Presentation is loading. Please wait.

Presentation is loading. Please wait.

Status report on the activities of TF-CS/OTA

Published byEmma Fortier Modified over 5 years ago

Similar presentations

Presentation on theme: "Status report on the activities of TF-CS/OTA"— Presentation transcript:

1 Status report on the activities of TF-CS/OTA
Transmitted by the Secretary of TF-CS/OTA Status report on the activities of TF-CS/OTA 13th session WP.29 IWG ITS/AD 16 November 2017, UNECE, Geneva

2 Scope of TF-CS/OTA and delivery of results
The group decided to develop two Recommendations, one for Cyber Security and one for Software Updates Data protection Software updates Certification aspects Cyber Security Security aspects Legal aspects out of scope Threat analysis pre- registration post- registration Develop flow diagram Define mitigation principles Define approval method Table of threats Develop Recommendation on Cyber Security Safe execution Develop recommendation for safe execution Develop Recommendation on Software Updates

3 Closer look at the Recommendation on Cyber Security
Data protection Software updates Certification aspects Cyber Security Security aspects Legal aspects out of scope Threat analysis pre- registration post- registration Develop flow diagram Define mitigation principles Define approval method Table of threats Develop Recommendation on Cyber Security Safe execution Develop recommendation for safe execution Develop Recommendation on Software Updates

4 Status on the Recommenadtion for Cyber Security
Status of work: Document structure developed Drafting has started: Initial draft available with full set of text Not yet fully reviewed, more time needed Need to agree wording and detailed content based on further discussions. Potential approach: Recommendation may be taken forward as part of the Consolidated Resolution (R.E. 3) or its own standalone Resolution

5 Structure of the Recommendation on Cyber Security
The group works on the basis of the following structure: 1. Introduction 1.1. Preamble 1.2. Scope 1.3. Approach 2. Definitions (and abbreviations) 3. Reference Model 4. Cyber security principles 5. Threat Assessment 6. Mitigations 7. How to evidence consideration of the threats, mitigations and principles identified 8. Conclusion and Recommendation for further proceedings Annex 1 List of threats and corresponding principles and mitigations Annex 2 List of Security Controls related to mitigations incl. examples Annex 3 List of reference documents

6 The image below reflects the current status for the reference model:
Reference model for Cyber Security The image below reflects the current status for the reference model: DRAFT

7 Table of threats generated during Threat Assessment
The extensive excel file with the mitigation table („table of threats“) will be used in Annex 1 of the Recommendation on Cyber Security

8 Closer look at the Recommendation on Software Updates
Data protection Software updates Certification aspects Cyber Security Security aspects Legal aspects out of scope Threat analysis pre- registration post- registration Develop flow diagram Define mitigation principles Define approval method Table of threats Develop Recommendation on Cyber Security Safe execution Develop recommendation for safe execution Develop Recommendation on Software Updates

9 Status on the Recommenadtion for Software Updates
Status of work: Document structure developed Drafting has started: some chapters still without content Existing text not yet fully reviewed, more time needed Need to develop content for blank sections Need to agree wording and detailed content based on further discussions. Potential approach: Measures to identify updating or updated software should be introduced in existing Regulations (main body / annexes)

10 Structure of the Recommendation on Software updates
The group works on the basis of the following structure: 1. Introduction 1.1. Preamble 1.2. Scope 2. Definitions 3. Process on software updates 3.1. Overview 3.2. Software update approval process 3.3. Prerequisites 3.4. Type approval process responsibilities 4. Additional requirements for software updates 4.1. Requirements for safely and securely conducting an update 4.2. Safety requirement for all updates 4.3. Additional safety requirement for OTA updates 4.4. Security requirement for all updates 4.5. Requirements for evidencing that the update is safe and secure

11 Some further amendments to be expected!
Structure of the Recommendation on Software updates 5. Identification of the installed software 5.1. Use of the Software Identification Number, RxSWIN Conclusion and Recommendation for further proceedings Annex 1 an annex for how the vehicle shall ensure the safety of the update process (to be attached to appropriate regulations) Annex 2 an annex for where specific regulation require a part on software updates and help implementation (to be attached to appropriate regulation(s)) Some further amendments to be expected!

12 Open issues and challenges
Issues/challenges encountered during the work: Non-harmonized registration process: especially an issue for post-registration software updates Database to cover RxSWIN concept: Potential extension of DETA may be suitable to support configuration control of software Concepts that organizational issues and S/W development should become part of type approval/certification Aftermarket issues Lifecycle of the vehicle vs. Type approval Software update process and recommendation to work in type approval and self certicifaction environment It might not be possible to deliver exhaustive contents on all subjects within the timing of the original mandate.

13 Extension of the mandate of TF-CS/OTA
Since the group was established on 21 December 2017, it had: 9 physical meetings in Europe, Asia and North America 6 web meetings on special topics In order to deliver two recommendations until March 2018 following additional meetings are scheduled so far: 2 physical meetings in London and Washington (tbc) 3 web meetings to further develop the recommendations In order to deliver the recommendations to ITS/AD and to take any feedback from its parental group, TF-CS/OTA is formally asking to to extend the mandate until June 2018.

14 End of original mandate End of extended mandate
Workplan and timimg End of original mandate End of extended mandate TFCS-09 Paris 09-10 Nov. 2017 ITS/AD Geneva 16 Nov. 2017 Ad hoc CS Recom. (Web) Dec date pending Ad hoc S/W Update Recom. #1 (Web) 07 Dec. 2017 Ad hoc S/W Upd. Recom.# 2 (Web) 15 Dec. 2017 TFCS-10 London 16-18 Jan. 2018 TFCS-11 Washington 20-22 Feb (tbc) ITS/AD Geneva March 2018 Dec Jun CS/M table Drafting of Cyber Security recommendation Final layout editing Draft structure Drafting of S/W update recommendation Preparation of presentation Status report Presentation of recommendation papers Adopt CS/M table; Agree format for recommendations Finalize and adopt recommendation papers

Download ppt "Status report on the activities of TF-CS/OTA"

Similar presentations

REPORT TO GRPE 70 TH SESSION EVE IWG 1 Electric Vehicles and the Environment (EVE IWG) Informal document GRPE-70-23 70 th GRPE, 15-16 January 2015 Agenda.

REPORT TO GRPE 70 TH SESSION EVE IWG 1 Electric Vehicles and the Environment (EVE IWG) Informal document GRPE th GRPE, January 2015 Agenda.
1 GRPE Informal Working Group on Heavy Duty Hybrids UNITED NATIONS Report to GRPE 66 Geneva, 06 June 2013 Informal document No. GRPE-66-23 (66th GRPE,

1 GRPE Informal Working Group on Heavy Duty Hybrids UNITED NATIONS Report to GRPE 66 Geneva, 06 June 2013 Informal document No. GRPE (66th GRPE,
1 IFAD consideration of a Code of Conduct for Executive Board Representatives Historical Background Presentation to an Informal Seminar of the Executive.

1 IFAD consideration of a Code of Conduct for Executive Board Representatives Historical Background Presentation to an Informal Seminar of the Executive.
Report to GRSG from ambassador to IWVTA Olivier Fontaine / Ignacio Lafuente Informal document GRSG-109-25 (109th GRSG, 29 Sept.-2 October 2015, agenda.

Report to GRSG from ambassador to IWVTA Olivier Fontaine / Ignacio Lafuente Informal document GRSG (109th GRSG, 29 Sept.-2 October 2015, agenda.
Status report on the activities of TF-CS/OTA

Status report on the activities of TF-CS/OTA
Outcome TFCS-05 // May OICA, Paris

Outcome TFCS-05 // May OICA, Paris
Status report on the activities of TF-CS/OTA

Status report on the activities of TF-CS/OTA
30-31, August 2017 Den Hague, Netherlands)

30-31, August 2017 Den Hague, Netherlands)
Main problems of NL proposal for UN Software Regulation

Main problems of NL proposal for UN Software Regulation
Case studies on software update

Case studies on software update
OICA input on software updates to UN TF CS/OTA

OICA input on software updates to UN TF CS/OTA
Chair: Jin Seop Park, Republic of Korea Secretary: Thomas Kinsky, OICA

Chair: Jin Seop Park, Republic of Korea Secretary: Thomas Kinsky, OICA
Simplification of Lighting and Light-Signalling Regulations

Simplification of Lighting and Light-Signalling Regulations
Outcome TFCS-04 // March ITU, Geneva

Outcome TFCS-04 // March ITU, Geneva
Suggestion on software update

Suggestion on software update
Outcome TFCS-07 // August NH Den Haag, NL

Outcome TFCS-07 // August NH Den Haag, NL
Outcome TFCS-11// February Washington DC

Outcome TFCS-11// February Washington DC
WMO IT Security Incident Process

WMO IT Security Incident Process
Outcome TFCS-11// February Washington DC

Outcome TFCS-11// February Washington DC
Proposal for Next Actions - Based on Threats Table Approach -

Proposal for Next Actions - Based on Threats Table Approach -

Similar presentations

Ads by Google