Text | Angie Li
Editor | Su Jianxun
36氪 was informed that the smart car security company “Callisto” recently received tens of millions of yuan in seed round financing exclusively invested by Sequoia China Seed Fund. This round of financing is mainly used for the research and development and application of smart car safety products.
Founded in early 2022, Callisto is a technology company dedicated to smart car safety. Based on artificial intelligence, big data and other technologies as a whole, it provides automotive safety solutions for global smart cars and smart driving companies.
Its founder, Yunpeng, was the chairman of Baidu Technical Security Committee and the chief security architect of Baidu Apollo. During his tenure, Yunpeng was responsible for building Baidu’s unmanned vehicle information security system architecture, which has also become part of the Apollo open source platform. Most of the team members are security geeks, most of the core members are from Baidu, and there are also industry experts and consultants from well-known car companies, Tier 1 and security companies.
It is understood that Callisto focuses on new attacks on cars through multi-dimensional analysis. The first car security product called S3 VSOC is used to help car companies quickly build a security operation center and provide non-invasive methods for vehicles. Provides customized analysis, detection, prediction and incident response services.
Yunpeng told 36 Krypton that the current smart car has more than 100 million lines of code and has rich intelligent networking functions. The security vulnerabilities of the vehicle are not limited to the car software and hardware itself, but are hidden in a wider range of intelligent functions. It is often difficult for car companies to find out whether the vehicle has been hacked, so more professional security companies are needed to analyze whether the vehicle has been attacked and how likely it is to be attacked in the future.
Traditional security solutions tend to install products similar to anti-virus software on hardware, but this approach is difficult to deal with the characteristics of vehicles moving at any time and high risks in the cloud. “For example, a hacker opens the car door through the cloud. Such an intrusion method is difficult to find and cannot be solved by traditional car-end security.” Yunpeng said.
In this regard, the idea of Callisto is to use artificial intelligence, big data and other technologies to analyze and compare the data of the smart car and the cloud to investigate whether the vehicle has been hacked.
“The core is to use artificial intelligence technology to analyze the abnormal behavior of cars based on data-driven. The more data, the more algorithm models, and the higher the recognition accuracy.” Yunpeng is more willing to regard Callisto as an AI company.
However, although automotive security is 80% or even 90% similar to IT security, there are still 10% differences, which requires the team to have a sufficient understanding of the automotive industry, including the body network architecture, the relationship between domains, As well as the potential vulnerability attack methods in the driving of the vehicle. “Security is a combination of offense and defense, and defense is driven by attacks. A good security company must have offensive and defensive capabilities.” Yunpeng said.
Based on the analysis of threats to ICVs, Callisto has collected years of cases of security researchers and hackers attacking vehicles, forming six types of vehicle security attack scenarios, including Bluetooth digital keys, remote control, smart cockpit, OTA Upgrade and other scenarios, polished more than 200 security categories.
These functions can be seen on the S3 VSOC, the smart car security solution launched by Callisto. According to Yunpeng, the S3 VSOC has two major characteristics: non-intrusive and thousands of vehicles.
First of all, S3 VSOC does not need to download any software applications on the car end, but seamlessly integrates with existing car data sources, and can provide car security services by connecting to the private cloud of car companies;
Secondly, S3 VSOC can model the threat types of different models, and car manufacturers can customize the car threat model according to their own car networking functions to achieve a “thousand-vehicle” car security model.
After using the S3 VSOC, Callisto can provide real-time vehicle network security monitoring reports, new network attack reports and effectiveness analysis reports for existing mitigation measures, and mitigation measures response procedures for new attacks.
In addition, Callisto has established a threat intelligence system for automobiles, including the vulnerability library of the automobile supply chain, real-time intelligence tracking of depots and suppliers, and industry security events, etc., to help depots and Tier1 build an automobile security defense network.
At present, Callisto has become one of HUAWEI CLOUD’s partners, and is in the process of product docking with a number of car companies. In the next step, Callisto will also open up more cloud manufacturers and reach more car companies.
media coverage
36Kr ‘s new budding entrepreneurial state in the investment world
This article is reprinted from: https://readhub.cn/topic/8hhWLun2vSp
This site is for inclusion only, and the copyright belongs to the original author.