Israel is becoming a major center for connected car research. Fueled by government-backed military research, test labs established by automakers and numerous connected car startups, the country has attracted top talent from around the world and provided innovative technologies in automotive cybersecurity.

The History of Connected Car Research in Israel

General Motors was one of the first major car manufacturers to come to Israel. Since then, almost every manufacturer has built its own testing facility there. But there are plenty of others who have come to the startup nation.

Delphi, the automotive parts supplier, has invested heavily in Israeli connected car startups, such as Otonomo, an automotive data services company; Innoviz, a laser sensor vendor for self-driving cars; and Valens, a chip-maker. Similarly, Porsche invested an eight-figure sum in the Israeli venture capitalist funds of Magma and Grove, which are funding numerous connected car startups. Earlier this year, Honda and Volvo established an $8 million startup accelerator called DRIVE in Tel Aviv to further connected car work. And then there is Uber’s $680 million acquisition of Israeli autonomous trucking startup Otto last summer. All of this investment aims to make connected cars operate more securely.

“What makes cars so vulnerable to attack is that they are such complex systems,” said Yaron Wolfsthal, head of the IBM research center in Beer Sheva, Israel, according to Reuters.

This past October, Wolfsthal spoke at the Cyber Security Workshop for Future Smart Mobility conference in Beer Sheva, where he and other experts discussed connected car development, including vulnerable sensors, insufficient testing, integration of different networks and other security issues. According to Tal Oron-Gilad, a professor at Ben-Gurion University (BGU) of human factors engineering, who also spoke at the conference, part of the problem relates to understanding what kind of cyber situational awareness drivers should have, if any.

A Nexus of Cybersecurity Research

During the conference, a partnership between BGU, Cymotive Technologies, Harman/Samsung, Deutsche Telekom Innovation Laboratories and venture capital firm Jerusalem Venture Partners (JVP) announced that it was building the world’s first automotive cyber test track in Beer Sheva. Other test tracks have been built around the world, but this is the first one designed specifically for cyber purposes. The track will be used to test smart mobility technologies and develop international standards, along with implementations from various automakers from around the world. The track builds on a nexus of cybersecurity research that has arisen in the Israeli desert, about an hour south of Tel Aviv.

Israel has invested significant funds in automotive research, according to Will Simon, the president of the U.S.-Israel Transportation Innovation Center. “The connected car has become the poster child for IoT insecurity and is motivating a lot of research,” he said at the conference. “Israel wants to move away from fossil fuels, and there are now hundreds of mobility companies based there,” including EcoMotion, Guardknox and the country’s first venture capitalist fund dedicated to connected cars, Maniv. “It is more an exception of who in the connected car space isn’t working in Israel these days,” Simon said.

Bridging Innovation and Security

A recent study by Black Duck Software noted that, because smart automobile manufacturers have been “focusing their attention on differentiating features, the disparity between innovation and security is growing at an accelerated speed.” With so much investment in connected car research and development, Israel is leading the way in the effort to make the roads safer for smart car operators around the world.

Learn how IBM X-Force Red helps protect connected cars

More from Application Security

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other malware strains, such as Ursnif (Snifula) and Vawtrak/Neverquest. Now, in a recent campaign, Gozi has set its sights on banks, financial services and cryptocurrency platforms,…

Vulnerability management, its impact and threat modeling methodologies

7 min read - Vulnerability management is a security practice designed to avoid events that could potentially harm an organization. It is a regular ongoing process that identifies, assesses, and manages vulnerabilities across all the components of an IT ecosystem. Cybersecurity is one of the major priorities many organizations struggle to stay on top of. There is a huge increase in the number of cyberattacks carried out by cybercriminals to steal valuable information from businesses. Hence to encounter these attacks, organizations are now focusing…

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…