INTERVIEW WITH ARILOU, SHORTLISTED FOR THE CYBER SECURITY PRODUCT/ SERVICE OF THE YEAR
Thanks to Ziv Levi for taking the time to talk with us.
MEET THE SHORTLIST - ARILOU
Ziv Levi, CEO, Arilou
Ziv is a seasoned cybersecurity expert with over a decade of experience in the field.
He is a graduate in Computer Science, as well as a trained ethical hacker.
He spent 6 years in the Israeli Military Forces in a technological cyber security unit. During these years, he took part in various R&D projects in the cybersecurity field, provided consultation and conducted penetration testing. He then fulfilled the role of Security Expert at Razel Group.
With all the valuable experience gained, in 2012 he founded Arilou Cyber Security, a start-up focusing on automotive cybersecurity. As of 2015, he is the CEO of the Israeli-based company, that was acquired by global automotive navigation developer NNG in 2016.
Ziv was ranked in the Top 40 under 40 promising and influential managers of Israel 2015 by Globes Business Magazine.
Ethernet - Ethernet is emerging as the future in-vehicle network of the car, and as such it needs to be secured. As the pioneer of automotive cyber security, Arilou developed an automotive Ethernet IDS which complies with present and future needs of the industry.
This solution will become a crucial part of the future network, ensuring safety, security and regulatory compliance.
Arilou’s Ethernet IDS can be integrated in Domain controllers, Gateways, and other ECUs, monitoring the whole vehicle’s traffic and detecting attacks and anomalies in the network.
Cantication - CAN bus messages have no inherent authentication method. An intruder can easily impersonate an ECU and send rogue messages across the CAN. There is no verification of the message’s origin, authenticity or integrity by the receiving ECU.
CANtication is a solution that provides an efficient and feasible cyber-security mechanism in congested CAN networks by adding a signature to the message, thus ensuring the authenticity and integrity of the message, and preventing replay attacks. To save bandwidth, the payload is first compressed using our unique lossless unparalleled compression algorithm, and then the signature is added. Thus, in most cases, overall utilization of the signed messages is smaller than with non-compressed messages that are not signed.
This solution takes the CAN bus to a new level of security, without adding overheads to the busy network.
Israel-based Arilou, part of NNG Group, is the leading provider of pioneering end-to-end, multi-layered cyber-security solutions for the automotive industry, and the first company to introduce CAN and Ethernet in-vehicle network security.
Independently tested by OEM’s and the University of Michigan Transportation Research Institute, with outstanding results, Arilou’s software Intrusion Detection and Prevention System offers supreme detection and prevention rates with zero false alarms.
Pioneers of automatic network topology learning and configuration, and end-to-end authorization and spoofing prevention, Arilou were also awarded the Frost and Sullivan’s 2019 Best Practices Award for Technology Innovation.
As a trusted and independent partner, Arilou is partnered with OEMs, Tier-1s and suppliers such as STMicroelectronics, Alpine Electronics, Green Hills Software and others, and with its holistic approach and multi-layered solutions, Arilou is making full protection for vehicles a reality.
CAN bus messages have no inherent authentication method. An intruder can easily impersonate an ECU and send rogue messages across the CAN. There is no verification of a message’s origin, authenticity or integrity by the receiving ECU.
CANtication is a solution providing security by ensuring the authenticity and integrity of the message, preventing replay attacks. To save bandwidth, the payload is compressed prior to adding the signature.
The customer benefits of the product:
- Can use either OEM or Arilou digital signature
- Relays on Arilou compression technology with no increase in traffic
- Alternative solutions such as SecOC send an additional message for the digital signature, nearly doubling the bandwidth required
- Compatible with heterogenous buses
- where only some of the ECUs employ this mechanism
- Each frame is independently authenticated
- Real-time: No significant latency added
- Implemented as a bump
- in the stack over the CAN-bus driver
Arilou’s solution, Ethernet Security Hub is designed specifically for emerging Ethernet Networks. A virtual security hub, the ESH provides a platform from which to integrate a variety of standard and proprietary components, allowing the OEM or Tier customer to tailor the solution to their needs. This solution provides a clear decoupling between the network’s communication functionality and security services such as firmware updates, intrusion detection, deep packet inspection, encryption, and configuration management.
The customer benefits of the product:
Architecture and vendor-agnostic:
- Any network architecture or component combination is supported by the solution.
- Seamlessly integrate with any third-party security solution.
Attack detection and mitigation out-of-the-box
In-vehicle centralized security management:
- Comprehensive options address all network security concerns.
- Ensures best in class network protection regardless of existing network devices capabilities