At the 2017 Frankfurt IAA Calum MacRae met with Cristina Segal, VP for connected vehicles at Honeywell. Segal joined Honeywell from Intel, where she was the strategy leader in automotive for Intel’s Wind River business.

just-auto: Connected vehicles at Honeywell, is that a new division? How long has it been in existence as a division??

Cristina Segal: It’s an operating group within the Transportation Systems business unit.

Most people within the industry would see Honeywell as a mechanical company, more than anything else. How can Honeywell get a piece of this business and why would you want a piece of this business?

Well it’s part of our new strapline – Honeywell, the Power of Connected. For years, Honeywell developed software solutions for different industries. Like for example in aerospace, connected aeroplanes have been on the market for a long-time. Honeywell powers a lot of the functionality of the connected aeroplane. We have, for example, their cyber security solutions and we have aeroplane integrated health monitoring solutions and other technologies.

Now because the car industry is moving more to connected cars, probably in 2020 there will be like something like 80% connected. Also the auto industry is moving more to the aeroplane business model of having fleet operators and individuals owning fewer and fewer cars. This transformation of the car as a service requires different kinds of monitoring solutions for fleet operators or OEMs.

We’re protecting oil and gas refineries too – there we see 900,000 different cyber attack instances in a month.

As a company we have 130,000 employees, around 25,000 are engineers and more than half of that number is dedicated to software. We’ve been doing cyber security work as a company for 30 years. It’s not just having to understand threats within the automotive landscape. We’re protecting oil and gas refineries too – there we see 900,000 different cyber attack instances in a month. 80-90% of it can be the same or analogous to what happen in automotive.

With that level of experience does Honeywell ever look at some of the solutions that new entrants to the industry have for cyber security and connectivity and think that “these guys have underestimated the scope of the problem”?

I wouldn’t say that! But it depends on how you see cyber security solution. You have an architecture in the car for multiple levels of security. From the secure boot up when you turn the key in the car up to securing the communication. There are multiple solutions that are needed as in every complex system. 

Automotive is today very complex, one of the most complex software system in the world with hundreds of thousands of lines of code in the car and in the future we’ll have even more.  In the future the ECUs will be virtualized on a computer platform. All of this requires different kinds of approaches and different level of security. 

Yes, there are traditional security players that are coming from IT. Their focus is mainly on the communication security. Then you have very new entrants and startups and they have great ideas to secure other portions of the car.

What we are providing is an intrusion detection and prevention system in the car. Practically, we are listening to the communication between ECUs on the bus and we detect abnormal behaviours.

What do you do with the data once you detect abnormal behaviour? 

We send our data into the cloud and this data is analysed in the car. This analysis goes through to the OEM and the OEM will then take decisions depending on their security policy.

What do you see as the key issues for autonomous vehicles in terms of security?

I will not say that issues are new potential entry points that are more critical than they are today. A car has different exposure points that are critical. For example, even though we have one communication, you can send and hack the ECU controlling the brake. If you have a driver there the driver can react, but if it’s fully autonomous the car itself has to be smart enough to detect if it’s a threat or not.

How much is this going to be within the car already or how much is that going to be part of machine learning as it experiences life?

In machine learning, you have two phases. One is the learning and the other one is to execute what you learned. On the learning part, you need to train a neural network with a lot of data to train that neural network to be able to identity situations. That can be images, it can be speech, it can be multi-sense situations. You need to train this with a lot of data because the more situations you have, the better protection you can get. That phase consumes a lot of computing power, and cannot be done easily today with the current technology in the car.

Then once this neural network is trained, you receive information on the input. Your neural network identifies the situation and sends action on the other side. That requires less computing power. It’s still parallel processing because you have multiple entries, but it’s trained already. It will always be a combination between the training phase or retraining because you may have a new situation. You need to send this information to the cloud and the system will retrain the neural network and send back a new configuration of the neural network to the car.

How is it doing that? Is it doing it by the triangulation between what it knows from what’s happened before and what this probably is? Or does it treat it as a whole new set of variables?

You have the neural network that was trained. You have a new situation that you don’t recognise and you put this new situation again on the system that is preconfigured. You don’t start from scratch every time.

How does the Honeywell business model work for this? Do you do the machine learning or do you provide the software that allows the machine learning or how does that work?

We have something that’s unique here from a technology point of view. One of our biggest differentiators is our combining of domain expertise with machine learning. We put this together so we can reduce the training time and have better accuracy. Domain expertise means that we are able to build models, physical-based models of components, and from there we create the system level model.

Then we train the system level model to cope with new situations. Reducing the training time means you don’t need to drive hundreds and thousand of miles to create the pure machine learning diagnosis system. You have to build a model, but for that you need to have information about the component. We have our unique technology for doing that which we inherited from aerospace, and once you have the system, you can diagnose practically what happens.

Are you going to be delivering anything physical to the OEMs?

It’s a software service. But we have people in the process that analyse the data – there’s a mix of manual and automatic process to it. We cannot have just a universal piece of software at the automakers. 

Honeywell, across its security operations centres handles a lot of different businesses and deals with cyber security whatever the industry is. We’re located globally now in four centres, and we’re adding more. We have a physical structure in that way when the data is uploaded, but we can play a role in the analysing of the data itself to provide that report to the OEM so they can figure out a way of how they want to mitigate the risk or issue.

That is the only differentiation you have in what you deliver to the OEMs is what they do with the data and how they respond?

It’s one of the differentiators. The technology itself, this combination between model based and also machine learning. In terms of the service, the differentiator is that we provide the end-to-end solution from the software in the car through to the treatment in the cloud and service and recommendations for the OEM. And we can do it globally to meet the OEM footprint, which becomes a big deal compared to startups as they can’t provide that detail. 

What sort of size of opportunity do you see for Honeywell in connected vehicles? Where are you now and where do you want to go?

The total market opportunity could be a few billion dollars by 2020, if you combine the entire vehicle health management, predictive maintenance, cyber security, etc, and it’s a market that we’d like to lead. It’s such a new market it’s a bit early to quantify the opportunity. IHS Markit, sees a market worth US$759m in 2023 with some 65 million vehicles subscribing to cyber security services.

Do you see many competitors out there that can offer the same scope of capability that Honeywell can?

If you take our three pillars, probably not. One is the technology differentiator where we have not so many competitors in the end-to-end solution.

Then it’s our cross industry cyber security expertise. We have experts that have faced cyber security attacks for other IoT devices in aerospace and other industries. It’s something very unique. 

The third one is the fact that we have been part of the auto sector for the past 60 years, so we know the industry. We understand the process, the lifecycle. We understand the problems they have. We understand the safety critical aspects they have. 

Also, we’re a very stable business – so that can be considered a fourth pillar. 

Do you have more details on what the collaboration with Lear entails?

We’re the gateway provider. In this instance it’s our software and their hardware. Our software stays inside the gateway – the gateway is a computer that looks at what happens on the CAN bus. If the electronic component units are attacked or not, we send messages on the CAN bus about that.

It’s not just putting on a stronger front door, but it’s making sure all the windows and screens and everything are in place.

The obvious cyber attacks are if someone gets in through the front door, say through the infotainment system. Less obvious would be if someone found a different way to use the internal network to carry out some sort of hack, for example sending a command from the steering to apply the brakes. A lot of times those messages in the vehicle have been unencrypted, because they are trusted within the vehicle. It’s not just about putting on a stronger front door, but it’s making sure all the windows and screens and everything are in place. So even if you gain access to the network, you can’t do something you shouldn’t be doing.