivers, including legacy receivers and Android operating systems, offering dependable protection. In addition, online services from Regulus Cyber can provide further signal authentication to connected fleet operators in real-time.
The effects of GNSS spoofing are problematic—and often potentially dangerous—across multiple industries:
- In automotive applications, spoofing can cause cars to drastically speed up or slow down, and can cause aggressive braking, steering, and accelerating, exiting at the wrong interchange, or reporting an incorrect position to 911 in emergencies.
- With cellular devices, spoofing renders location-based services (LBS) such as Google Maps, Waze, and Uber unusable, and make users appear to be in particular locations when in fact they’re elsewhere, with major privacy implications.
- With infrastructure, spoofing results in reports of the wrong time, causing other system-dependent errors, such as railroad services delays, electric power grid blackouts, and financial systems failures.
- Global shipping and aviation heavily depend on satellite navigation, and spoofing attacks result in major and long delays.
“As proven in our recently published experiment with a Tesla semi-autonomous vehicle, the spoofing attack resulted in taking control of the target’s autopilot navigation and being able to redirect the vehicle to a different route.” Regulus Cyber CEO and Co-Founder Yonatan Zur added that, according to a recent study by the European Satellite Agency, there will be over 8 Billion GNSS receivers used worldwide and that means every system is potentially hackable by spoofing. “As the dependency on GPS grows so does the vulnerability of our modern transportation systems, especially as we head towards an autonomous technology future.”
SafeRide Offers CAN Optimizer
SafeRide Technologies, the first automotive cybersecurity company to offer a multi-layer deterministic and heuristic anomaly detection and threat prevention solution, today announced that CAN Optimizer, its ground-breaking machine learning-based data compression software for connected vehicles, has been validated by multiple leading OEMs and Tier-1 suppliers and is ready for production.
Vehicle CAN data carries immense untapped value for vehicle health monitoring, predictive maintenance, vehicle performance optimization, driver behavior analysis, and more. Legacy telematics solutions collect little information from vehicles and rely on restricted computational power. As a result, OEMs receive limited and filtered information about their fleets, resulting in suboptimal operational performance.
While uploading raw CAN data to the cloud can enable advanced data services, the process consumes a significant amount of costly bandwidth and storage. Based on customer case studies, SafeRide’s CAN Optimizer dramatically decreases the bandwidth needed by providing a 96% reduction in data size. CAN Optimizer provides a compression performance that is 6 times better than any other solution on the market.
Faurecia Partners for Automotive Cybersecurity in Israel
As vehicles are becoming increasingly connected and providing new user experiences, the reinforcement of passenger safety and data security is essential. Faurecia will hence develop its cybersecurity expertise through collaboration with local startups and major innovation clusters giving access to emerging trends and new technologies. This will enable the Group to propose complete end-to-end solutions integrated into the vehicle, securing the software, data and cloud connectivity.
In addition to securing its solutions, Faurecia has also been working to globally assess and protect its network of industrial sites and offices from cyber security risks. As of today, 60 dedicated cyber security experts are working to prevent, detect and control cyber security issues and the newly established Tel Aviv platform will contribute to reinforce the overall strategy.
The Israeli ecosystem is leading innovation and the development of solutions in cyber security. By working with a broad ecosystem, we are better placed to offer leading edge technology for the security of our products and systems.
Besides expanding its global community of software engineers, designers and systems architects, the new technology platform will bring Faurecia new skills through penetration testing experts to analyze potential vulnerabilities across multiple coding languages and protocols. Furthermore, last May, Faurecia also realized an investment in GuardKnox, a world-leading automotive cybersecurity startup, identified through its Tel Aviv technology platform.
This inauguration is part of Faurecia’s ongoing strategy to build up innovation ecosystems by relying on technology platforms which Tel-Aviv is the best-in-class in the cybersecurity field. The other Group’s technology platforms are located in the Silicon Valley, Toronto and Shenzen.
Read all Automotive Cybersecurity.
You are welcome to subscribe to receive email notification of publication of Connected Car News Cybersecurity, you can also get weekly news summaries or daily emails.