Trillium Acquires Automotive Cyber-Security Specialist CanBusHack, Inc.

LAS VEGAS, NV, July 31, 2017 – (JCN Newswire) – Trillium Inc, a leading automotive cybersecurity solutions provider, today announced its acquisitioon of the assets of cybersecurity consulting specialist CanBusHack, Inc. Established in 2010, CanBusHack is the oldest automotive cybersecurity consulting and penetration testing company in the world, and is widely recognized as an industry leader with a broad portfolio of successful projects with major OEM and Tier1 customers around the world.

Trillium made the announcement during the annual DEF CON hacker convention, held at Caesars Palace in Las Vegas, Nevada, from July 27 – 30. Trillium’s cybersecurity solution was under prolonged attack in the Car Hacking Village by the hacker community, members trying to compromise Trillium’s BrainBOX and SecureCAR Server platform – as part of the Car Hacking Village’s “Capture the Flag” competition. (www.CarHackingVillage.com.)

“The addition of CanBusHack’s Red Team and penetration testing expertise is a perfect fit for Trillium, and adds to our already robust range of cybersecurity products, services and training capabilities,” says Trillium President and CEO, David M. Uze. “Now, in addition to providing customers with tools and systems to ward off cyber-attacks, we can also help identify weaknesses early to reduce network vulnerabilities prior to commercial system deployment.”

The combination of CanBusHack’s sophisticated “Red Team” and Trillium’s advanced “Blue Team” expertise is expected to deliver a 100% IP accretive environment for developing advanced vehicular cybersecurity systems.

As a result of the acquisition, CanBusHack President and Founder Robert Leale will join Trillium as its Global Consulting Practice Director, and be deeply involved with Trillium’s cybersecurity product development roadmap. He will also assume responsibility for building Trillium’s worldwide capabilities in cybersecurity consulting and penetration testing.

Mr. Leale and his team will proactively work with Trillium’s IoT and automotive customers on an on-going basis to identify and prevent “Zero-Day” exploits, ensuring that Trillium’s customers remain among the safest on the planet. “I’m thrilled about this opportunity to join Trillium’s world-class team and contribute to making it the global leader in automotive IoT penetration testing and vehicular cybersecurity consulting,” said Mr. Leale.

Trillium at DEF CON

Meet Trillium at DEF CON in the Car Hacking Village, where professional and hobbyist car hackers will work together to provide hands-on, interactive car hacking learning, talks and interactive contests. Trillium will be offering private demonstrations by appointment in its suite at Caesars Palace. Please contact us to schedule a session, demo@trilliumcyber.com.

About Trillium Inc.

Trillium Inc. was founded in 2014 with a team of executives and engineers from Japan, Europe and the U.S., with extensive experience in automotive networking, cybersecurity, embedded systems and IoT. Trillium provides a multi-layered suite of cybersecurity tools – SecureCar, SecureIXS and Secure OTA – and data-mining capabilities – SecureSKYE – to protect automobiles and IoT connected devices around the globe from cyber-attacks. Trillium is backed by lead investor Global Brain, a Tokyo-based venture capitalist.

Please visit: http://www.trillium.co.jp.
To arrange interviews, contact: pr@trillium.co.jp.

About CanBusHack, Inc.

Established in 2010, Orion, Michigan-based CanBusHack, Inc., focuses on assessing and compromising automotive embedded controller systems. Its specialists employ a variety of hardware and software skills to understand how those systems operate. For further details, visit: http://canbushack.com.

Topic: Press release summary
Sectors: ElectronicsDaily FinanceSecurity/BiometricsAutomotiveEngineeringDigital
http://www.acnnewswire.com
From the Asia Corporate News Network

Copyright © 2017 ACN Newswire. All rights reserved. A division of Asia Corporate News Network.

 

Trillium Launches SecureSKYE, a Paradigm Shift for Auto Insurance Tech

Transforms Industry From ‘Passive Safety Net’ to ‘Proactive Life Saver’

LAS VEGAS, NV, July 24, 2017 – (ACN Newswire) – Trillium Inc, a leading provider of automotive IoT cybersecurity solutions, today announced the launch of SecureSKYE, a data mining and analytics solution for the transportation industry, and enabler for monetization of data-driven innovations and applications for the insurance industry.

SecureSKYE creates a comprehensive, dynamically updated profile of the car and its driver. By utilizing the platform’s data-mining and analytics capabilities, ‘safety-and-security’ applications and services such as geolocation-based emergency services, insurance tech solutions including ‘Usage-Based Insurance,’ ‘CyberSecurity-as-a-Service,’ ‘Forensics-as-a-Service’ and even preemptive vehicular maintenance are all made possible.

“In-vehicle telematic control units are not new. However, the cybersecure, mass collection of such telling data on so large a scale represents a golden opportunity for insurers, traditional security and cybersecurity service providers, automotive manufacturers and wireless carriers,” says Trillium CEO David M. Uze.

SecureSKYE manages all data with top priority on ensuring privacy and confidentiality of user information. Analytic outputs are customizable to meet the precise requirements of our customers’ service applications. SecureSKYE opens the door for insurers to tap into a new and lucrative revenue pool through enablement of a vast market for the profitable underwriting of autonomous vehicle and connected car insurance policies, as well as the roll-out of new fee-based services and applications.

“We are now at the cusp of realizing the extraordinary benefits of IoT. Car insurance will be transformed from a ‘passive financial safety net’ to a ‘proactive life saver.’ It’s a ‘win-win-win’ for insurers, auto manufacturers and vehicle owners, and positions Trillium as the backbone to provide the protection required in an autonomously driven world,” says Mr. Uze.

Trillium has delivered SecureSKYE to a Japanese OEM customer. SecureSKYE is available for implementation in either blockchain or cloud-based formats.

Meet Trillium at Black Hat, the world’s leading information security event. Black Hat USA 2017 kicks off with four days of technical training, July 22-25, followed by the two-day main conference, July 26-27, at the Mandalay Bay in Las Vegas, Nevada.

About Trillium

Trillium Inc was founded in 2014 by a team of executives and engineers from Japan, Europe and the U.S. with extensive experience in automotive networking, cybersecurity, embedded systems and IoT. Trillium provides a multilayered suite of cybersecurity tools – SecureCAR, SecureIXS, and SecureOTA – and data-mining capabilities to protect automobiles and IoT connected devices around the globe from cyber-attacks. Trillium is backed by lead investor Global Brain, a Tokyo-based venture capitalist.

For further details, visit: http://www.trillium.co.jp.
For questions and to arrange executive interviews, contact: pr@trillium.co.jp.

 

Making Strides: The Steps to Take to Make Cars Secure

Cyber terrorism is not an idle threat. New malware and cyber-attacks are developed every day, all created with the intent of stealing money, information, identities, or as in the case of Car hacking inflict physical damage and wreaking serious havoc.

The explosive nature of the cyber battlefield has resulted in frequent anti-virus/anti-malware updates becoming a necessity, a needed measure against new attacks that exploit devices not protected by older software.

Now compare this dynamic environment to that of an automobile’s development. Designing and producing a new car is a task that takes years, with plans only rarely being changed once an OEM moves past the design stage. To assume security measures developed in such a static environment can hold up to the barrage of never ending cyber threats is naïve. In a recent article, Automotive World calls for an overhaul of the approach taken to cyber security in vehicles, both before and after a car is sold.

The needed steps to be taken to improve automotive cyber security best practices starts with regular checking of software integrity throughout the design process. Instead of leaving software analysis to the end of a vehicle’s design period, it should be checked throughout each stage of its development. As new features are added and old ones updated, software used must be scanned for bugs that could later cause problems. Automotive World emphasizes the risks OEM face by not catching code issues early on, such as delays in development, vehicle recalls, or loss of life due to a cyber-attack. To ensure the quality of the testing done, they also strongly encourage the use of third-party penetration testing and consultation services to expose holes potentially unseen by the developers. Firms like Trillium play an important part in this procedure, giving OEM the opportunity to strengthen their cars’ cybersecurity from an early stage in the development process and throughout.

The second solution to this lack of preparedness is to implement updates to their security after they’ve left the factory floor. It is unreasonable to expect cars to roll out onto the streets with perfect code, but any bugs found need to be addressed by the OEM. Legislation is moving in favor of placing the responsibility of car software integrity in the hands of the producer, meaning OEM and other suppliers need to provide the means of keeping cars safe once they are on the road. To this end, Over-The-Air update services like those found in SecureOTA are needed, giving vehicles the fast, seamless security updates they need to stay protected in cyberspace. As cars become more and more integrated into their environments thanks to V2V and V2X technology, the speed at which new attacks are brought to bear on vehicles will only increase, and only software of the highest quality can ready drivers for future threats.

Autonomous Vehicle Liability: Manufacturers and Insurance Providers Held Responsible

Responsibility is one of the most widely contested facets involved in the production and integration of autonomous vehicles. Since they have existed, autonomous cars have been surrounded by debate regarding who should take responsibility in the case of a collision or other incident involving one. While the days of streets filled with self-driving cars are yet far off, governments are starting to see the earliest manifestations of legislation in the field.

Recently, Japan’s Ministry of Land, Infrastructure, Transport and Tourism published the conclusions deemed from their meeting in late April, where they deliberated on the matter of liability in traffic accidents concerning autonomous vehicles. The discussion was focused on fully automatic cars, with the key point of discussion stemming from the cause of an incident – whether it was due to a glitch or to human error. Their consensus can be summarized as follows.

“It was proposed that, when the cause of the accident is due to a glitch in the system, the costs should be borne not only by insurance companies but by the manufacturers.”

The article published in Keizaikai Magazine goes into further detail, expressly mentioning the case of a car hack, saying that “Should a vehicle that is hijacked through some external cause, such as hacking, become involved in an accident, the case would be treated in the same manner as one involving a stolen car.”

The message being conveyed here is clear. In the event that a structural flaw in the autonomation systems of a vehicle is responsible for a traffic incident, the driver is not to be held responsible. This act of solidifying the policies to be taken regarding autonomous vehicles is a necessary step in integrating them into society, and serves as a great wake-up call to automotive insurers and manufacturers alike. The threat of car hacks grows more prominent by the day, and if cars aren’t equipped with reliable cybersecurity measures, the lives of their drivers will be at risk. If manufacturers want to protect their customers and themselves from this threat, a clear hands on cyber strategy is needed.

The importance of Trillium’s multilayered approach cannot be emphasized enough – any system that employs only one defensive measure puts itself at risk of a devastating breach. Quite simply, single layered defense open up for single point of failure. The cars of tomorrow need not only IDPS (Intrusion Detection and Protection Systems) blocking attacks from entering the vehicle, but also sturdy protection of the IVN (In-Vehicle Network) that roams behind gateway units, else they risk losing everything upon the inevitable breach of a single layer defense.