405 Incidents in 90 Days. Automakers Are Paying Attention.

Trustonic and VicOne combine AI detection, TEE isolation, and autonomous response to protect ECUs before threats escalate

3 Jun 2026

Trustonic and VicOne have extended their partnership to deliver an ECU-level defense solution for software-defined vehicles, targeting North American and global programs. The announcement, made on 19 March, responds to a detection-to-damage window that legacy security architectures can no longer close fast enough.

At the centre of the architecture is a three-way integration. VicOne's xCarbon intrusion detection system, upgraded with edge AI, correlates threat signals across multiple ECUs in real time. Kinibi, Trustonic's hardware-isolated Trusted Execution Environment, processes sensitive operations inside a protected compute zone, holding EAL5+ certification and deployed across more than 2 billion smart devices and 20 million vehicles. An autonomous response layer then classifies and contains threats without routing alerts to a remote operations centre. Containment begins at the ECU layer, before a threat can reach braking or powertrain functions.

The timing reflects a measurable shift in risk. VicOne recorded 405 automotive cybersecurity incidents in the first quarter of 2026, with electric vehicle charging incidents more than tripling over the period. At Pwn2Own Automotive 2026 in January, researchers disclosed 76 zero-day vulnerabilities across connected vehicle systems, with memory-level exploits appearing repeatedly across products from multiple manufacturers.

No single regulatory framework yet mandates ECU-level threat containment as a baseline requirement for software-defined vehicle programs. Whether industry bodies or national regulators move to formalise such standards, and on what timeline, will determine how broadly solutions of this kind are adopted beyond early-mover programs.