Accelerating Automotive Security: Argus is Working to Protect Connected Vehicles and Fleets Against Cyber Attacks

TL; DR: Argus, headquartered in Tel Aviv, Israel, is a global pioneer in cybersecurity for connected cars and commercial vehicles. The cutting-edge company uses its proven solution sets and decades of experience to help car manufacturers, Tier 1 suppliers, fleet operators, and aftermarket connectivity providers thrive in the age of smart, connected vehicles. Through a forward-thinking, holistic approach to preventing, identifying, and mitigating threats, and an advanced understanding of automotive best practices, Argus strives to remain ahead of the curve in automotive cybersecurity.

From the perspective of an automaker, vehicle safety has long been centered on features like airbags, antilock brakes, traction control, tire-pressure monitors, lane-keeping assist, and adaptive cruise control.

Now, autonomous, internet-connected vehicles are moving from the fantasy world to streets and roads across the globe. In this new era, manufacturers are being forced to buckle up, navigating unprecedented changes in the meaning of automotive safety.

While the advent of smart vehicles increases road safety by reducing human error (think massive decreases in vehicle fatalities, drunk driving accidents, distracted driving, and traffic jams), internet connectivity also opens the door to dangerous cyberattacks.

Fortunately, researchers and computer scientists at Argus are very much ahead of the game in connected automobile security, where they’ve concentrated their efforts since 2013.

“We’re helping protect motorists from what could be financially motivated, such as cyber ransom, or worse — compromising the brakes or the accelerator while someone is driving,” said Monique Lance, Director of Marketing at Argus. “Still, we’re not reinventing the wheel. We’re using the best of IT and our wealth of intellectual property and automotive cybersecurity patents, and adapting existing solutions to the automotive domain.”

She said the secret to applying multilayered, end-to-end cybersecurity technology to the automotive world is to ensure low resource demands in terms of CPU and memory while enabling real-time security functionality.

“The fun part is, we’re very much ahead of the curve,” Monique told us. “Generally, cybersecurity teams must work in a reactive mode where attackers have already exploited vulnerabilities. But we’re putting these security solutions into vehicles before criminal attacks become widespread.”

When Monique says Argus is ahead of the times in automotive cybersecurity, she’s not exaggerating. The company was founded by three members of Israeli Military Unit 8200, the largest intelligence unit in the Israel Defense Forces.

“It’s one of the reasons that Israel has become a great center of cybersecurity companies and solutions,” Monique said. “They’re trained to defend one of the most targeted networks in one of the most targeted countries in the world.”

After graduating from Intelligence Unit 8200 and going their separate ways, the trio reunited to begin a startup in the cybersecurity sector.

“The very first initial reports were coming out about vulnerabilities in connected vehicles, and they wanted to use their unique expertise to do something that the average Harvard graduate couldn’t,” Monique said. “They also wanted their knowledge and their skillset to make a positive impact.”

The team approached Zohar Zisapel, a successful tech entrepreneur often referred to as the Bill Gates of Israel, who took great interest in the concept and joined forces as co-founder.

“Argus’ first responsible disclosure related to a vulnerability that we found in a third-party dongle provided by insurance companies,” Monique said. “The dongle enabled the insurance company to track the driving behavior of motorists in order to provide them with discounted premiums. The fact that they had a fleet of vehicles on the road connecting to one server meant that that whole fleet would be vulnerable to the attack with this flaw that they found.”

The discovery, in combination with Israel’s notoriously fertile startup environment, helped Argus generate some initial buzz.

In 2015, Argus joined a roadshow organized by the Israeli Export Institute, a governmental agency that works to facilitate trade opportunities and partnerships between Israeli and international businesses. During the roadshow, Argus caught the attention of one of the largest automotive suppliers in the world.

That company invested in Argus and invited its team members to demonstrate their product at the renowned Consumer Electronics Show (CES).

“We built this great demo that sat in the middle of their exhibition, and we got a lot of attention,” Monique said. “Even before the roadshow, we received funding from two Israeli venture capitalists. It’s interesting, though, when we approached the initial rounds, a lot of companies or financial institutions said that we were too forward-thinking.”

Fortunately for Argus (not to mention motorists worldwide), that mindset changed quickly.

“We raised about $4 million in Round A funding and then, approximately six months later, we opened up Round B, we got $26 million,” Monique said. “In that short time period, everyone understood very quickly that automotive cybersecurity was an important topic worth investing in.”

Still, Monique said it wasn’t until later — after the team demonstrated cyber security risks — that the automotive industry as a whole committed to formulating mitigation strategies.

“We were thought leaders, we were educating the market, and we were also the first company to come out with an end-to-end holistic approach to automotive cybersecurity,” she said. “We offered the solutions that would not only sit inside the vehicle but also on the cloud. We were able to provide customers with an end-to-end strategy and actually go about implementing it.”

Since then, growth at Argus has been staggering. Monique joined the team in 2016 as the 28th employee. Today, Argus staffs more than 200 people, including those working at its headquarters in Tel Aviv, Israel, and at offices in the automotive hubs of Michigan, Stuttgart, Tokyo, and Korea.

The software provided by Argus ensures comprehensive security coverage.

The most vulnerable electronic control units (ECUs) to attack include the telematics units, infotainment centers, and advanced driver-assistance systems (ADAS), that interface with the outside world.

These units run on operating systems such as Linux, QNX, Android, and Adaptive AUTOSAR. Argus offers a range of cyber security technologies that enable automakers to prevent, understand, and respond to attacks targeting virtually any component or network in the vehicle.

“We also can sit in the cloud and watch if any connected services have been compromised,” Monique said. “Identifying compromises there also helps the connected services stay secure. Everything we do comes from an automotive perspective with all that potent intelligence we’ve gathered over the years.”

The company also helps manufacturers comply with vehicle-related cybersecurity regulations, such as the UNECE WP29 automotive cybersecurity regulation.

“The regulation mandates the 54 member countries to actually introduce cybersecurity into their connected cars,” Monique said. “To get vehicle-type approval, meaning they can be put on the road, they have to show that they have taken adequate precautions and have the mechanisms in place to be able to prevent, detect, and respond to cyberattacks.”

Monique told us the developers at Argus are excited to see their hard work come into fruition as their technology protects an increasing number of connected vehicles on the road later this year and into the future.