The “catfish” effect of China’s automobile industry is driving the rapid growth of the automobile network security industry like bamboo shoots after a spring rain.
It is worth noting that at present, in the global automotive network security industry, foreign-funded enterprises row upon row, and occupy a large market share.
According to relevant industry data, the main participants in the global automotive network security market include Technologies, Cisco systems, Harman (TowerSec), Upstream Security and other companies, of which the top three companies account for about 25% of the total market share.
However, Galaxy noted that most of the above-mentioned global head automotive cyber security manufacturers are mainly focused on markets such as North America and Europe, accounting for about 70% of the global market.
Take Upstream Security as an example.
At present, the company’s global regional sales offices are mainly located in the United States, the United Kingdom, Italy, Germany, France, Sweden, Israel, Japan and Singapore.
In other words, it is precisely in the Chinese market, which is the largest and most potential in the world and the development momentum of new energy smart vehicles is booming, without the figure of global head automobile network security manufacturers.
So, who’s going to fill this gap? Who will “guard” China’s automobile network security? Genesis noticed that there is such a company in the field of automotive network security in China that can always let capital and market see the shadow of Upstream Security in it.
Chinese automakers should have their own Upstream Security, and Upstream Security is not a new face in the automotive cyber security industry.
According to public data, Upstream Security was established in 2017.
Since its establishment, the company has completed eight rounds of financing and has been recognized by a total of 18 investment institutions.
It is worth noting that throughout the financing process of Upstream Security, we can see that there are many mainframe factories and insurance companies in its management.
, for example, as early as October 2019, the company received $30 million in financing from a number of global automakers and venture capital firms, including Alliance Ventures, as previously reported.
To be clear, Alliance Ventures is an investment fund set up by French carmaker Renault, Japanese automaker Nissan and Mitsubishi.
At the time, Upstream Security said Swedish truckmaker Volvo Group, South Korea’s Hyundai Motor, Nationwide Mutual Insurance and its early investors Charles River Ventures, Glilot Capital and Maniv Mobility were all involved in the company’s current round of financing.
In August 2021, Upstream Security raised $62 million in round C financing.
This round of financing is led by Japan’s Sumitomo Mitsui Insurance Group Holdings Co., Ltd., as well as existing investors Volvo Group Venture Capital and other investors.
Yoav Levy, co-founder and CEO of Upstream Security, has said that some of the company’s historical investors are also customers.
In April, Upstream Security continued its efforts to complete the latest round of financing involving BMW.
In the second month of this round of financing, in May this year, Callisto, a domestic automobile network security manufacturer established in 2022, completed tens of millions of yuan of Pre-A round financing.
Source: Upstream Security official website, it is reported that so far, Callisto has realized the commercial landing of domestic and foreign head car enterprises and Tier 1 manufacturers, and its products and solutions radiate the whole automobile industry chain, covering many types of customers, including BMW China, Chery, Xilai, Ford and so on.
From the financing frequency of Upstream Security and Callisto and the customer coverage of the mainframe factories of the two companies, we can see that the current global automotive network security market is in the stage of rigid demand.
According to the data of the relevant industry research report, in 2022, the global automotive network security market capacity of is 14.
437 billion yuan, while that of China is 3.
234 billion yuan, accounting for 22.
4% of the global automotive network security market.
estimates that the global automotive network security market capacity will grow at a compound annual growth rate of 29.
60% during the forecast period, and will reach 22.
608 billion yuan in 2028.
Among them, the development potential of China’s automobile network security market is particularly huge.
It is reported that in 2023, the penetration rate of new cars of the global intelligent network connection function car has exceeded half, and the penetration rate of the Chinese market has reached 68.2%. Among them, the sales of intelligent network connection passenger cars (L2 level) equipped with auxiliary self-driving system are growing rapidly, and the market penetration rate reached 55.
3% in 2023.
It is estimated that by 2025, the new car penetration rate of China Intelligent Network United Automobile will reach 78.
9%, and the intelligent network connection function vehicle will occupy the dominant position in the passenger car market.
The unlimited growth potential of China’s automobile intelligence will certainly bring a broader market blue sea for the automotive network security industry.
Under this trend, the problem that Chinese automobile industry needs to re-examine is that due to the sensitivity of information and data, the network security of Chinese automobile inevitably needs to be guarded by Chinese automobile network security manufacturers, and Chinese automobile companies need their own Upstream Security.
With the emergence of the tide of automobile network security, whose “time” has come? Galaxy found that among the many domestic automobile network security manufacturers, Callisto has too many shadows of Upstream Security, and there are too many similarities between the two.
First of all, from the perspective of enterprise positioning, the two manufacturers have the same technological starting point– starting from the “cloud”.
with the development of intelligent network connected automobile, the data exchange between vehicle and cloud server is becoming more and more frequent, and involves a lot of data interaction.
cloud computing can not only provide strong computing power and storage space, and realize flexible configuration and optimization of resources through software definition technology, meets the high requirements of data processing and storage of intelligent network vehicles, can also achieve centralized management and analysis of automobile network data, and can improve the speed and efficiency of data processing to deal with data security risks.
, thus, Upstream Security provides a cloud-based network security and data analysis platform by migrating the security layer to the cloud, protecting the data center between cars, remote information processing servers and applications running on the server.
Coincidentally, Callisto also focuses on the core assets of cars and the security of automobile intelligent application scenarios, using cloud native technology and AI algorithm to build network security monitoring and abnormal insight.
At the same time, Callisto found its own “Qi” in the process of exploring the “cloud” in the intelligent car network security track.
Run the position “.
Source: Callisto, secondly, the product matrix and solution convergence of Upstream Security and Callisto.
In recent years, the vast majority of countries around the world have tried their best to promote the landing of automobile network security compliance.
Relevant statistics show that so far, more than 140 countries and regions in the world have formulated laws and regulations related to privacy and data protection.
The relevant regulations and policies continue to urge automobile cyber security manufacturers to reduce the harm of automotive cyber attacks in a variety of ways.
To this end, both Upstream Security and Callisto have released automobile network threat intelligence, and use VSOC to protect automobile network security.
Take Callisto as an example, in July this year, Callisto released the 2024 semi-annual vehicle vulnerability and threat Intelligence-Bulletin, which conducted a comprehensive study and analysis of vulnerability intelligence and security incidents in the field of smart vehicles at home and abroad in the first half of 2024.
According to the report, smart car cyber attacks accounted for the largest number of cyber attacks in the first half of this year, accounting for 54% of all security incidents.
And security events in the field of smart vehicles also have an impact on a number of key assets, including sensitive data, charging services, TSP services (remote service platform), intelligent cockpit and so on.
Image source: Callisto and Callisto have also built an automobile vulnerability intelligence platform VTI, which covers multiple levels of information, including Internet news, academic research, vulnerability database and dark network information.
It can help operational analysts solve many problems in vulnerability analysis, intelligence analysis, rule design, and use cases.
In addition, Callisto’s VSOC platform uses artificial intelligence technology to gain insight into intelligent vehicle anomalies and threats, integrate vehicle data and cloud service data, convert the data into valuable and analyzable early warning information, and combine the company’s vehicle threat intelligence to operate the S3 VSOC platform in a simplified way, continuously monitoring and discovering unknown / new threats in the entire networked vehicle ecosystem.
In order to achieve the security protection of the core assets and intelligent services of networked vehicles.
Finally, Upstream Security and Callisto have the same global partners.
Last May, Upstream Security said it had joined the Amazon Cloud Services (AWS) independent software vendor acceleration program.
The AWS ISV acceleration program will provide Upstream customers with a wide range of network security and data-driven case support.
In September of the same year, Deloitte, Amazon Cloud and Callisto jointly released a white paper on the Automotive Network Security Operations Center (VSOC).
Source: Callisto, it is reported that the S3 VSOC platform is deployed privately, using Amazon IoT FleetWise services combined with Callisto S3 VSOC Data Adapter (Automotive data Unified threat Modeling access system) to collect real-time data needed for security analysis from the vehicle side and process it with the support of Amazon EMR services.
In addition, S3 VSOC TAC (Automotive Advanced threat Analysis console) and S3 VSOC TPM (Automotive threat and attack behavior Prediction Model) are based on algorithmic models specifically targeted at automotive network attacks, and are built, trained and deployed with Amazon SageMaker to train high-quality VSOC threat detection and prediction models.
Looking for a solution to different automotive network security: after finding a suitable soil for its own growth from the “cloud” and driven by “AI”, Callisto is not obsessed with “looking for clues”, but is committed to exploration and innovation, looking for a different way to find the field of automotive network security– a path that few others have taken.
Artificial intelligence is the “right path” chosen by Callisto.
Entering the “second half” of automobile intelligence, AI has almost become an important weather vane for the intelligent development of automobile industry-AI can answer and solve everything.
He Xiaopeng once said: the technological breakthrough will obviously begin in 2025.
If all software manufacturers continue to use algorithms instead of using AI, they will fall behind, and the new AI era will dominate the new decade or more.
However, it is worth noting that the wide application of artificial intelligence in automobile has also given birth to a series of increasingly complex and serious automobile network security problems.
Yoav Levy once said: “GenAI is rapidly becoming a powerful tool in the hands of hackers, enabling them to identify and exploit vulnerabilities and launch fleet-wide attacks faster than ever before.
We found that by 2023, the proportion of network events that can affect millions of connected cars, Internet of things devices, and mobile assets will significantly double to nearly 50%.
This requires a new way of thinking for the entire automotive and smart mobile ecosystem.
” Yunpeng, founder of Callisto, once expressed the same view in an exclusive interview with Galaxy.
He believes that artificial intelligence is the best way to detect new attacks on cars.
The automobile network security problems caused by AI should also be solved by AI.
Both Callisto and Upstream Security chose to combine the large model with VSOC to help the safety operation process in massive data investigation, alarm noise filtering, security trend insight and so on, which greatly reduced the complexity and time cost of event investigation.
In March this year, Upstream Security launched Ocean AI, based on large language models (LLM) and rich data in digital twins, Ocean AI can access and analyze numerous external data sources and mobile asset data, enabling customers to ask simple conversational and natural language (NLP) questions to get answers from the vast datasets of Upstream’s M-XDR analytics.
A year earlier than Upstream Security, in 2023, Callisto released a large model of car safety sag, “Butterfly.
” Source: Callisto, it is reported that Callisto’s own tens of billions of scale data and hundreds of machine learning and deep learning models are precipitated into the base of the large model of “Butterfly” through pre-training and fine-tuning, making use of the code generation ability of “Butterfly”, the ability of automobile exception reasoning and the ability to identify the intention of automobile safety scene, and combined with the code developed by Callisto to generate Self Debug module and vehicle anomaly analysis constraint module.
To ensure the security and reliability of AI generation.
Through the system interface layer, the “butterfly” reasoning results are output to Callisto’s car safety systems such as New Chat, V-SOC, V-DSP, VTI and so on, and are privatized and deployed to the private language model of the car company.
Compared with ChatGPT-4, based on clear database table and field operations and natural language understanding of vehicle networking knowledge, the total number of errors in data processing tasks has been reduced by about 11%, especially in data processing tasks related to vehicle failure and safety analysis.
The proportion has dropped by 34%.
In addition, Callisto’s automotive network security threat analysis platform (S3 VSOC), built through cloud native technology, has provided security protection for more than 2.
8 million vehicles.
The platform uses artificial intelligence technology to build more than 200 anomaly detection models for vehicles, cumulatively processing more than 900 million vehicle signals a month, covering more than 3000 of vehicle signals and more than 40 vehicle service application scenarios.
In Callisto’s automotive network security products and solutions, the attribute of “cloud + AI” is always obvious.
This has a lot to do with the fact that the members of the company’s core management team have an industry background in artificial intelligence technology.
Galaxy learned that the core members of Callisto’s team come from professional manufacturers such as Baidu, 360, Shanshi Netek, Guoqi Zhaopin, and have rich experience in automotive network security research and pre-assembly production of automotive safety products.
Among them, Yunpeng, founder of Callisto, once served as chairman of Baidu Technical Security Committee and chief security architect of Baidu Apollo, and once led the construction of Baidu unmanned vehicle information security architecture.
Under the global “price war” of the whole automobile industry chain, how to reduce the cost of automobile network security manufacturers? Since Tesla took the lead in the “price war” in China’s automobile market at the end of 2022, the situation of this battle has become more and more serious.
Today, BYD has merged the two “battlefields” of fuel and new energy, showing the momentum of “one against a hundred” at low prices in the two major markets of A-class and B-class cars.
Nowadays, the smoke of this price war in the automobile industry has spread to the global automobile market and the whole automobile industry chain.
As a result, the pursuit of lower cost has become an important task in every link of the automobile supply chain.
On the other hand, the economic loss caused by the cyber attack on the car to the mainframe factory is very high.
The latest estimates show that the average cost of the data breach is 3.
4 million pounds ($4.
2 million).
Once the attack succeeds, auditing and patching weaknesses may increase costs that the mainframe factory did not initially consider.
In addition, under the General data Protection regulations (GDPR) and European cyber security regulations, a car company that is the target of a cyber attack or has experienced a data breach is likely to face financial penalties.
These mainframe factories may also have to carry out vehicle recalls or OTA updates, stop production, extort software ransom payments and vehicle theft.
It should also be mentioned that vehicle data and privacy leaks, which can damage brand reputation and customer trust, eventually lead to huge regulatory fines and reduced revenue.
With the occurrence of large-scale network security incidents, the cost is expected to increase rapidly in the future.
So, how can automobile network security manufacturers reduce costs for mainframe factories? From the perspective of technological innovation, cloud computing can reduce the cost of automotive network security by providing one-stop data flow links and reducing operation and maintenance costs, and .
For example, Upstream Security’s Ocean AI significantly reduces the complexity and remediation time of the automotive network security issues investigated.
It is reported that based on the digital twin model data, Ocean AI can identify which assets triggered the alarm within 30 days, delve into specific information such as brand, model and year, and determine what these alerts have in common.
This enables the security team to focus on the most vulnerable assets and develop strategies accordingly.
Callisto uses data standardization and clean-up technology, digital twin vehicle analysis capability, anomaly modeling and AI algorithm to identify the abnormal behavior of vehicles with unique threat intelligence capabilities, and more efficiently and comprehensively perceive the security threats that are happening in intelligent networking vehicles.
By using the end-cloud integration capability, we can reduce the security integration cost, reduce the enterprise decision-making cost, increase the reliability and ensure the security scalability.
From the economic point of view of products and solutions, Callisto has said: “We always consider the economy of new technologies when introducing new technologies.
” Through continuous cooperation and optimization with a number of mainframe factories, we are now able to greatly reduce the computing cost of V-Copilot.
Running under the condition of consumer-grade graphics card and higher memory configuration significantly reduces the running cost of the large model.
” At present, China’s automobile industry chain enterprises have joined the “sea tide” one after another.
Previously, most of the global head parts suppliers interviewed by Galaxy have expressed the same view that China’s new energy smart car industry plays an exemplary and leading role in the global automobile industry.
the products and solutions provided by most component manufacturers to China can be sampled and iterated continuously on a global scale.
As a key link in the new energy intelligent automobile industry chain, automobile network security is no exception.
In view of this, looking at the global market, automobile safety management platforms based on artificial intelligence technology, such as Upstream and Callisto, are meeting the needs of car companies, fleets and parts suppliers for vehicle safety and compliance.
, return to the first electric network home page >.