Cleared for takeoff? Upstream’s vSOC is the traffic control center for vehicles


Vehicle Security Operations Center Manager

September 3, 2023

Air traffic control centers play a critical role in ensuring the safety and efficiency of air traffic.

The control centers help prevent aircraft collisions, maintain the safety of aircraft and passengers and provide timely instructions to pilots to avoid potential hazards that could lead to catastrophes.

Much like air traffic control centers, vehicle security operations centers (vSOCs) are also the lifeblood of automotive safety and security. 

Like air traffic control centers, vSOCs also monitor critical assets – in this case connected vehicles, fleets, and mobility assets such as EV charging stations. Effective vSOCS enable 24×7 fast detection and response to cybersecurity incidents and attacks. Vehicle security operations centers also provide actionable insights on how to treat security risks based on playbooks and automated workflows tailored to each customer’s organization and work methodologies. The playbooks may include unique workflows such as blocking suspicious IP addresses, alerting the vehicle owners to phishing attempts and controlling the OTA servers.

Here at Upstream, we’re one of the first companies in the world to recognize the importance of providing vSOC services to OEMs. 

Today we operate 2 vSOCs in Michigan, U.S. and in our Israel HQs from where we monitor over 25 million connected vehicles and assets, working hand-in-hand with our customers to keep them abreast of cybersecurity threats around-the-clock.

Despite being in different domains, air traffic control centers and our vehicle security operations centers share key similarities including:

Real-time Monitoring – Air traffic control centers continuously track aircraft positions, altitudes, and movements. Similarly, our vSOC constantly monitors multiple converging data sources across the individual ECU, connected vehicle, and entire fleet to detect potential security threats in connected vehicles.

Incident Response – Air traffic control centers handle emergency situations, such as aircraft deviations, mechanical issues or adverse weather conditions. Our vSOC enables fast response to cybersecurity incidents such as cyber attacks and data breaches.
In a recent incident, our vSOC identified an attack whereby hackers were attempting to execute commands on vehicles and retrieve user information from the accounts by only knowing the victim’s VIN number. Our vSOC detected multiple VIN pairings and raised alerts in just a few minutes, triggering a fast response that ultimately resulted in blocking the hackers’ IP addresses.

Data Analysis – Air traffic control centers analyze radar data, flight plans, and other aviation-related information. Our vehicle SOCs analyze multiple data sources including telematics feeds, proprietary protocols, OTA software updates, vehicle APIs, in-vehicle sensors and more to identify potential risks and vulnerabilities. Leveraging the power of our cybersecurity platform, the vSOCs enable correlations across multiple geographies, time zones, vehicle types, driver types, and various vehicle ownership models (private, rented, shared).

Communication – Where air traffic control centers communicate with pilots, ground staff, and other control centers to ensure safe and coordinated operations, our VSOC teams communicate with our customers to address security concerns.
At Upstream we work with Fortune 100 OEMs, Tier-1 automotive suppliers and commercial fleet owners. When our vSOC teams are alerted to anomalies, they work hand-in-hand with customers to ensure that the threat is effectively treated, before it carries heavy repercussions. We also build custom playbooks that draw on our extensive experience working with multiple OEMs to facilitate fast response to threats and attacks.

Proactive Measures – Air traffic control centers implement air traffic management procedures and traffic flow optimization. Vehicle SOCs employ continuous monitoring, vulnerability assessments and threat intelligence to proactively address potential cybersecurity risks. Our vSOCs also leverage threat intelligence pulled from the clear, deep and dark web to provide an overarching view of the threat landscape.

Upstream’s vSOC requires minimal ramp-up time to integrate organically with existing processes and workflows. Our vSOC teams in Ann Arbor, Michigan and Herzliya, Israel are staffed with experienced analysts and researchers, many of them from elite cybersecurity Intelligence Corps units.

The underlying principles of safety, real-time monitoring, incident response and collaborative approaches remain vital in the air and on the ground. And just as it is crucial to have air traffic control center, it’s similarly imperative to have a vSOC in place to identify cybersecurity attacks before they affect vehicles and passengers.

To learn more about Upstream’s vSOC click here.

Newsletter Icon

H1'2024 Report: Redefining Automotive & Smart Mobility IoT Cyber Risks

Newsletter Icon

to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

The 2024 Paris Olympics: Navigating the Escalated Cyber Threat Landscape

As the Paris Olympic Games approach, ensuring the safety and success of the event is paramount. Transportation systems and fleets are critical components in this…

Read more

European Legislators are Charging Ahead on IoT Cybersecurity Regulations

IoT devices have become deeply embedded in the automotive and smart mobility ecosystem, dramatically transforming industries with increased efficiencies and innovation. However, this rapid technological…

Read more

The US Federal Government Zooms in on IoT Cybersecurity

As IoT device usage continues to expand across various sectors in the US, government efforts to ensure that these devices are not only effective but…

Read more

The State of Automotive Cybersecurity: Key Insights from Auto-ISAC European Summit

We recently took part in the Auto-ISAC European Summit at the iconic BMW-Welt in Munich, gaining valuable insights into the evolving automotive cybersecurity landscape. As…

Read more