Japan’s in-car security startup Trillium secures series A funding from Global Brain

L to R: Hidetaka Aoki (venture partner, Global Brain), Naoki Kamimaeda (venture partner, Global Brain), Yasuhiko Yurimoto (CEO, Global Brain), David Michael Uze (CEO, Trillium), Nobuhiko Koyama (managing director, Trillium), Aaron Benedek (chief architect, Trillium)

See the original story in Japanese.

Nagoya-based Trillium, the Japanese startup providing security solutions for connected cars and autonomous motives, announced today that it has fundraised in a series A round led by Japanese investment firm Global Brain. Financial details of the deals have not been disclosed but the size of the funding this time is supposed to be multi-million dollars. Since this round is not closed, the company is exploring additional funding from other VC firms or businesses.

The company was launched in September 2014 by David Michael Uze who previously served as Japan country manager of leading semiconductor companies, for both AMD and Freescale Semiconductor (acquired by NXP Semiconductors in 2015). Its board of directors include notable names like Nobuhiko Koyama, the head of the company behind the APR Racing Team participating in the Super GT 300 championship, as well as Sachio Senmoto who has founded well-known Japanese companies DDI (now a part of Japanese leading telco KDDI) and eAccess (now known as Y! Mobile, the mobile carrier unit under Yahoo Japan).

Last year, two American hackers conducted test hacking attacks to a Uconnect-installed Jeep Cherokee driven by a reporter of Wired Magazine, which stunned IoT and connected car addicts around the world by revealing the vulnerability of in-car control systems.

See also:

Thanks to the spread of IoT-optimized SIM cards such as Soracom, connected cars can become more convenient but also more vulnerable against attacks from hackers regardless of how far the targets are located from them. Security countermeasures against these attacks can be categorized into three layers: V2I (vehicle to infrastructure), smart firewall and IVN (in-vehicle networks). Trillium is focused on offering security solutions on the IVN layer.


According to Trillium CEO Uze, since IVN has followed an old standard based on a 16-bit core technology developed more than 20 years ago, it’s quite difficult to implement security solutions on an unresourceful chipset environment.

About 50 to 130 ECUs (electronic control units) are installed on an automobile. It’s possible to add a security chip to each of them but it would be costly and wouldn’t support OTA (over-the-air) software updates on an ECU scale. By writing codes in sizes of less than 10 kilobytes to chipsets in an ECU, we made software-based security implementation fully possible.

Similar to the SSL (secure sockets layer) technology for website integration, Trillium has succeeded in implementing a completely software-based security solution (SecureCAN) for an in-vehicle control area network connecting ECUs, which supports end-to-end encryption, authentication and key management. The company has also secured interoperability by offering appropriate security programs for different chipsets by various ECU developers.

One of the company’s value propositions is that they can offer not only security software for CAN but also one-stop solutions including multiple security countermeasures and program update technology for LIN (local interconnect network), which controls actuators of various in-car devices, as well as for OTA, FlexRay and Ethernet. It would be possible to develop an integration set of solutions by partnering with other companies, but the company has persisted in creating a series of solutions from scratch using their own technologies because they want to avoid a possible extinction of rights to use third party’s solutions in the automotive tech industry where mergers and acquisitions occur frequently.


The automotive security market is valued at $3 billion but is expected to grow up to $20 billion by 2020 when connected cars will account for 75% of all vehicles shipped annually. According to Business Insider, there will be more than 220 million connected cars traveling on roads around the world as of that year. These predictions are probably enough for us to find out why we have recently seen a flurry of M&A and funding announcements in the automotive security industry, such as Cruise Automation acquired by GM for $1 billion, as well as Harman’s continuous acquisitions of RedBend Software ($170 million), St Symphony Teleca ($780 million) and TowerSec ($70 to 75 million).

Using the funds raised this time, Trillium will strengthen engineering efforts to complete solutions undergoing development like SecureLIN, SecureMOST and SecureFLEX, in addition to enhancing already-available solutions like SecureCAN and SecureETHER. The company claims that they want to start offering subscription-based security services including OTA program update function to connected-car users through car insurance companies, wireless data carriers, security providers and others by 2019.

Edited by “Tex” Pomeroy