Cars these days are basically computers with wheels, and as with other computers, you’ll probably want to make a few changes to protect against cyberthreats. Trillium, presenting today on Disrupt Berlin’s Startup Battlefield stage, is looking to be the security solution for in-car computer systems, adding extra encryption, intrusion detection and other firewall-like features.
We’ve already seen demonstrations of cars being hacked while on the road; the danger may be largely theoretical today, but it could make the jump to practical tomorrow.
“Hacked cars pose a far greater danger than hacked desktop consumers,” Trillium’s Adrian Sossna told me. “The possible damage that a rogue hacked car can make is vast. It’s already happening, and I am confident that we will see large hacks in the next 12 months.”
It behooves auto manufacturers to inoculate against it, considering how hard they’re pushing connectivity as a marquee feature. Trillium aims to be a one-stop shop for that protection.
Trillium’s software lives on the car’s computing hardware, doing a couple of main duties. First, it encrypts all in-car transmissions; this prevents a security soft spot like a backseat media screen or Wi-Fi hotspot from becoming a back door into more critical systems. And second, it watches over the car’s networks for unusual activity that could indicate an intrusion attempt. The software updates itself.
To be clear, this isn’t something you’ll plug in and install on your 2014 Accord. You can’t actually fiddle with your car’s internals to that extent — it would be a serious safety hazard if anyone could tweak their car’s engine control unit at will. Instead, it would be built into cars based on the needs of certain markets; Trillium might come as an option alongside different exhaust or suspension packages.
So if you’re a cab company and you’re going to lease 20 new Priuses (Prii?), you might dial down the amenities (no need for leather seats) but add cybersecurity to prevent your fleet from going down to black hats hired by a rival taxi outfit.
“Trillium’s solution is built to be embedded into the car when it rolls out of the factory,” explained Sossna. “Our future end-customer is a fleet owner that needs to protect its employees, cargo and society at large from car hacks.”
The pricing model is simple: $10 per car per day, paid by the people selling the cars or putting them together, not the end user. That way it’s a continuing service that justifies itself with frequent updates.
Of course, car manufacturers and in-car systems makers are already working on security measures, but Trillium plans to improve on those capabilities — while also working as a turnkey solution that can easily be adapted to nearly any model. Currently the company is working on its final product with partners like Japanese racing group äpr.
Trillium claims to be hardware, OS, and cypher agnostic, so it can easily be adapted for a new model or deployed across multiple vehicle classes that might not share their network components. It works because their software acts more as a transport layer, not digging deep into the applications and data themselves but just moderating their communications.
Cybersecurity in the automotive world is almost certain to become a major market, but it remains to be seen if there’s room for an ambitious startup solution like Trillian’s.