After years of technological warfare in the air force, veterans of an elite Israeli Air Force unit are now providing cybersecurity to cars to protect them from cyberattacks.
“The modern connected car is very similar to fighter jets, with a growth in functionality and connectivity,” Dionis Teshler, the CTO of GuardKnox told The Jerusalem Post at the company’s headquarters in the central Israeli city of Ramle.
“We bring a lot of experience in systems geared towards aviation and missile defense. Protection for the modern car requires a different kind of thinking as cars are highly computerized and this is often times overlooked,” he added.
Dionis served in the IAF as System Security Architect for advanced F15 and F16 avionics and later served as the Chief Information Security Officer responsible for the design and implementation of cybersecurity solutions for missile defense systems, such as Iron Dome and Arrow 3.
Founded in 2016 by Moshe Shlisel, Dionis Teshler and Idan Nadav, GuardKnox focuses on restricted communication between a car’s various networks. The modern vehicle has between seven to 10 different networks and between 50 to 150 computerized units (ECU) which control various parts in the car. All the networks interconnect various subsystems through a central gateway computer.
Their patented cyber solution Lockdown Methodology prevents any attack from changing the functionality of the vehicle by enabling secure separation of communication networks without the need to have constant connectivity.
It controls a vehicle’s communication systems and verifies it in a way that any instructions to the system has to meet the manufacturer defined set of standards in real time, if the requirements are not met the instructions are blocked from entering the vehicle’s systems.
The GuardKnox solution family provides security in-depth with a central gateway ECU Secure Network Orchestrator (SNO) platform, a secured domain controller, ECUs for Electric Vehicles and an external communication SNO platform for externally connected ECU’s. GuardKnox’s patented Service-Oriented Architecture (SOA) enables customization of the vehicle and secured high performance on-board data storage and processing for automotive manufacturers. SOA allows unified communication as well as access control and service level partitioning.
The SNO platform can be installed during the design and production of the car as well as retrofitted into vehicles already on the road as an after-market solution.
“Cars are highly computerized, and the more computerized the car the more vulnerable it is, Dionis said, adding that “communication is inherently vulnerable since it provides a large attack surface, so you have to decrease the risk by adding security.”
While there is “no such thing in the security world as being impenetrable,” Dionis said, the technology developed by GuardKnox verifies messages received by the vehicle through several layers of compliance and protects the it from hackers who may want to steal data, listen to conversations, or even take control of the car and crash it.
“The systems that get attacked first are the ones which are connected to the outside world. These remote attacks need remote wireless connections,” Dionis said, explaining that the main threat isn’t posed by terrorist groups but by criminal organizations or an “avid junior hacker sitting in his basement.”
GuardKnox has already sold its system to companies such as Porsche, Daimler and Mercedes-Benz and is planning to expand with other companies such as Volkswagen, as well as companies in China, Japan and North America.
The GuardKnox cybersecurity solution family is the foundational layer for added connectivity, services and personalization – creating an improved end-user experience and revenue generating opportunities for manufacturers. As a complete ECU, the SNO platform integrates seamlessly into the vehicle, the value chain and the vehicle production process.