Who the Players Are in Automotive Cybersecurity

Article By : Egil Juliussen

The list of participants grows, as does the need for greater investment.

This is the second in a series on automotive cybersecurity columns providing perspectives on key cybersecurity developers. This post also includes some perspectives on OEM and Tier 1 activities, albeit limited, as manufacturers release little data on their cybersecurity efforts.

My first column covered cybersecurity threat information, cybersecurity regulation and specific information on WP.29.

The table below includes a summary of the previous column’s cybersecurity coverage in blue plus the table of contents for this post.

(Click on image to enlarge.)

Cybersecurity technology overview

Multiple cybersecurity products are needed to protect connected cars. There are essentially three product segments: cybersecurity hardware, embedded cybersecurity software and cloud cybersecurity software. They are summarized below.

  • Cybersecurity hardware includes a variety of products. Many of the MCUs used in electronic control units (ECUs) have built-in hardware to simplify and accelerate cybersecurity software. A Secure Hardware Extension (SHE) adds on-chip hardware to any MCU. SHE is often used with cryptographic keys for better hardware performance and protection than software execution. Another example is the Trusted Platform Module, used for secure key authentication, encryption and decryption through a secure crypto processor. EVITA or E-safety Vehicle Intrusion Protected Applications, is a third example of hardware hardening for better cybersecurity. EVITA is a European Union funded project.
  • Embedded cybersecurity software is needed to protect most ECUs and especially ECUs using wired or wireless connections. In most connected cars the ECU with connectivity is called the gateway and must have strong cybersecurity. Domain ECUs have access to many other ECUs and require their own cybersecurity hardware and software. Electronic buses are quite vulnerable, especially the traditional auto buses such as CAN, and need cybersecurity protection. Ethernet has better features for deploying cybersecurity than CAN. That’s another reason for moving to Ethernet-based domain ECU architectures
  • Cloud cybersecurity platforms may be the most important, especially when protecting fleets of vehicles. Cloud cybersecurity provides real-time attack detection for vehicle fleets. The cloud platform also delivers situational awareness for a fleet’s cyber health and threats. Data collection and analysis used to identify and improve the cybersecurity cloud platform is always running. That platform is often called security operations center or SOC.

Cybersecurity software players

There are at least 20 software companies participating in the automotive cybersecurity market. Below is a short summary of seven companies. The list reveals that Israel is the automotive cybersecurity leader.

Argus Cyber Security

Founded in 2013 in Israel, Argus raised $25 million in VC funding, quickly becaming the leading automotive cybersecurity company. Argus was acquired by German auto parts manufacturer Continental in 2017 for $450 million. It is now part of Continental’s Elektrobit subsidiary. Based on information released in April 2021, Argus has 15 cybersecurity production projects from seven OEMs that will offer cybersecurity protection for 57 million connected cars in a few years.

Those products cover most important cybersecurity segments: all ECUs, in-vehicle networks, driving control ECUs and fleet protection or SOC. Argus also has OTA software updates, both client software and cloud OTA platform.

C2A Security

Another Israeli company, C2A Security was founded in 2016, so far raising $7 million in venture funding. In October 2020, C2A released a suite of cybersecurity solutions called AutoSec, positioned as an Automotive Cybersecurity Lifecycle Management Platform. AutoSec meets the new ISO/SAE 21434 standard as well as the new UNECE WP.29 regulation. C2A products include perimeter cybersecurity protection, in-vehicle network security and embedded runtime protection. C2A joined AUTOSAR as a development partner in April 2020.


GuardKnox is another Israeli cyber-security startup providing cybersecurity services for connected and autonomous vehicles. GuardKnox was founded in 2016 and has raised $24 million in VC funding. Faurecia, a European Tier 1 supplier, is an investor, as is SAIC, China’s largest OEM. GuardKnox has subsidiary locations in Stuttgart, Germany and Detroit.

GuardKnox emphasizes cybersecurity solutions through Tier 1 suppliers and the supply chain. It is currently working with four Tier 1 suppliers in Europe and China along with several OEMs and aftermarket suppliers.

GuardKnox’s approach to automotive cybersecurity is based on experience in the aviation industry and solutions based on a patented service-oriented architecture. GuardKnox is also using its “lockdown” technology to protect communication among ECUs against cyberattacks. This is achieved by enforcing a formally verified and deterministic configuration of communication among the various vehicle networks using a three-layered approach.

Karamba Security

Yet another Israeli company, Karamba Security was founded in 2015 and has attracted more than $20 million in venture funding. Karamba has offices in Munich and the Detroit area. Karamba provides embedded cybersecurity software for a variety of connected devices, including automotive ECUs, IoT devices, Industry 4.0 controllers, enterprise edge devices and others. Karamba has over 20 OEM and Tier 1 customers.

Its approach for protecting ECUs, called Carwall, provides hardening by generating an ECU-specific code based on factory settings. This ECU code is continuously compared with the original OEM settings. If ECU settings are illegally changed, the Karamba software can shut down external attacks. Carwall provides a custom solution for ECUs and is an efficient method for detecting security threats. Carwall is also MCU- and OS-agnostic, supporting Linux, QNX and AUTOSAR.

A similar product, called XGuard, is used for other connected devices. Also OS- and MPU-agnostic, it currently supports seven MPU architectures and 12 operating systems. Karamba is a market leader in providing cybersecurity for IoT devices. By the end of 2020, Karamba had agreements to protect 12 million IoT devices.

Regulus Cyber

Founded in 2016, Regulus Cyber is another Israeli cybersecurity startup Investors have poured more than $10 million into the company. Regulus was first to offer sensor security solutions for ADAS and autonomous vehicles. It is concentrating on protecting data from three key sensors—GPS, radar and lidar.

Regulus addresses GNSS vulnerabilities by offering a software-only protection, including an “anti-virus” for Global Navigation Satellite Systems. The software provides location and time integrity under a wide range of attack surfaces—akin to a GPS Firewall.

The Regulus Pyramid GNSS protects against spoofing or unauthorized signals posing as legitimate GPS signals and jamming or attacks that disable the sensors’ ability to receive input signals. Pyramid GNSS can also defend car GPS receiver against spoofing.

Harman became a customer of Regulus in April 2020 and will use the technology in the Harman Shield, its cybersecurity product.

SafeRide Technologies

SafeRide Technologies was founded in 2016. The Israel-based company added an office in Bochum, Germany, in September 2020. SafeRide joined AUTOSAR as a development partner in July 2020.

SafeRide’s vSentry cybersecurity platform includes both embedded client software and cloud services with security operations center. It is a multilayer cybersecurity platform for connected and autonomous vehicles. VSentry Core is a cybersecurity software suite for connected ECUs. It is designed for Linux-based ECUs such as infotainment, telematics and connected gateways. The Edge AI version of vSentry is an Intrusion Detection and Prevention Software for central and zonal gateway modules, including IDPS for automotive Ethernet. The AI version is a cloud-based solution for fleet cybersecurity.

SafeRide also offers an AI-based Vehicle Health Management platform for OEMs, Tier 1 suppliers, telematics vendors and fleets called vInsight.

Upstream Security

Upstream Security was founded in 2017 in—you guessed it—Israel. It has received $77 million in venture funding, including $36 million in May 2021 with Mitsui Sumitomo Insurance (MSI) as lead investor. MSI’s strategic investment could disrupt the telematics insurance industry. Five auto OEMs are also investors in Upstream—Renault, Nissan, Mitsubishi, Volvo Group and Hyundai.

Upstream offers a cloud-based cybersecurity and data analytics platform aimed at connected vehicles and mobility services. Upstream’s C4 platform combines machine learning, data normalization and digital twin technologies to detect anomalies in real-time using existing automotive data feeds.

Upstream is the leader in centralized SaaS-based cybersecurity and SOCs. Upstream does not provide in-vehicle cybersecurity software or hardware. Instead, it focuses on security services for connected vehicles with built-in cybersecurity as part of the vehicles’ connected systems. Such connected vehicles still require cyber-security protection, a segment Upstream addresses. In early 2020, Upstream monitored more than 2 million vehicles, which is likely to double by the end of 2021. It has five known OEMs and at least half a dozen unnamed OEM customers in Asia, Europe and North America. It also serves connected fleets such as in the rental car and trucking industries.

When Upstream became an AWS Technology Partner in June 2020, its software-based cybersecurity product could be used by Automotive AWS customers. Upstream is also a member of the Microsoft Intelligent Security Association, including integration between the Upstream C4 platform and Microsoft Azure Sentinel cybersecurity tracking service. Upstream is also a partner with AUTO-ISAC to enhance automotive threat landscape visibility.

Suppliers and cybersecurity

Tier-1 suppliers are growing their cybersecurity activities because their OEM customers require better capabilities for the software-defined car. The three Tier-1 suppliers summarized below have already acquired cybersecurity startups. More acquisitions are likely.

There are other important automotive cybersecurity players: BlackBerry/QNX is worth mentioning since it covers cybersecurity in the QNX operating system and has additional BlackBerry cybersecurity services such as Jarvis.

Chip suppliers provide hardware-based security on their MCUs. Hence, NXP is an example of growing chip cybersecurity capabilities.


Bosch acquired Escrypt through its ETAS subsidiary in 2012. Escrypt is among the leaders in automotive cybersecurity. Escrypt also provides cybersecurity products and services in other industries. It lists multiple chip suppliers as partners, including Infineon, Microsemi, Renesas and ST Micro. Harman is also listed as a business partner. Escrypt offers cybersecurity for ECUs, V2X, embedded intrusion detection, automotive firewall and other products and services


Continental is the leading automotive cybersecurity supplier through its ownership of Argus, discussed above.


Harman has become a leader in cybersecurity and OTA via acquisition of three key companies: TowerSec, Red Bend and Symphony Teleca. In March 2016, Harman acquired TowerSec, a three-year-old Israeli automotive cybersecurity company for around $70 million. TowerSec specializes in network protection for connected vehicles with a focus on connected ECUs and the telematics ECU. The ToweeSec ECU Shield and TCU Shield product names were changed to Harman Shield. Harman also added SOC functionality to the Harman Ignite cloud platform.

Chip Suppliers

The chip industry is increasing its role in automotive cybersecurity by adding on-chip advances to speed up and increase cyber protection capabilities. This happens as part of the MCU architecture with Arm playing an important role since the chip IP vendor is by far the leading MCU supplier to the auto industry.

Individual MCU suppliers can also add more cybersecurity-friendly features, which is now on a growth path. There is no question that they can and should do more to advance automotive cybersecurity.

NXP is the leading automotive supplier, and has multiple cybersecurity solutions. A good example is the NXP S32G2 processor announced in May. It is a versatile network processor with an ecosystem that includes many cybersecurity capabilities. In the S32G2 partner ecosystem, three cybersecurity software companies are included: Argus, GuardKnox and SafeRide. According to the S32G2 block diagram, the hardware security engine includes the following capabilities: asymmetric and symmetric accelerators, secure memory and random number generators. This may not sound like much, but they are very useful for implementing and speeding cybersecurity software.

Other automotive chip suppliers have also increased their cybersecurity MCU features; more is expected to keep up with NXP’s cybersecurity ecosystem.

OEMs and cybersecurity

Most OEMs lag behind in deploying cybersecurity, but they are on track to deploy many more cybersecurity capabilities. The WP.29 regulation forced the OEMs to get serious about cybersecurity, and OTA and those two technologies are on similar growth paths.

There is little public information on how far individual OEMs have come in deploying cybersecurity. Part of the secrecy is warranted to keep useful information away from hackers. Here are some perspectives of what to expect.

  • The WP.29 regulation as described in the previous column is a major factor in deploying both cybersecurity and OTA. Deployment generally starts in 2022 and will be required in 2024 in Europe and other regions.
  • The OEMs that are farthest along in telematics deployment are also leaders in cybersecurity. GM’s OnStar was the telematics pioneer and I consider GM to be the leader in cybersecurity deployment. Other telematics leaders such as BMW, Mercedes-Benz and Chrysler are also among cybersecurity leaders. The Japanese and South Korean OEMs have lagged in telematics deployment but are in catch-up path.
  • The OEMs’ system architecture changes to Ethernet and domain ECUs will provide advantages for implementing cybersecurity. Still, they may add complexity and increased need for scarce expertise. OEMs with early switch-over to the Ethernet architecture will have an advantage in cybersecurity deployment.
  • Automotive cybersecurity expertise is an especially scarce resource—both for deploying systems as well as for finding and correcting cybersecurity weaknesses in existing software code. Finding a good cybersecurity partner while developing in-house cybersecurity expertise will be very important for OEMs. Hence, future acquisitions of cybersecurity startups will happen.

OEMs have a steep and difficult path to travel in the next 5+ years to deploy cybersecurity solutions to all their new models and provide some cybersecurity capabilities to its existing connected car customers.

Market potential

Cybersecurity market growth is substantial, but starting from a relatively small base. The latest version of the IHS Markit’s annual cybersecurity market research report was released in March 2021. (I was the lead author a few years ago.)

The global market for cybersecurity software clients is forecast to grow from $50 million in 2020 to $600 million in 2026, or a compound annual growth rate (CAGR) of 51 percent. The market for cybersecurity cloud services is projected to increase from $80 million in 2020 to $1.5 billion in 2026, a 63 percent CAGR. Total global cybersecurity revenue is expected to jump from $130 million in 2020 to $2.1 billion in 2026, a CAGR of 60 percent.

Cybersecurity is a tough problem for the auto industry—now and in the future. Cybersecurity regulation and standards for the auto industry are here and will require an extensive effort by OEMs and suppliers in the next decade.

Cybersecurity has some unique characteristics. First of all, successful companies will invest a lot in hardware, software and operational capabilities to avoid large potential expenses from hacking attacks—it is essentially an insurance policy to avoid negative cyber events that could greatly harm a company’s reputation and bottom line.

Second, after companies spend heavily and nothing really bad happens, some may wonder whether they spent too much on cybersecurity. The answer is very simple: The entire automotive industry supply chain has not spent enough on cybersecurity, and it will take many years until it catches up.

Much future investment and innovation are required.

This article was originally published on EE Times.

Subscribe to Newsletter

Leave a comment