Security vendor Trend Micro is looking to provide cyber security services to electric vehicle and other connected car makers, through newly-founded subsidiary VicOne.
VicOne is a response to threat scenarios for connected car ecosystems, and the Trend Micro subsidiary aims to mitigate attacks on supply chains and over-the-air updates that could compromise vehicle software, leak sensitive data and jeopardise driver safety.
New regulation by the United Nations permanent working party 29 requires EV and other car makers to mitigate growing threat scenarios to connected vehicles, under the UN R155 directive.
Cars are increasingly using sophisticated in-vehicle infotainment and driver assistance systems that are electronically controlled, and which researchers like Charlie Miller have shown are vulnerable to security breaches.
In 2015, Miller and colleague Chris Valasek famously demonstrated how they successfully hacked a Jeep Cherokee through a vulnerability in the car's Uconnect IVI.
The security researchers were able to remotely turn on the air conditioning at full blast, ditto the car radio, windshield wipers and eventually switched off the vehicle's engine on the motorway.
Fiat Chrysler was forced to recall 1.4 million Jeep Cherokees to patch the vulnerability Miller and Valasek demonstrated.
Security issues in connected cars continue to appear however.
In 2018, security vendor TenCent performed security audits on BMW cars, and discovered 14 vulnerabilities in total.
Six of the vulnerabilites were remotely exploitable [pdf] with one that could be attacked via the Bluetooth wireless data protocol.
Microsoft has partnered with VicOne to provide cloud computing and artificial intelligence capabilites through Azure IoT, to enable end-to-end security services for vehicle telematics.
The VicOne security operations centre (SOC) will integrate with Azure IOT servies to collect vehicle telematics data, and to analyse security threats and breaches, Trend Micro said.
