Cyber-Secure your Connected Car With GuardKnox
GuardKnox, an automotive cyber security provider, protects the users of connected vehicles against threats that can endanger their physical safety, as well as the safety of their personal information. We had the honor and pleasure to speak with CEO Moshe Shlisel about some of the most burning challenges of the Automotive industry today, and discussed how they can be resolved with proper cyber security. Share
What’s unique about GuardKnox?
GuardKnox was founded by a team of Israeli Air Force veterans. Our team provided cyber security solutions for the Israeli Air Force including the F35, F15 as well as the Iron Dome.
The automotive industry is experiencing some of the same difficulties that our team from the Israeli Defense Force has been tackling for the past four years. Our team has years of experience and know-how in how a vehicle or a moving platform needs to be protected, while allowing it to be connected to other sources.
GuardKnox has been granted 3 patents in the field of automotive cyber security which are recognized by the US Patent Office as well as other patent offices around the world. Our unique solution combines hardware and software to create new revenue streams from your vehicle, not just protection, and requires zero integration with 3rd party providers. A major differentiator between us and our competitors is that we are the only one who can address the after-market, as in connected vehicles that are already running today. Also, GuardKnox is the only company to comply with cyber security standards governed by the NSA, some of the most stringent standards in the world.
Our unique solution combines hardware and software. One of the major differentiators between our competitors and us is that we’re the only ones who can address the after-market, as in connected vehicles that are already running today. GuardKnox uniquely provides an ability to create new revenue streams from your vehicle, and not just protection. We are also the only company to comply with cyber security standards governed by the NSA, which are the most stringent standards in the world.
Finally, our solution requires zero integration with 3rd party providers.
What are some of the risks introduced by autonomous cars?
Let’s break the paradigm regarding autonomous cars. In general, from the connectivity point of view, there is no difference between a connected and an autonomous vehicle. Autonomous vehicles depend on connectivity since they are not working in a closed environment or inside a bubble. They connect to the vehicle infrastructure, the road grid, the critical infrastructure, the car manufacturers, and in some cases, they connect to some kind of operational center.
The more autonomous the vehicle is, the more connectivity you have, which also leads to more attack surfaces. As a result, more protection is needed the more we face autonomous vehicles on the road.
Protecting moving platforms are fundamentally different than using a common IP address,. we’re not going to drive a laptop. The major difference between a laptop and a vehicle is in the way communication works inside them. To simplify that idea, let’s think about what happens when you hit the brakes in your car. You’re only expecting one outcome. But, what if you had the ability to change the probability of the stopping action. Would you buy a car that only stops 99% of the time?
All of the IT solutions are statistical. A laptop could have an endless amount of messages going in and out of it. On the other hand, a vehicle has a closed and finite group of messages. Even though the car is going to be connected to other cars, it’s far from being a social network. You should not have the ability to play with your mission critical operations. Simply put, there would be a limited number of actions to be undertaken as a response to what goes on on the road. The car is the smallest area in the world where all of our loved ones are gathered. Thus, it has to be 100% secure with no room for errors.
Who is responsible for securing the operation of autonomous vehicles?
Our customers are car manufacturers and component suppliers because they are the ones responsible for providing a secure product.
We also provide solutions for fleet companies who provide heavy machinery that is already connected, and tighten their security to protect their vehicles or machines.
Lastly, we have active market applications in the insurance industry to protect against ransomware. For example, insurance companies could face serious consequences if a fleet of trucks was hacked.. Because these trucks can be carrying up to millions of dollars worth of cargo, it now makes the hacker’s motive financial.. One can keep an entire fleet of trucks on hold asking for ransom, this is a huge issue fleet and insurance companies are facing.The flexibility of our product and technology allows us to work with insurance companies to protect their clients against such scenarios.
How soon can we expect autonomous cars to become the prevalent mode of transport? What are the required changes in terms of policy, infrastructure, security etc.?
This is not the future we are talking about, connected cars are a current concern. Cars and trucks are able to be hacked remotely and the more connected and autonomous these vehicles become, the easier it will be to hack them. When do we expect autonomous vehicles to get on the road? The answer depends on the level of autonomy, and regulations that may arise.
How long will the transition take, from non-autonomous cars to hybrid cars, when some cars are autonomous and some aren’t? When are we going to have smart keys connected to the infrastructure? All of these questions are still developing.. Different OEM’s are aiming to implement a lot of this new technology in the next 3-5 years,, but technology is not the issue here, adoption is. How soon will we see autonomous cars picking kids up from school without a driver, pedals, or even a steering wheel? Consumers must change their mindset in order for autonomous vehicles to be implemented on a large scale, and it’s hard to predict how long that process will take.
Legislation is also a huge part of it. What is the role of government in protecting autonomous vehicles? We work closely with the US government to promote policies that enable not just the existence of autonomous vehicles, but also an infrastructure that supports them.
It took 20 years for the seat belt to become mandatory, however, cyber security is far more complex to standardize. Since Guardknox is a holistic solution, we can certify standards as part of the safety of the vehicle. We’re not just protecting data, we’re protecting lives. Looking at what standards we have in our vehicles will be heavily included in this process.
How do you see the future of autonomous cars?
We were recently granted a third patent for SOL service oriented architecture. The idea is to have a platform inside the vehicle for secured on-board data processing and secure app hosting, with the ability to customize the vehicle according to the consumers’ actual needs and preferences.
15 years ago, all of our cell phones looked the same, but today, you can use your phone for many different utilities, so each individual device looks and behaves differently. The same thing can happen to our cars. Let’s say you live in a place where winter is particularly cold. In this case, you will be able to install special hardware that enables the care to drive on snowy roads. You can download an app to make that terrain easier to navigate. This is not possible at all right now, but overtime, we will be able to provide it as the foundation for added levels of security.