Flexible, scalable, and cost-effective solutions for the automotive industry

GuardKnox is the automotive industry’s first Cybertech Tier Supplier of secure, high-performance computing platforms that enable OEMs, Tier-1 suppliers, and aftermarket vendors to deliver the next generation of customized and secure, connected vehicles. All products are secure by design – providing a comprehensive secure product with cybersecurity as the foundation for additional levels of connectivity.

 

Click here for a summary of the GuardKnox Product Family

We Speak Both Languages: Hardware and Software

Designed for scalability and flexibility, the GuardKnox Platform solution adheres to the most stringent security and safety standards, including ISO 26262 and ISO 15408. It can be implemented by OEMs, Tier 1s and the aftermarket as an ECU with a full software stack or as software-only solution

The Guardknox Platform adheres to the most stringent security (ISO 15408) and safety (ISO 26262) standards.

GuardKnox Product Family

cybersecurity

Domain Controller Platform

The GuardKnox Domain Controller’s main function is to act as the network backbone, connecting, segregating, and orchestrating all cross-domain communications. The domain controller serves as a uniform hardware and software ECU platform for domain controller E/E architectures.

GuardKnox Domain Controller platform supports high-performance processing with integrated microprocessors coupled with realtime processing using micro-controllers. High-speed communication is supported using Ethernet (1G, 100Mbps including switching and routing) and realtime communication with CAN-FD, FlexRay, and LIN.


The platform is designed to host applications in order to provide extra services, additional functionality, and consolidation of otherwise external hardware. This ability for mixed such capabilities are based on the GuardKnox Service Oriented Architecture (SOA) patented technology. Lastly, the platforms support multiple safety domains (up to ASIL D) and high cybersecurity protection based on GuardKnox patented secure SOA stack and Lockdown™ security methodology.

Variants

  • Gateway Domain Controller: Incorporates a high-performance application processor coupled with a powerful realtime safety-critical micro-controller. High-speed communication is supported using Ethernet (1G, 100Mbps including switching and routing) and real-time communication with CAN-FD, FlexRay and LIN.
  • Cockpit Domain Controller: The GuardKnox Cockpit domain controller platform is used to control various user interactive displays and HMI devices for passenger experience, vehicle information, and functionality. This platform is user experience and HMI driven. It supports multiple interactive displays including headunit and instrument cluster. In addition, it is optimized to support graphical processing and AI. Supporting multiple user experience-driven operating systems running together including Android and Linux. The platform features strong separation between the vehicle and the infotainment domain using the GuardKnox patented Lockdown™ architecture. Interface support includes high-speed Ethernet, CAN-FD, MOST, and external wireless communication using Bluetooth, Wi-Fi and Cellular connectivity. The platform contains an advanced version of the GuardKnox patented SOA architecture, allowing for a seamless OTA application/service loading capabilities, dynamic service control, permission control, micro-services, and containers.
  • Body Domain Controller / Advanced Body Control Module (BCM): The central hub for all body functionalities and user inputs that affect the vehicle’s interior. The BCM enables application hosting for advanced user experience. This solution may also act as a localized gateway due to its connectivity nature and ability to support large amounts of realtime CAN-FD and LIN interfaces as well as high-speed Ethernet connectivity.

Read more about the Domain Controller Solution!

cybersecurity

Zonal Gateway on a Chip

The GuardKnox Zonal Gateway is a cost-effective hardware solution for high-performance routing on a single chip design. This high-performance routing solution also contains the GuardKnox proprietary High-Performance Communication Engine. This gateway supports all automotive communication interfaces and can implement a full communication matrix in hardware with integrated edge-processing capabilities. This implementation includes full line-rate security verification of all communication. GuardKnox has developed tools to convert CANDB and ARXML communication databases into High-Performance Communication Engine compatible databases.

In addition, the zonal gateway is able to support the full spectrum of AUTOSAR routing capabilities.

Variants

  • Seating
  • Legacy ECU Integration

Read more about the Zonal Gateway Solution!

cybersecurity

Vehicle Server

The GuardKnox Vehicle Server is a multi-domain ECU for Zonal backbone applications with heterogeneous resources (CPU, MCU, GPU, communication acceleration, and FPGA) in a highly integrated and cost-effective design. Coupled with the GuardKnox Secure SOA stack to provide both hardware and software infrastructure for safe and secure multi-domain and mixed-criticality operation (the design is engineered to be certifiable to ISO26262 up to ASIL D and upcoming ISO21434).

The Vehicle server is designed to support all automotive interfaces and is able to accommodate any number of interfaces. Due to the fact that the vehicle server is designed on families of SoCs GuardKnox is able to provide a seamless transition from low-cost mass-market solutions to super-premium solutions, all while utilizing the same hardware and software architecture as well as the same toolchain.

Additionally, the same architecture is able to be used across backbone ECUs, optimized for different application groups, while still maintaining the same development environment, uniform software deployment infrastructure (including between backbone ECUs) with smarter centralized management, and leveraging cost economy of scale. When FPGA based designs are employed, unique Hardware OTA (HOTA) capability becomes available, which enables the deployment of hardware processing resources in realtime while the vehicle is already on the road. The GuardKnox Vehicle Server is based on multiple, industry-leading SoC architecture, which are selected according to customer requirements.

Variants

  • General Purpose
  • Cluster Computer
  • Modular Unit

Read more about the Vehicle Server!

cybersecurity

After-Market Add-On

The after-market add-on is a connectivity Domain Controller which serves as a gateway to external communication by wireless and wired interfaces. External connectivity allows for advanced connectivity features such as OTA updates, smartphone applications, in-vehicle entertainment, smart city services, OEM app store, etc. The platform features strong separation in both hardware and software between vehicle and external domains using the GuardKnox patented Lockdown™ architecture. Interface support includes high-speed Ethernet (currently up to 1GB with 10GB in development) and CAN-FD with external wireless communication using Bluetooth (up to 5), Wi-Fi, and Cellular (4G and support for future 5G) connectivity. There are several variants to this platform with high performance, mainstream, and cost-effective versions.

In addition, the aftermarket add-on includes GuardKnox’s patented SOA design that overcomes the complexity of today’s vehicle networks by functioning as a consolidated platform with reusable code components, standardized protocols for interoperability and scalable hardware services.

This product line is available for series production and aftermarket products. Aftermarket use cases include OEM branded connected accessories, and smart mobility solutions.

Variants

  • Dealership asset manager
  • fleet ransomware protection
  • wireless connectivity
  • logistics fleet management
  • telematics
  • insurance and UBI
  • mobile device integration
  • ride-sharing etc.

Check out our Cyber Technology for the Aftermarket page or download the Datasheet!

cybersecurity

Secure SOA Stack- Service-Oriented Architecture (SOA)

The GuardKnox secure SOA stack is a fully secure, modular, and patented software solution that is able to meet customer hardware architecture requirements (e.g. Renesas, NXP, Xilinx, etc.) and OS requirements (e.g. Linux, Android, AUTOSAR, etc.).

The SOA stack includes a board support package (BSP) with a separation kernel and a hypervisor, optimized and secure partition and kernel configuration, host OS’s management infrastructure, software deployment infrastructure including OTA, network-level service discovery, security infrastructure, and container engine support. In addition, the SOA stack includes the GuardKnox patented Lockdown™ core.

GuardKnox’s SOA patented technology creates a secure environment that enables added services and applications by hosting downloads or upgrades on the GuardKnox platform. This enables mission-critical and non-mission critical applications to run simultaneously without interference even if one application is compromised.

SOA has a secure separation (both hardware and software) between all resources, application groups, and operating systems, simplifying edge computing capabilities by providing ample processing resources with maximal flexibility both in interface support and provision for future software extensions/additional service being added – enabling additional connectivity & customization through access control and service level partitioning.

Variants

  • Gateway
  • Domain Controller
  • Mixed-Criticality Environment

Check out our SOA page or download our SOA Whitepaper to learn more!

cybersecurity

Built to Spec

GuardKnox’s technological capabilities and services are able to be adapted to meet each customers individual requirements and needs.

We are able to provide:

  • High-performance communication processing, especially with integrated security
  • Modular software stack solutions
  • Hypervisor based and application rich compute environments
  • Integration with extra-vehicle devices
  • Cybersecurity applications
  • Ethernet communication

Variants

  • Customer defined- tailor-made
  • Wireless gateway
  • EV Charging

Check out our Capabilities and Services for more information!

Security is the foundation for the ‘Service-Oriented Vehicle’

The GuardKnox Platform is a secured platform. It serves as the foundation for secure hosting of additional capabilities and services, which can change dynamically in real-time. In this manner, we can create the secure service-oriented vehicle centered on applications. The Platform serves as an in-vehicle endpoint for the automotive industry “app-store” and as the hosting platform for a variety of applications.

intigration