Trillium aims to shield your high-tech car against cyberattacks

Cars these days are basically computers with wheels, and as with other computers, you’ll probably want to make a few changes to protect against cyberthreats. Trillium, presenting today on Disrupt Berlin’s Startup Battlefield stage, is looking to be the security solution for in-car computer systems, adding extra encryption, intrusion detection and other firewall-like features.

We’ve already seen demonstrations of cars being hacked while on the road; the danger may be largely theoretical today, but it could make the jump to practical tomorrow.

“Hacked cars pose a far greater danger than hacked desktop consumers,” Trillium’s Adrian Sossna told me. “The possible damage that a rogue hacked car can make is vast. It’s already happening, and I am concerned that we will see large hacks in the next 12 months.”

It behooves auto manufacturers to inoculate against it, considering how hard they’re pushing connectivity as a marquee feature. Trillium aims to be a one-stop shop for that protection.

[gallery ids="1574150,1574153,1574155,1574151,1574154,1574175,1574156,1573916,1574157,1574158,1574174,1574173,1574171"]

Trillium’s software lives on the car’s computing hardware, doing a couple of main duties. First, it encrypts all in-car transmissions; this prevents a security soft spot like a backseat media screen or Wi-Fi hotspot from becoming a back door into more critical systems. And second, it watches over the car’s networks for unusual activity that could indicate an intrusion attempt. The software updates itself.

To be clear, this isn’t something you’ll plug in and install on your 2014 Accord. You can’t actually fiddle with your car’s internals to that extent — it would be a serious safety hazard if anyone could tweak their car’s engine control unit at will. Instead, it would be built into cars at the model level based on the needs of certain markets.

“Trillium’s solution is built to be embedded into the car when it rolls out of the factory,” explained Sossna. “Our future end-customer is a fleet owner that needs to protect its employees, cargo and society at large from car hacks.”

So imagine you’re a cab company and you’re going to lease 20 new Priuses (Prii?) to add to your fleet. Looking at the models available, you see some have bigger wheels, some have leather trim, and so on — and some will have Trillium built in. Considering a bad hack could do irreparable damage to your business, you’ll probably want that last option. And eventually, Trillium’s founders theorize, insurance could require this sort of thing, at which point it ceases being an option and becomes a standard safety feature.

The pricing model is simple: $10 per car per month (not per day, as I had written here earlier), paid by fleet owners, not drivers or manufacturers — think ambulance and limo companies, metro authorities, and so on. That way it’s a continuing service that justifies itself with frequent updates.

Of course, car manufacturers and in-car systems makers are already working on security measures, but Trillium plans to improve on those capabilities — while also working as a turnkey solution that can easily be adapted to nearly any model. Currently the company is working on its final product with OEM, insurance, and Tier 1 supplier partners in Japan.

Trillium claims to be hardware, OS, and cypher agnostic, so it can easily be adapted for a new model or deployed across multiple vehicle classes that might not share their network components. It works because their software acts more as a transport layer, not digging deep into the applications and data themselves but just moderating their communications.

Cybersecurity in the automotive world is almost certain to become a major market, but it remains to be seen if there’s room for an ambitious startup solution like Trillium’s.