GuardKnox and Palo Alto Networks©: How To Secure Connected Vehicles




Karin Shopen: Hi everyone and thank you for joining us today in the securing connected vehicle session. This session is going to be divided into two separate parts. The first part we're going to cover the market trends, we will explain what a connected vehicle is, go over the different functionality within the vehicle, that talks to one another and communicate with the cloud. and go over the risk and probability of hacking a connected vehicle. In the second part of this session we will go over the joint offering between Palo Alto network and GuardKnox, and we will provide you with a strategy on starting the project of securing your connected vehicle. I am very lucky to host today two very seasoned speakers on that topic. DD from Palo Alto Network, who is the product marketing responsible for the automotive industry. and Moshe, who is the CEO of GuardKnox Cyber Technologies. Moshe, can you share with us how you identify the problem, and the need for in-vehicle cyber security.

Moshe Shlisel, GuardKnox CEO: Our team is coming from defensivization in airplanes, we all got used to the fact that our fighter jets are protected against cyber-attacks. So, we were thinking that understanding that connected car is some is a trend that is coming, the challenges would might be the same. So, we've started thinking about that, and then Charlie Miller and Chris Valosek Chris just did the market for us. and then from that point is quite history. GuardKnox was founded in 2015, since then we've started working together. and then we've brought very innovative solutions that are coming from moving platforms. Some of them, most of them are patent already. So, and we are excited to be here to partnership with Palo Alto.

Karin: Let's start by defining some basic terms what is exactly a connected vehicle.

Dharminder Debisarun: So, connected vehicle in this New Era, would be everything that is connected from the car to the Internet. and will make a connection, a secure connection between the internet, and the cloud. And that will be used for all type of entertainment, but also for all types data analytics.

Moshe: If you think about a connected vehicle, and you think about smartphone of today. I think that the if Alexander Graham Bell came out of his grave and saw what we call the phone today, he would probably died again. This is not a phone, this is a complete computer, that is connected every time, everywhere between people. That's the trend that a connected car is going, and with this trend comes of a challenge of cyber security, from the fact that a car is connected from a lot of angles.

Karin: What had influenced and driven the market to move to a fully connected car.

Dharminder Debisarun: So, what we have been seeing is that the customer are spending so much time during their journey in the car. they need more entertainment towards in the car itself. And one of those drivers are customization of applications that they are aware of are needed, for example Spotify in the car. but also reading your email or do your work in the car. These are drivers to do it for the connect car. not that only, the second thing that we see is happening for the OEM and the manufacturer itself, for example to the repair shop, repairing cars. If you already up front know what part will break down or what part should be reused, you already can make the appointment at the repair shop, and the car can be planned for its repair.

Moshe: Well, I really like your question Karin, because we're playing with the word drivers. there are trends, and the drivers themselves as customers. what we see today in the industry that OEM are looking for customizations of the vehicle through its lifetime. Which means drivers themselves looking for the car to be updated, and towards their different needs that are coming through, toward the lifetime of the car. For example, to have different accessories connected to the car, or different capabilities that can be downloaded as a software upgrade to the vehicle. And by doing that you have to have the ability to do that in a secure manner.

Dharminder Debisarun: With the connected car we of course are introducing, and another attack factor.

Moshe: Sure, and the attack factor comes from the fact that on one hand the driver himself is downloading different applications, and the fact that car is transmitting to the OEM data center. For example, performances because the road is the biggest lab for the OEM, and the fact that they can do as you mentioned Dharminder predictive maintenance, getting readouts of the car.

Dharminder Debisarun: Yup

Karin: How would you define the connected car market today in terms of magnitude, and what would real prediction for future growth? 

Moshe: Well, today we have 1.2 billion vehicles moving on our roads globally. and since 2003 every car is having the ability to be connected physically or in a remote way. But the trend is that we find more and more vehicles that are connected in some cases in four different places. So, we will see around between 40-50 percent of the this the annual market being connected vehicles in 2020, and then the five years afterwards, we'd probably get to around 90 percent. So, we are going to see every, almost every vehicle in the road specifically new ones are that will be connected.

Dharminder Debisarun: Yeah, so looking at that Moshe, the car will also generate a lot of data, and the data will be used by OEMs for different products. it can be used for making the car better, making the engine better. it can use to analyse, what the consumer needs. So, all that data needs to be transferred in a secure way to the cloud.

Moshe: Yeah, you're absolutely correct Dharminder. The amount of the data that car manufactures in an hour is measured by gigabytes. So, we will not be able to send every bit from the vehicle, so we need to be able to have edge computing, and the ability to process data on the premises from one hand. On the other hand, we have to mitigate the requirements for privacy, which means you're not going to send private data to others. So, the challenge for dealing with a connected vehicle, is pretty much becoming like dealing with a computer. but the major issue here that we are having our families, and our loved ones in this vehicle.

Dharminder Debisarun: You know the connected car is all about safety and security.

Moshe: Sure. 

Dharminder Debisarun: So, like you will protect your own home, you must protect the car itself.

Moshe: Absolutely. 

Karin: The term connected car indicates that some kind of communication needs to happen between the different function, both in the car and to the cloud. Could you explain more about all of the different application, and how they work with one another.

Moshe: Sure, let's think about a vehicle, the modern vehicle of today. It comprises of around 100 to 150 different automotive computers which generate a lot of data, and a lot of communication between those computers, in order to function. Now we have a lot of phases that the modern car is connected. for example, there are remote keyless entry, smartphones in some cases just the fob. Or in other cases for example the sensors, the vehicle, the radar, the lighters, or telematic units, or even different communication from the car outside, to get an update, to get an over the air update from the OEM. And to download different applications. which eventually needed to end in some place.

Dharminder Debisarun: Yeah, and that's one of the reasons why the secure Channel and cloud security is very important for the connected vehicle.

Moshe: Sure, and I think the fact that we are covering those three bases. The in-car vehicle security, and the fact that we are providing a secure encrypted and authenticated Channel, the one that can be trusted. And the one that provides full security in the cloud, well that's probably a home run.

Dharminder Debisarun: Yup.

Karin: To all of you our viewers, just a quick reminder, that you can ask us questions. So, if you look at your console, there is a place for you to ask question in writing. And we will address all of them to the session and at the end of it. up till now we cover the market size, the potential for growth, different functions within the connected car, and how they work together. Moshe could you share with me, what do you see as the biggest threats moving forward.

Dharminder Debisarun: So, like we are used to what we have seen now with ransomware, like Wannacry, and malicious for nobilities. it can happen also in the car, because the car is connected to the Internet and introducing an attack factor over there. So, what will happen if you wake up and you want to start your car, and you see ransomware, please send us so many bitcoins to an address. That is what we want to try to protect, another stuff is, what happens if you are driving your car, and your car is accessible from the outside world, and somebody tries to put down your brakes Moshe.

Moshe: Yeah if you think 20-30 years ago, when computers didn't have firewalls. then everyone just could penetrate to your computer and play with your software or with your applications. But then you just might not lose some data, you might lose I don't know some software that you've downloaded. but here we're talking about our family, and our loved one’s lives because if you look at a car. Car the smallest area in the world, where all our loved ones are gathered. So, having said that, the incentives are in many many other angles. for example, for a fleet manager, if someone is just you said Dharminder, just stopping the feet from acting. then he's gonna lose a lot of money, every single day, that fleets doesn't generate revenues. On the other hand, some kids that sits somewhere, and trying to connect to a car wherever he is, through the cellular network. then he could take control on the steering, on brakes, on the phone, then just for fun throw someone's car to the ditch. And of course, the ability when cars are connected through the OEM. Think about the risk that an OEM would feel if someone just hacked the vehicle, and then published the video all over YouTube. for example.

Karin: I know that myself personally, and probably a lot of our audience have watched many movies like fast and furious, where fleets of cars are being manipulated remotely for different reason. If it's for terror attacks, for clearing a street for a race, and any other use cases. Could you share with us what are the real risk and probability of them happening with car hacking today.

Moshe: I think that the most risky thing is the fact that cyber security in vehicle are heavily connected to safety, because eventually car manufacturers for the last century were manufacturing vehicles to be safe, and this as well was their first priority. Now, the fact that a car is connected to the Internet, we're bringing another attack vector which is the Internet, and it can come with various vectors, even from the tires for example. because the tire pressure is reported through a Bluetooth for example, then we have the vehicle to vehicle communication, because when we are heading into a semi-autonomous vehicle or to autonomous vehicles. Those cars are going to talk one to another, and there's another communication not only from the car to the OEM. Then for but the car to another car. and of course, a car to the infrastructure, cars are going to start talking to traffic lights, and to other city infrastructure as well. Just think about charging another an electrical vehicle for example. We're going to talk, there's going to be conversation so to speak between a vehicle to the grid. and then eventually there are business processes, and of course private data, that we all know that are stored in inside computers today and will be stored in the vehicle.

Dharminder Debisarun: Yeah and the data has to move somewhere, and the clouds will be playing a big role in this setup for transferring the data towards the endpoints.

Karin: Thank you. This is the best segue to part two, when we will start talking about the joint offering, and provide our audience with a strategy on how to start their project to secure connected vehicle. So, based on both of your experience in all of the project that you have run in the past. What is the best way to start, where should they focus.

Dharminder Debisarun: A lot of our automotive customers are on a journey, and one of those journey includes their journey into the clouds. So, if you are looking at your workloads or the data that you are gathering, and you want to process in the cloud, or you are want to give access to third parties through the cloud. it's evident that you should be protect your cloud as your own private data center. And from saying that all the traffic that is in the cloud, should be inspected but deep packet inspection. and that's why we play as with the firewall as a service or with the virtual firewall in cloud solution a huge role.

Moshe: For looking it at from the other side, from the car to the cloud. When I'm starting my vehicle the morning, I would like to get some kind of a view that my car is protected. So, in the cause of tomorrow or then the modern vehicle, there are going to be constantly connected to the cloud, Okay. Not necessarily to protect the vehicle. well a green light that says that my car is updated, protected, and I can go, and I can drive it no problems whatsoever is essential. In order to have that, and in order to have the ability, to have a constant secure communication from one end. and a fully secured in vehicle solution that is not dependent on updates, we have to have an overall solution that looks on the three parts of the automotive market. which means the in-car security, then the secure channel and eventually, which is very important. The ability to have everything that is secured in the cloud, not more not only that but every data that sent from the vehicle to the cloud.

Dharminder Debisarun: Sure, sure an encryption plays a huge role in that.

Karin: Moshe and Dharminder both, thank you very much for sharing all of those great tips and insight into the best way to start a connected car project. Let's move forward and talk about the our joint solution, and how we can help our customers, and our audience solve those problems that we just covered.

Moshe: GuardKnox as an or secured network Orchestrator is hardware, and a complete software stack device. that sits in the vehicle and lock all the communication inside the vehicle. which means every bit, in every field, in every message is scrutinised in real-time, and check that it is complies a set of rules. That we together with the OEM have been creating, and we're covering three layers. The first layer is a physical separation between networks. the second layer is that we are locking every bit as I mentioned. and the third one that we have, a very unique state machine that compares between the state of the network and what the car is really doing. Which means that brings fighter jet protection into the automotive world, with affordable automotive pricing.

Dharminder Debisarun: With that said all the data that is gathered in the car needs to be communicated towards the cloud. So, we will set up with our firewall as a service, a secure channel based on SSL VPN. towards from the car to the cloud, where the OEM maker can offload their data. We will inspect the data, so your data will be protected against ransomware, malicious activities. and from our firewall as a service prospects, proposition sorry, proposition you can move your data to your end destination. that could be to a third-party vendor, that could be to your own private data center, that could be somewhere to another cloud. and based on these two technologies we are providing you the end-to-end solution.

Moshe: On top of this secure end-to-end channel, GuardKnox provides the service-oriented architecture, which in its solutions, who acts like a platform. we are having and hosting different applications in a secure manner, which means every application lies in its own compartment. and of course, we are using a hypervisor to protect between different applications. So, we can host different operating systems, and on top of them different capabilities. that provides the ability to the cloud, to provide different services to the vehicle or to the driver, and on top of it. the other way around, to send data to the OEM, or to a different service provider, that requires different data from the car in real-time.

Dharminder Debisarun: Because we are using firewall as a service, scalability is no problem. for the connected car scalability is essential. If you know how many cars are on the road wants to set up a secure channel, and deliver data, scalability is key in this topic.

Karin: Based on the information that you just shared with us. The joint offering between the two companies, offered an all-inclusive end-to-end solution, what are the benefit our audience for having that.

Moshe: In the automotive market, standards are much appreciated. So, if when we are providing a standardised solution which complies the safety standards and cybersecurity standards. eventually we're using common criteria which known in the IT. This is something that we can assure to the customer, that the system is secure not because we're saying so. Because just because an external lab can say so, and we're using strict methodologies and technologies, that Dharminder just mentioned the SSL VPN to secure in to encrypt the channel. So, eventually a message and because we are, because we are trusting each other, and the GuardKnox solution and the firewall or the firewall as a service from Palo Alto, are so to speak know each other. Then a full trust is made between those two ends, and then we are, the firewall itself can expect the data in more thorough ways.

Dharminder Debisarun: So, looking at from a different angle also a hacker code come to your cloud environment, to your environment. and try to find his way to the connected vehicle itself. So, by combining these two solutions together, will give you as an auto manufacturer the complete holistic overview of your end-to-end security for the connected car.

Moshe: Not only from the over-the-air update perspective, but from the entire journey of a message in the vehicle, and message from the vehicle, outside over-the-air eventually to the data center of the OEM.

Karin: What is this joint end to end offering enables our customers with?

Dharminder Debisarun: This will help the car manufacturer for one-stop shopping for security, for the connected car but also it into the cloud.

Moshe: And from the car perspective when we have full trust between the two ends of the channel, then we have a protected vehicle, then when the message is sent to the cloud. because of the fact that there is a technical trust between those two ends. then message can be encrypted, then decrypted, then analyzed by the firewall as a service, and scrutinized when it lands in the cloud. from a services perspective we understand that eventually the trend is that the modern car will be pretty much look like a smart phone. which means we can download applications, we want to be able to upgrade the car performance for example. if you take the car to a racetrack, and you want to extend your powertrain, or do some upgrade to your suspensions. then you can buy and rent applications for a period of time. In order to do that you have to be able to host those applications, --to disseminate -- them internally in a secure manner. for that GuardKnox came with its patent service-oriented architecture, and by that we are able to do that internally. But in order to do that in a perfect way, we need a trusted partner that can complete the entire journey of this application, of the software that is downloaded to the vehicle. and in that part exactly the Palo Alto network's is coming.

Karin: We covered a lot of content today, highlighting the importance of incorporating Cybersecurity into everything that you do and build, while creating a connected car. could you give us a quick summary of like, most important key takeaways that our audience needs to have at the end of the session.

Moshe: As we saw, the automotive market security is divided into three major parts: the in-car vehicle security, the channel, and the cloud. So, from our perspective, and from this fantastic collaboration perspective, what we think is that, we need to have an in-car security, one that is not dependent on being updated all the time, one that can secure in real time and eventually protect the life of the passengers that are sitting in this vehicle. And when we're heading into a connected vehicle, to be able to connect in a trusted, encrypted way, to the cloud through a secure Channel.

Dharminder Debisarun: Yeah, so from the secure channel to the cloud, security is the most important part. it has to be secure, because you cannot jeopardise passengers’ life, and that's one of the takeaways that we think is the most important, when you are thinking of the connected car. Of course, something can go wrong, so you need also to have your Incident Response ready, if you have failures in the car, to do an over-the-air update. don't have to bring the car back to the repair shop for updates, that will save the OEM maker also money.

Moshe: Absolutely, will save time, will save money, and because we are uploading data from the vehicle to the cloud. eventually they can understand that something might go wrong before it did.

Karin: Thank you, Moshe and Dharminder for sharing your knowledge with us and give us and the audience all of those great key takeaways on how to start their project to secure connected vehicles. This will end our session today, and we're going to move into the Q&A in a minute, this is a perfect time for you to type in your question for our speakers, and right next to this tab, you can find the download tab. you can find additional assets, and more information in it. Thank you very much for being with us today, looking forward to your Q&A.

Jillian: Hi everyone thank you so much for joining us this afternoon. I'm Jillian Goldberg with GuardKnox. and we are going to go ahead and get started with some live Q&A, here with Dharminder Debisarun from Palo Alto networks. So, as you typing in the questions, we'll go ahead and repeat your question and start answering them. So, the first question that we have here is, what standard you guys see as becoming a factor. this is actually a very interesting question, because currently there are no Automotive Cybersecurity standards. from the GuardKnox perspective, we actually adhere to both cyber security and safety standards. So, ISO 26262 which is a safety standard, as well as Common Criteria or ISO15408.where we actually certify us with EAL 5 or 6. This is the full solution here, in addition which is quite interesting. is there is a joint ISO SAE working group, on trying to identify what are the cybersecurity standards, that will be working in the automotive industry. there's working group ISO SAE 21434 for the road vehicle cyber security engineering. is a really interesting working group, working with OEM's all over the world. really trying to understand, what is the industry moving forward you, and at what point are the standards going to become more and more relevant, in the industry. Dharminder any input from the Palo Alto network side.

Dharminder Debisarun: No, we don't see any standards coming out yet at this moment in the automotive branch, but there are a lot of working groups and frameworks available as you mentioned.

Jillian: Great, so the next question that we had here is. how does the joint solution deal with updates, DD want to go ahead and take this one and then I'll follow up from the GuardKnox side?

Dharminder Debisarun: Yes, so the joint solution exists of two sides, one side is securing in-car security, and the second thing that we do is setting up a secure channel to offload data or to receive data from out the cloud or your own private data center.

Jillian: Yes, and from the GuardKnox side. I needn't read about the GuardKnox solution as not mentioned in the recording is, that we actually do not need to be updated as long as the communication matrix of the vehicle does not get updated. So, once we do have updates through our secure channel, we are able to do this. we are also able to through our secure channels, who have secured data transfer, etc. and for upgrades to the vehicle. The second part of this question was, is it scalable. and the answer here of course is, absolutely yes, this is a fully scalable solution. Because GuardKnox is a platform within the vehicle, we're able to completely scale this within the vehicle, for a number of different applications. as well as our joint solution can fit a number of different market, market segments. as it introduces the full end to end solution.

Dharminder Debisarun: Yes, and on the cloud side, this scalability is available in horizontally way, in your data center. If you are utilising public clouds like AWS for example, we have tight integration with Amazon services like Lambada, or outer scaling groups where –the VM series---will be scaled as the workload takes up.

Jillian: Great, so the next question that we had here is, can you joint solution apply to the after-market? And yeah from the GuardKnox side, we actually do. because we are both hardware and software, we are a drop-in solution that apply seamlessly to the aftermarket. a huge market segment for us, as well is when you're talking about -fleets-- with our largely -fleets of semi-trucks that you have on the road as well. and it's actually an amazing solution for the suite with the GuardKnox in the vehicle. and then with our secured communication Channel through Palo Alto, it enables a full suite level visibility. and we're able to get a lot of data, and usage from this. and the direct connectivity with the cloud. Dharminder, I know on the Palo Alto side, the whole idea of the suite as well is really interesting, and there's a lot to talk about from there.

Dharminder Debisarun: Yes, so this relationship with Guard Knox is bringing two big factors together, to help automotive industry. to secure a safe way to update ECU's or auto serve delivered into the car vehicle. so, we have more question

Jillian : Yes, it looks like another question that we had here is asking what new business and business model is enabled through the partnership. And wow this is a loaded question we have here because there are a lot of new business and business models here. and one of the biggest ones, is the idea of this added connectivity to our vehicles and added personalization. As our vehicles are becoming more and more similar to our smart phones, as we are able to customize, download apps to different things, that we want to make our vehicles more focus connected to our needs. and through this partnership we are actually able to add more connectivity in a secured manner, as well as have a more secured way to transfer. which is a huge issue in this market is, we have so much data, that's coming from our vehicles. and how can you make that data useful. And since GuardKnox solution is a platform, secured onboard data processing as well as storage, we're actually able to send back, through the Palo Alto Network secured channel, useful and relevant data and not all the abundance of data that we currently have. And this is a huge small segment of this new business model.

Dharminder Debisarun: Yeah so bringing us together is what we eventually give to the industry back is an end-to-end secure channel for the automotive industry?

Jillian : Great, yes.

Dharminder Debisarun: So, I don't see any more questions popping up, so, thank you for joining this webinar, and hopefully we got to give you more insight on how Palo Alto Networks and GuardKnox joins forces to secure the automotive industry for connected cars. thank you.

Jillian : Thank you.