RSA 2018 Profile: Upstream
RSA 2018 presented several moments of, “Oh no… I need to worry about THAT now?” Upstream, an early stage venture from Israel, offered up a juicy “Oh no, but it will be okay” perspective on the topic of cyber security for connected vehicles. Cars are full of digital processors, none of which are particularly well secured, it turns out.
The good news, or perhaps the bad news, is that there are projected to be 250,000,000 connected cars on the road by 2020, according to Gartner. Gartner feels that connected cars will emerge as one of the most significant elements of the Internet of Things [that can kill you or others if you don’t provide adequate security.] We’ll call that the IoTtCKYoOIFDPAS.
“A car is basically a hundred little computers sitting on top of four wheels,” said Oded Yarkoni, Upstream’s Head of Marketing. “They come from many different vendors and have millions of lines of code between them. They are installed by the car maker, but the vast majority of connected cars have literally no systemic security built in.”
This is the problem Upstream is solving. The challenge, according to Yarkoni, is to secure the connected car without requiring anyone to crack open the car and physically start installing security on the dozens of processors in the vehicle. “That’s a non-starter,” said Yarkoni. “However, the risks are out there and the potential impacts are serious.” Indeed, cyber risks for connected cars range from nuisances like being locked out of a vehicle to multiple fatalities and mass terror.
Upstream, which was founded by Yoav Levy and Yonatan Appel (CTO), uses a non-invasive approach to security for connected cars. Upstream collects telematics data from vehicles to a central server. TechRadar defines telematics as “A method of monitoring a vehicle. By combining a GPS system with on-board diagnostics it’s possible to record – and map – exactly where a car is and how fast it’s traveling, and cross reference that with how a car is behaving internally.”
Upstream uses low-footprint data collectors, installed on servers or networks deployed in the fleet data center. For Upstream, a “fleet” can be either an actual fleet, like a group of taxis owned by one company, or a class of cars like a 2017 Toyota Camry. In the latter case, the car company might serve as the data collector for its vehicles.
The data then goes to the Upstream Automotive Cybersecurity Platform for analysis. Upstream anonymizes the data to protect driver privacy and then does in-depth analysis to detect threats, anomalies and malicious activities. The solution can mitigate risks of DDoS attacks, forbidden server commands, malformed vehicle messages, malicious exploits and so forth. Rules-based workflows and customized alerts enable fleet managers to respond to security incidents on the road.
Policy Quick Take
Cybersecurity policies will soon be applied to cars, if they are not already. A fleet owner can set policies regarding access to the vehicle and its accepted uses. They can define and enforce myriad policies for the vehicle data and system access and on and on. Connected vehicle policy is set to become a key part of an organization’s security policy for IoT and edge devices.