AI Online

Ai INNOVATION, SINCE 1895

Israeli technology for cyber security
With new vehicle sales of 281 563 in 2017, the Israeli automotive industry punches well above its weight in the development of automotive-related information technology.

Multinationals which have an R&D presence in Israel include OEMs General Motors, Daimler and Ford. Tier suppliers either use Israeli R&D facilities or partner with local companies. One example is the 2017 investment by Delphi Automotive into Innoviz, a company developing LiDAR sensors. Home-grown auto tech firms have always played a leading part in making Israel’s automotive industry a compelling success story.

Autotalks, for example, is a fabless semiconductor company devoted to vehicle-to-vehicle (V2V) communications in autonomous driving. Founded in 2008 and headquartered in Israel, it has offices in North America, Germany, France, Sweden, Japan and Korea. The company is working with OEMs and Tier1 on multiple pre-development projects that extend the capabilities of autonomous driving.

One of its newest products is the world’s first mass-market-ready 2nd-generation DSRC-based V2X solution which features STMicroelectronics’ Telemaco3 telematics platform and Autotalks’ CRATON2 chipset. It is claimed to be the most advanced and secure commercially available V2X communication solution. “DSRC is ready for mass deployment with the ultimate goal of maximizing safety and mobility for both human-driven and autonomous vehicles,” says Hagai Zyss, CEO of Autotalks.
Another home-grown automotive tech company from Israel is Otonomo, the first neutral automotive data services platform. The company recently introduced the Consent Management Hub, which simplifies the driver opt-in process for OEMs on the Otonomo Platform and validates consent with each personal data request from third-party mobility service providers.

“Data security and privacy are among the most critical drivers or inhibitors in the next generation of mobility services,” says Sarwant Singh, senior partner at Frost & Sullivan. “Automotive OEMs and mobility service providers know how important it is to be responsible data stewards and earn consumers’ trust. We are impressed with Otonomo’s approach to consent management and applaud their effort.

“A single point of integration for diverse mobility services is the key to scale,” says Amir Freund, Chief Product Officer at Otonomo. “Consent management information flows for mobility services can get quite complicated. We believe that both OEMs and service providers will save a huge amount of development effort by taking advantage of a single integration to the Otonomo platform.”

Israeli firm Karamba Security is a world-leading provider of end-to-end cybersecurity prevention solutions for connected and autonomous vehicles. In June this year TU-Automotive awarded Karamba Security’s SafeCAN Best Cybersecurity Product for 2018. It was the second time in a row that Karamba Security had been awarded this prestigious recognition, after its first product Carwall, was unanimously awarded TU-Automotive Best Cybersecurity Product for 2017.

The company is actively engaged with 17 different OEMs and Tier 1s, only two years after coming out of stealth. SafeCAN is claimed to be an industry first for authenticating and hardening in-car networks with zero network overhead, to secure command communication between Electronic Control Units (ECUs). Karamba Security achieved the winning vote as SafeCAN addresses the increasing threat of invasive automotive cyberattacks through the automotive hacking of in-car networks, particularly infiltration via third party dongles, over the air (OTA) updates and the CAN bus.

“To protect the car’s safety systems from hackers, the industry is demanding the capability to authenticate CAN bus traffic. However, the biggest barrier to overcome is CAN network saturation,” said Ami Dotan, Karamba Security CEO in a February press release.

“Traditional authentication technologies require additional network throughput, which is unacceptable in the CAN. Karamba’s patent-pending SafeCAN software offers zero network overhead for ECUs that should be authenticated.

“Design of secure end-to-end IoT deployments starts with building security into IoT devices. IoT security has to be built in at the design and manufacture time to be effective, not bolt-on after deployment. Especially in heavily regulated industries, such as automotive and healthcare, demand is increasing for built-in IoT security,” says Gartner in its Cool Vendors in IoT Security 2018 report.

Gartner recognized Karamba as a Cool Vendor for its Autonomous Security software solution. Karamba’s technology provides end-to-end attack prevention, with zero false positives. Karamba’s solution was designed and built for the resource-constrained environment of IoT devices, with negligible performance impact. Karamba’s software seamlessly hardens the IoT device according to its factory settings, and prevents unauthorized changes to the device, i.e. malware.

Automotive Industries (AI) asked Otonomo CEO Ben Volkow how important data services are in a connected car.

Volkow: Data services are major part of the auto industry future. Analysts predict that they could generate up to 50% of the revenues for OEMs by 2025. This equates to hundreds of billions of dollars annually. Data services are not only a revenue source for OEMs, they are also becoming more important to drivers who want to continue the smart phone experience in the car with dozens of in-car services delivering safety, security and comfort.

AI: What makes your platform so effective?

Volkow: User flexibility is major part of it, but it’s really the full platform feature set with consent management for OEM visibility and control with dynamic adaptive anonymization, security, data normalization, insights, accounting, and pricing.

AI: How will users of connected cars be able to keep their data safe?

Volkow: This is done through regulation and strong commitment by OEMs to  be responsible with data. To get clear consent for data usage from the driver, to provide full visibility to the driver about how his data is being used and to enable the driver full flexibility in areas such as opting in/out for data services, erase the data or move it to a new place upon request. Otonomo supports all those, and helps OEMs to comply with different regulations such as GDPR (European Union General Data Protection Regulation).

AI: How has Otonomo’s Consent Management Platform helped in this?

Volkow: Otonomo Consent Management Hub was designed to comply with regulations in different geographies regarding personal data usage and visibility. We enable OEMs to share data in confidence with full compliance to regulation and at the same time build trust between drivers and OEM regarding data usage and data services.

AI: What international interest has Otonomo garnered from investors and why?

Volkow:  Otonomo is sitting in the crossroads between automotive data and AI, and enables a huge market (which McKinsey estimates will be worth up to US$750B by 2030). we get a lot of interest from investors in different geographies. We are considering another funding round to accelerate growth and meet the strong demand we see in the market.

AI then asked David Barzilai, Executive Chairman, Karamba Security, how the company’s Carwall and SafeCAN provide protection against potential cyber-attacks in connected vehicles.

Barzilai: Carwall seamlessly hardens the vehicle’s ECUs according to their factory settings, and prevents any unauthorized change, i.e. malware. It uniquely offers a three zero value proposition: zero false alerts, zero developer intervention (I.e. no delays in time to market) and zero-day attack prevention, i.e. protecting against known and unknown threats.
SafeCAN has broken another cybersecurity barrier. It authenticates CAN traffic with zero network overhead on the saturated CAN architecture. SafeCAN enables to ensure safe OTA updates in the vehicle, and to prevent attacks through remotely exploited dongles.

AI: What is the challenge for autonomous vehicles and is the technology the same as for other applications when trying to prevent attacks?

Barzilai: The market for autonomous vehicles will be determined by consumer trust. Growth will be inhibited if consumers believe that vehicles can be hijacked and used as weapons by terrorist organizations, or they can be hacked by ransomware.
The challenge of protecting vehicles against cyberattacks is different to that of preventing datacenter attacks. The biggest risk in vehicles’ is loss of life, not loss of data. Cyber technologies that are destined at vehicle protection must avoid false alerts (aka false positives), which are common in datacenter cyber protection solutions. False positives may cause airbags not to open or brakes not to engage if they are mistakenly suspected as malicious.

AI: What makes your approach different?

Barzilai: Karamba doesn’t view the vehicle as mini datacenter on wheels, as others do. The other technologies expose users to the risk of false positives, and as such are confined to detection and not to prevention. Karamba views the car as an array of IoT devices, which should run exactly according to their factory settings. Changes to factory settings, which are not delivered by the car OEM, must imply a malicious attempt to hack the ECU and infiltrate the car. Karamba Security’s software automatically reverse engineers factory settings from the ECU’s binaries (i.e. no source code is required) and creates a policy based on those settings. The policy is embedded on the ECU’s firmware, and validates each operation in runtime. When a deviation from factory settings is detected, it is immediately prevented and reported to the OEM.

Benefits to the OEM include:

  • Complete automation: no need to ask developers to do anything different nor to delay time to market
  • Zero false positives, as no statistical analysis is involved
  • No connectivity and no updates are required: the ECU checks itself and prevents the attacks
  • Hands off: the policy is either at the tier-1 or OEM’s premise, without any involvement of Karamba Security’s staff

AI: What investment have you attracted?

Barzilai: Most of Karamba Security’s investors are not Israelis, and for most of them it’s the first Israeli company that they have invested in. The global network that Karamba Security built has helped us a great deal to expand our reach to leading OEMs and Tier 1s in every continent.

AI: What gives Israeli auto tech firms an edge?

Barzilai: It is the “can do” culture, the entrepreneurial spirit and the academic and practical education that Israelis are privileged to benefit from, thanks to high academic subsidies. Additionally, the military reserve entitles young Israelis to gain access to cutting edge technologies, and to levels of accountability that is uncommon for their young age group many other countries.