The Latest In Cyber Security

Our Take On News In The Cyber Security / Connected Car Space

Accountability in an age of Autonomy

We’ve all heard of this famous thought experiment: if there was a trolley heading down the tracks towards five people, and you had the choice to divert the trolley to an alternate track with only one person, should you do so? This question is perhaps the simplest way to demonstrate the complex ethical challenges facing the deployment of autonomous cars.

It is crucial that in this early stage of the autonomous revolution, governments must legislate a specific code of ethics for autonomous cars to prevent horrendous abuses of this newfound power. Germany, for example, has taken a step in the right direction, recently releasing a report on automated and connected driving. In this report, they outline 20 guidelines regarding the ethics of autonomous vehicles. These initial guidelines form an important precedent, for the first time giving manufacturers a clear idea of what core principles their autonomous systems should follow.

A few key points within the report highlight several necessary changes to vehicle systems:

  1. The driver of a vehicle retains their rights over the personal information collected from that vehicle. Use of this data by third parties must be with the owner’s informed consent and with no harm resulting.
  2. The vehicle should have an aviation-style “Black Box” that continuously records events, including who or what is in control at any given time.
  3. The threat of maliciously hacking any autonomous driving system must be mitigated by effective safeguards. Software should be designed with a level of security that makes malicious hacking exceedingly unlikely.

The first point demonstrates the necessity of maintaining privacy within a vehicle. Without respecting the rights of the vehicle owner, an OEM is infringing on that person’s right to privacy. Trillium shares this concern, and as such we have developed our SecureSKYE data mining and analytics solution with the consumer’s protection in mind every step of the way.

The second point demonstrates the importance of data integrity. This “Black Box” will be as crucial a safety feature as seatbelts and airbags historically has been, allowing improvements to be made to prevent future crashes.  Without data integrity, however, any data recorded will be useless as it is open to manipulation by malicious third parties. It will only serve as a convenient collection of data for cybercriminals to steal. Trillium addresses concerns of data integrity with SecureCAR encryption, authentication, and dynamic key-lock pairing, placing the data safe behind multiple layers of security built from the ground up for automotive applications.

The third point demonstrates the importance of system-wide use of a multilayered security solution. Any cyber-security system requires not just one, but multiple layers of security to effectively safeguard against attacks.  Each additional layer of security lowers the success rate of an attack exponentially. Trillium strongly agrees, offering an extensive portfolio of modular security solutions to allow for complete use of all available security resources, no matter the computational strength of the system.

Without flexible, multilayered security and customizable data analytics, manufacturing safe autonomous and connected cars is an impossible endeavor. More countries need to recognize the pressing importance of the matter before it’s too late. Germany understands the threat that autonomous and connected cars will bring, and we hope to see more countries adopt similar guidelines within the near future.

Trillium in the Media: interview with Yukihiro Yamamoto

Click the link below to read an interview with Yukihiro Yamamoto, Senior Director of Business Development & Operations at Trillium Japan about our take on Automotive Cyber Security! (Japanese language only)

Ahead of the Curve: UK Government to Pioneer Automotive Cybersecurity Legislation

Throughout history, governments have played a huge part in the development of technologies and their uses, often stepping in to ensure quality of use, safety, and standardization of industry best practices.

Whenever technology impacts society on a large scale, the potential negative consequences need to be considered alongside the benefits, and when it comes to connected cars, the biggest of these threats is undoubtedly cyber terrorism. With the age of self-driving cars and smart cities just over the horizon, government legislation is transforming our connected future from mere theory into reality.

Earlier in August, the United Kingdom published their “Principles of cyber security for connected and automated vehicles,” a set of guidelines detailing the necessities of connected and automated vehicles in the future. Such direct legislation is clear indication of the seriousness of the matter of automotive cyber security. What has long been simply the work of fiction and research is quickly become a potential threat to the connected car landscape, and having governments recognize it as such is the first step in creating a safer IoT driven world. Without such official recognition, the gravity of this threat is likely to be lost on the public until it is too late – that is, when an automotive cyber-terrorist attack has already taken place.

Of the many detailed guidelines laid out in the list of principles, two key points must be given special attention:

  1. Principle 3.1
    1. Organizations plan for how to maintain security over the lifetime of their systems, including any necessary after-sales support services.
  2. Principle 5.1
    1. The security of the system does not rely on single points of failure, security by obscuration or anything which cannot be readily changed, should it be compromised.

The first of these principles presents a clear message – for any system to be fully secure, it must be maintainable for the duration of its lifetime. Patching of exposed exploits and/or other threats is a necessity, as cyber security is an ever-evolving field in which a static defense system has no place. This same sentiment is echoed in Trillium’s philosophy, as part of our multi-layered SecureIOT platform is our SecureOTA and SecureSKYE systems, that enable an over-the-air update system designed from the ground up expressly for use in an automotive environment.

The second principle quoted is just as, if not more important than the first. The emphasis in this message is that no system is safe if its defense is concentrated on a single point of failure – multiple layers of security are necessary. In accepting the reality that no single security system alone is impregnable, the only solution therefore is to provide multiple systems under a single ecosystem. This message is the core of Trillium’s philosophy, the conviction that security done right has not one layer of protection, but multiple layers.

The United Kingdom’s foresight to develop such legislation pre-emptively is an example to be followed, and we hope to see more countries follow suit as this issue reaches more of the public.

Making Strides: The Steps to Take to Make Cars Secure

Cyber terrorism is not an idle threat. New malware and cyber-attacks are developed every day, all created with the intent of stealing money, information, identities, or as in the case of Car hacking inflict physical damage and wreaking serious havoc.

The explosive nature of the cyber battlefield has resulted in frequent anti-virus/anti-malware updates becoming a necessity, a needed measure against new attacks that exploit devices not protected by older software.

Now compare this dynamic environment to that of an automobile’s development. Designing and producing a new car is a task that takes years, with plans only rarely being changed once an OEM moves past the design stage. To assume security measures developed in such a static environment can hold up to the barrage of never ending cyber threats is naïve. In a recent article, Automotive World calls for an overhaul of the approach taken to cyber security in vehicles, both before and after a car is sold.

The needed steps to be taken to improve automotive cyber security best practices starts with regular checking of software integrity throughout the design process. Instead of leaving software analysis to the end of a vehicle’s design period, it should be checked throughout each stage of its development. As new features are added and old ones updated, software used must be scanned for bugs that could later cause problems. Automotive World emphasizes the risks OEM face by not catching code issues early on, such as delays in development, vehicle recalls, or loss of life due to a cyber-attack. To ensure the quality of the testing done, they also strongly encourage the use of third-party penetration testing and consultation services to expose holes potentially unseen by the developers. Firms like Trillium play an important part in this procedure, giving OEM the opportunity to strengthen their cars’ cybersecurity from an early stage in the development process and throughout.

The second solution to this lack of preparedness is to implement updates to their security after they’ve left the factory floor. It is unreasonable to expect cars to roll out onto the streets with perfect code, but any bugs found need to be addressed by the OEM. Legislation is moving in favor of placing the responsibility of car software integrity in the hands of the producer, meaning OEM and other suppliers need to provide the means of keeping cars safe once they are on the road. To this end, Over-The-Air update services like those found in SecureOTA are needed, giving vehicles the fast, seamless security updates they need to stay protected in cyberspace. As cars become more and more integrated into their environments thanks to V2V and V2X technology, the speed at which new attacks are brought to bear on vehicles will only increase, and only software of the highest quality can ready drivers for future threats.

Autonomous Vehicle Liability: Manufacturers and Insurance Providers Held Responsible

Responsibility is one of the most widely contested facets involved in the production and integration of autonomous vehicles. Since they have existed, autonomous cars have been surrounded by debate regarding who should take responsibility in the case of a collision or other incident involving one. While the days of streets filled with self-driving cars are yet far off, governments are starting to see the earliest manifestations of legislation in the field.

Recently, Japan’s Ministry of Land, Infrastructure, Transport and Tourism published the conclusions deemed from their meeting in late April, where they deliberated on the matter of liability in traffic accidents concerning autonomous vehicles. The discussion was focused on fully automatic cars, with the key point of discussion stemming from the cause of an incident – whether it was due to a glitch or to human error. Their consensus can be summarized as follows.

“It was proposed that, when the cause of the accident is due to a glitch in the system, the costs should be borne not only by insurance companies but by the manufacturers.”

The article published in Keizaikai Magazine goes into further detail, expressly mentioning the case of a car hack, saying that “Should a vehicle that is hijacked through some external cause, such as hacking, become involved in an accident, the case would be treated in the same manner as one involving a stolen car.”

The message being conveyed here is clear. In the event that a structural flaw in the autonomation systems of a vehicle is responsible for a traffic incident, the driver is not to be held responsible. This act of solidifying the policies to be taken regarding autonomous vehicles is a necessary step in integrating them into society, and serves as a great wake-up call to automotive insurers and manufacturers alike. The threat of car hacks grows more prominent by the day, and if cars aren’t equipped with reliable cybersecurity measures, the lives of their drivers will be at risk. If manufacturers want to protect their customers and themselves from this threat, a clear hands on cyber strategy is needed.

The importance of Trillium’s multilayered approach cannot be emphasized enough – any system that employs only one defensive measure puts itself at risk of a devastating breach. Quite simply, single layered defense open up for single point of failure. The cars of tomorrow need not only IDPS (Intrusion Detection and Protection Systems) blocking attacks from entering the vehicle, but also sturdy protection of the IVN (In-Vehicle Network) that roams behind gateway units, else they risk losing everything upon the inevitable breach of a single layer defense.

Worse than Ransomware: Cyber-Terrorism

Yesterday, a new largescale ransomware attack dubbed Petya hit computers all across the globe, disrupting operations in industry sectors and governments alike. The ransomware, similar to the WannaCry attacks earlier this year, demanded that a ransom be paid in BitCoin in exchange for decrypting of a computer’s files. The extent of the damage even reached so far as to disable the Chernobyl power plant’s website, forcing radiation monitoring to be carried out by hand.

One point to mention however – Petya isn’t ransomware.

According to Adam Clark Estes of Gizmodo, experts think that the objective of this attack was not profit, it was chaos. As investigation into the nature of the attacks proceeded, it soon became clear that due to the way it was designed, it would be nearly impossible for the attackers to gain any monetary profit through it. The email supposedly associated with the ransom was taken down by the host, meaning no payment could be received. With no way to pay the ransom, any afflicted machine thus becomes locked without a way out -cyber terrorism disguised as ransomware.

As fate would have it, this attack operates as an improved version of the WannaCry attack, utilizing the same Windows vulnerability -EternalBlue. Despite the media proudly announcing that a “cure” or “kill-switch” to the WannaCry attack was discovered, the same weak point was exploited, showing once again how truly unprepared the world is for sophisticated cyber-attacks. According to CNNtech, even Ukraine’s Cabinet of Ministers was hit by the attack.

The failure of the world to defend itself from such an attack is an embarrassment. The logical shift to dealing with cybersecurity is not being made often enough, with so many governments and corporations still not realizing that a system cannot last long without updating. Failure to update operating systems and software leads to situations like this, where old vulnerabilities remain exploitable by hackers. For the societies of the future, in which the integrity of every IoT-connected device is necessary, the ability to keep software equipped with the latest security solutions is paramount.

This reality is the driving motivation behind the development of Trillium’s SecureOTA platform, designed to swiftly and seamlessly update security measures on devices as often as needed. Such functionality is key to ensuring the long-lasting effectiveness of any security system, for as the saying goes, “Fool me once, shame on you. Fool me twice, shame on me.”

Trillium Inc named to Gartner’s Cool Vendors in Security for Technology and Service Providers, 2017

TOKYO, June 23, 2017 – (ACN Newswire) – Trillium Inc, a leading provider of IoT automotive cyber security solutions, has announced it was named as one of Gartner’s “Cool Vendors in Security for Technology and Service Providers, 2017”, a report by Ruggero Contu, Lawrence Pingree, Deborah Kish and Dale Gardner of Gartner Inc (Published: 4 May, 2017).

“It is a unique honour to be named a Gartner Cool Vendor 2017,” said David Uze, President and CEO of Trillium Inc. “As a designer and provider of multilayer, adaptive and custom Cyber-security systems, we are on a mission to solve the biggest threat facing society due to the roll out of autonomous driving vehicles: car hacking.”

Gartner’s Cool Vendor Reports aim to identify companies with the potential to bring about paradigm shifts that stand out because they offer some disruptive capability or opportunity. Trillium Inc was named a Cool Vendor 2017 because, as the report says, it is “pioneering new directions and potential opportunities in the security market.”

The information provided in the report is of value to all technology and service providers looking to partner with providers of innovative security solutions.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Trillium Inc is a designer and provider of custom, multilayer adaptive Cyber-systems, specialising in vehicular and transportation applications for the vehicles of today and tomorrow. Founded in 2014, Trillium is led by a team of executives and engineers from Japan, Europe and the U.S. with extensive experience in automotive, cyber security, embedded systems and IoT.

Trillium’s products and services deploy a software-based suite of cybersecurity tools to protect automobiles and IoT connected devices from cyber-attack, around the globe. Trillium is backed by lead investor Global Brain, a Tokyo-based venture capitalist. To learn more, please visit

For questions and to arrange executive interviews, contact

Cars and the People: Government Urges for Automotive Cybersecurity Policies to Address Hacking

The car of today processes a staggering amount of information every day. Nearby pedestrians, wind speeds, outside temperature, the list goes on. In addition to these environmental variables, however, modern cars also have access to a host personal data – that of its passengers.

From the time of connecting our phones to our cars via Bluetooth to play our favorite music, our cars have had a connection to those devices that hold so much information about our lives. The extent to which our cars consider our tastes has gone even further than music, however. As connectivity in vehicles increases, so does the access that they have to the details of our personal lives. The convenience of having this data available to one’s car is undeniable, such as making purchases with stored Credit Card data on the go or mapping the route to one’s friends’ houses; the benefits of connectivity are clear, but in the wrong hands this data can be a dangerous weapon.

A direct result of this possibility is the increase in discussion concerning the liabilities of protecting customer from connected car risks. Automotive OEM and Tier 1 suppliers, as well as legislation bodies have had to consider this reality for the future, as the amount of data cars will be privy to is expected only to increase over time.

According to a post by David McCabe of Axios, legislators from both sides of the United States’ political spectrum have expressed concern for this issue, featuring quotes coming from both Democratic Massachusetts senator Ed Markey and Republican Oklahoma senator James Inhofe regarding the future of cyber-security in cars. In order to effectively develop regulations ensuring the security of private information, legislators will need to consult bodies such as the SAE (Society for Automotive Engineers) and companies working on the frontier of automotive cyber security like Trillium. Considering the scale of damage that could be caused by hackers if left unchecked, no time should be lost in the preparation of a preemptive defense strategy.

The Cost of Complexity

Four thousand gigabytes. To even the average person, those numbers represent an enormous amount of data, more than most people can even think of using up in over a year. Most commercially sold computers often come with no more than 400 GB of storage, and in many cases that much is enough to last the device’s lifetime.

What then, can be said of a device that consumes 4,000 GB of data -per day, every day?

The device in question is the car of tomorrow. In the January 2017 issue of the SAE’s (Society of Automotive Engineers) magazine, predicted figures for the amount of data an autonomous car would have to process were given, with features such as the cameras, sonar, and lidar components of an autonomous car processing up to 70MB per second.

The processing of this staggering amount of data is no easy feat, and no doubt the autonomous vehicles of tomorrow will dwarf the cars of today in complexity. That being said, according to Nicole Perlroth of the New York Times “Today, an average car has more than 100 million lines of code. Automakers predict it won’t be long before they have 200 million.” Truly, the car of today is closer to a super-computer than the mechanical transportation device it originally began as.

The future of self-driving cars brings with it a whole array of benefits, but the devil is in the details – or in this case in the sea of code giving these cars their remarkable abilities. Immediately following the prior quote, Nicole says “…on average, there are 15 to 50 defects per 1,000 lines of software code, the potentially exploitable weaknesses add up quickly.” The message here is clear – the cars of today, and more so the future, are full of vulnerabilities. With the sheer number of lines of code present in their systems, the possibility of producing error-free automotive software is nigh mathematically impossible.

The typical target in vehicular cyber-attacks is therefore the code rich infotainment unit. To run the computing heavy multimedia and mapping applications handles by the module, fully fledged software is required, which due to its complex nature is prone to code bugs and defects.

A compromised infotainment unit is only the entry port. Due to the interconnected nature of vehicles, once hackers gain control of one edge node the entire network can be lost. Giving hackers easy control of all vehicular functions – including steering, breaking and acceleration.

The fact of the matter is, neglecting cyber security in vehicles is no longer an option. With every sensor in a car a potential attack surface, and the number of sensors on the average vehicle only expected to increase, more care needs to be put into ensuring their integrity. A single-faceted defense falls short too, with the unfortunate reality of cyber security being that there is no panacea, no one-trick-beats all solution to stopping cyber-attacks. Without a multifaceted, multi-layer cyber security approach the cars of tomorrow are doomed to devolve into unmistakable targets for malicious hackers, putting the lives, information, and privacy of riders at stake.

The Invisible Battle: Understanding the Differences Between Traditional and Cyber Defense

To the average company’s Chief Information Security Officer (CISO) , the importance of strong cyber security is a given. Due to its physically invisible nature however, it is often difficult for those not directly involved with the development and/or maintenance of a cyber defense system to properly comprehend its significance.

In addition to its invisible nature, the way cyber-attacks are conducted adds confusion for those not knowledgeable in the subject. As Alex Blau of the Harvard Business Review puts it: “The problem with these mental models is that they treat cybersecurity as a finite problem that can be solved, rather than as the ongoing process that it is. No matter how fortified a firm may be, hackers, much like water, will find the cracks in the wall. That’s why cybersecurity efforts have to focus on risk management, not risk mitigation.”

The fundamental difference being highlighted here, is that cyber defense is a process that must be constantly monitored, constantly kept up to date with updates to ward of the latest threats, as they appear. It is not enough to simply enact countermeasures and leave them in a static state –  assuming they will always suffice to keep your data safe.

This important distinction is one of the driving motivations behind the design and architecture of  SecureOTA, the over the air updates piece of our SecureIoT suite. In an environment where new, undocumented cyber-attacks can occur at any time, the need for a fast-responding, always up-to-date security system cannot be neglected.

This critical functionality has been shown to have lasting benefits in the cyber security realm, as was seen at the time of a Tesla model S exploit back in 2015. According to Wired, while Fiat Chrysler was forced to recall 1.4 million cars due to a cyber exploit in the same year, Tesla was able to remedy a similar issue with little more than a software update.

A cyber security system is to a castle as updates to the system are provisions. While rather pessimistic, the reality of cyber defense is that every castle is under siege, and without the constant support updates provide, collapse is inevitable.