GuardKnox is the automotive industry’s first Cybertech Tier Supplier of secure, high-performance computing platforms that enable OEMs, Tier-1 suppliers, and aftermarket vendors to deliver the next generation of customized and secure, connected vehicles. All products are secure by design – providing a comprehensive secure product with cybersecurity as the foundation for additional levels of connectivity.
Designed for scalability and flexibility, the GuardKnox Platform solution adheres to the most stringent security and safety standards, including ISO 26262 and ISO 15408. It can be implemented by OEMs, Tier 1s and the aftermarket as an ECU with a full software stack or as software-only solution
The Guardknox Platform adheres to the most stringent security (ISO 15408) and safety (ISO 26262) standards.
The GuardKnox Domain Controller’s main function is to act as the network backbone, connecting, segregating, and orchestrating all cross-domain communications. The domain controller serves as a uniform hardware and software ECU platform for domain controller E/E architectures.
GuardKnox Domain Controller platform supports high-performance processing with integrated microprocessors coupled with realtime processing using micro-controllers. High-speed communication is supported using Ethernet (1G, 100Mbps including switching and routing) and realtime communication with CAN-FD, FlexRay, and LIN.
The platform is designed to host applications in order to provide extra services, additional functionality, and consolidation of otherwise external hardware. This ability for mixed such capabilities are based on the GuardKnox Service Oriented Architecture (SOA) patented technology. Lastly, the platforms support multiple safety domains (up to ASIL D) and high cybersecurity protection based on GuardKnox patented secure SOA stack and Lockdown™ security methodology.
Read more about the Domain Controller Solution!
The GuardKnox Zonal Gateway is a cost-effective hardware solution for high-performance routing on a single chip design. This high-performance routing solution also contains the GuardKnox proprietary High-Performance Communication Engine. This gateway supports all automotive communication interfaces and can implement a full communication matrix in hardware with integrated edge-processing capabilities. This implementation includes full line-rate security verification of all communication. GuardKnox has developed tools to convert CANDB and ARXML communication databases into High-Performance Communication Engine compatible databases.
In addition, the zonal gateway is able to support the full spectrum of AUTOSAR routing capabilities.
The GuardKnox Vehicle Server is a multi-domain ECU for Zonal backbone applications with heterogeneous resources (CPU, MCU, GPU, communication acceleration, and FPGA) in a highly integrated and cost-effective design. Coupled with the GuardKnox Secure SOA stack to provide both hardware and software infrastructure for safe and secure multi-domain and mixed-criticality operation (the design is engineered to be certifiable to ISO26262 up to ASIL D and upcoming ISO21434).
The Vehicle server is designed to support all automotive interfaces and is able to accommodate any number of interfaces. Due to the fact that the vehicle server is designed on families of SoCs GuardKnox is able to provide a seamless transition from low-cost mass-market solutions to super-premium solutions, all while utilizing the same hardware and software architecture as well as the same toolchain.
Additionally, the same architecture is able to be used across backbone ECUs, optimized for different application groups, while still maintaining the same development environment, uniform software deployment infrastructure (including between backbone ECUs) with smarter centralized management, and leveraging cost economy of scale. When FPGA based designs are employed, unique Hardware OTA (HOTA) capability becomes available, which enables the deployment of hardware processing resources in realtime while the vehicle is already on the road. The GuardKnox Vehicle Server is based on multiple, industry-leading SoC architecture, which are selected according to customer requirements.
The after-market add-on is a connectivity Domain Controller which serves as a gateway to external communication by wireless and wired interfaces. External connectivity allows for advanced connectivity features such as OTA updates, smartphone applications, in-vehicle entertainment, smart city services, OEM app store, etc. The platform features strong separation in both hardware and software between vehicle and external domains using the GuardKnox patented Lockdown™ architecture. Interface support includes high-speed Ethernet (currently up to 1GB with 10GB in development) and CAN-FD with external wireless communication using Bluetooth (up to 5), Wi-Fi, and Cellular (4G and support for future 5G) connectivity. There are several variants to this platform with high performance, mainstream, and cost-effective versions.
In addition, the aftermarket add-on includes GuardKnox’s patented SOA design that overcomes the complexity of today’s vehicle networks by functioning as a consolidated platform with reusable code components, standardized protocols for interoperability and scalable hardware services.
This product line is available for series production and aftermarket products. Aftermarket use cases include OEM branded connected accessories, and smart mobility solutions.
The GuardKnox secure SOA stack is a fully secure, modular, and patented software solution that is able to meet customer hardware architecture requirements (e.g. Renesas, NXP, Xilinx, etc.) and OS requirements (e.g. Linux, Android, AUTOSAR, etc.).
The SOA stack includes a board support package (BSP) with a separation kernel and a hypervisor, optimized and secure partition and kernel configuration, host OS’s management infrastructure, software deployment infrastructure including OTA, network-level service discovery, security infrastructure, and container engine support. In addition, the SOA stack includes the GuardKnox patented Lockdown™ core.
GuardKnox’s SOA patented technology creates a secure environment that enables added services and applications by hosting downloads or upgrades on the GuardKnox platform. This enables mission-critical and non-mission critical applications to run simultaneously without interference even if one application is compromised.
SOA has a secure separation (both hardware and software) between all resources, application groups, and operating systems, simplifying edge computing capabilities by providing ample processing resources with maximal flexibility both in interface support and provision for future software extensions/additional service being added – enabling additional connectivity & customization through access control and service level partitioning.
GuardKnox’s technological capabilities and services are able to be adapted to meet each customers individual requirements and needs.
We are able to provide:
The GuardKnox Platform is a secured platform. It serves as the foundation for secure hosting of additional capabilities and services, which can change dynamically in real-time. In this manner, we can create the secure service-oriented vehicle centered on applications. The Platform serves as an in-vehicle endpoint for the automotive industry “app-store” and as the hosting platform for a variety of applications.