1. Slide 1 GUARD Peter Priller, AVL List GmbH Security Verification for connected vehicles and transportation systems Consortia Status per Feb 6 th, 2014

2. GUARD Status day 2 13 countries: AT, BE, CZ, DE, DK, ES, FI, FR, IT, NL, NO, PL, SE Project GUARDARTEMIS Brokerage Event 4./5.2.2014 : http://www.artemis-ia.eu/idea/index/view?idea=252 Status 5.2.2014 NameemailAffiliationTypeCountryCommentremark Stefan MangardStefan.Mangard@iaik.tugraz.atTUG / IAIKUniATformal methods; security testing Thomas Ebner EvolarisResearchATapps for integrated onboard systems Erwin Schoitscherwin.schoitsch@ait.ac.atAITResearchATScurity verification; V2x Peter Priller peter.priller@avl.com AVLLEAT security verification of automotive systems; DoE, test methods, automation,… Stefan Van Baelenstefan.vanbaelen@iminds.beiMindsResearchBE security architecture, encryption (HW, SW), participated in nat. project (secure chip in car) with NXP; vehicle and building domain; potentially interest/partner in Rail domain Dominique Segers dominique.segers@barco.com BarcoLEBEsecurity in Avionics, Defence aread Pavel Vaclavekpavel.vaclavek@ceitec.vutbr.czBUT CEITECUniCZ V2x wireless and wired communication security, embedded systems tamper detection and protection, power train control in automotive applications; security impact on safety (eg. powertrain), IDEAS, POLLUX, E3CAR, MOTORBRAIN Jiri Havlikjiri.havlik@ima.czIMASMECZ Data recording unit for car systems; pre-accident sensor status & camera footage / follow up IDEAS, E3CAR, POLLUX project Pavel Zemcikzemcik@fit.vutbr.czBUT FITUniCZencryption aspects; traffic control systems (V2I)will talk to CZ SME CAMEA Markus Kaspermarkus.kasper@escrypt.comESCRYPTSMEDEsecurity testing in automotive environment Georg Siglsigl@tum.deAISECResearchDEsecurity testing Martin KubischMartin.Kubisch@eads.netAirbus GroupLEDE security in wireless communication (esp. in-flight); jamming detection, system integrity, reliability, dependability, intrusion detection, tamper resistance Aerospace domain (Airbus, Astrium,…) Georg Mengesgeorg.menges@nxp.comNXP GermanyLEDE secure IVN, secure access (wireless keys), C2x, end- to-end sec. Michael Ditzemichael.ditze@twt-gmbhTWT GmbhSMEDE security verification, product "model trust center"; gateways; also interested in other domains talk with railway operators (DB, SNCF) Thomas Klotzthomas.klotz@eas.iis.fraunhofer.deFraunhoferResearchDE methodologies for HW, SW formal verification, model driven SW + HW dev. methods including formal methods, Standardization (analog + mixed signals); coooperate with NXP DE/AT Dr. Marko Häckelmarko.haeckel@de.bosch.comBoschLEDE security in building domain (surveillance, …) side channel attacks; fault injection, remote timing attacks, remote penetration testing in vehicles automotive domain; and BUILDING domain Friedrich Schön friedrich.schoen@fokus.fraunhofer.de FOKUSResearchDE Security testing, V2x, model-based-testing; model bus Harald Pötter harald.poetter@izm.fraunhofer.de Fraunhofer IZMResearchDE Jörg Settelmeier joerg.settelmeier@avl.com AVL SFRLEDEsecurity in V2x; impact security -> safety Paul Pop paupo@dtu.dk DTUUniDK "open networks": how to guarantee safety and security in the context of the "connected car"; security safety links; config. tools for open safety/security protecting systems alt. contact: Domitian Tamas-Selicean, Pascal Schleuninger pass@dtu.dk; will talk to add. partners/domains Arne Skou ask@cs.aau.dk CISSResearchDKsecurity verification and testing will talk to SME's in building domain Daniel Saez Domingodsaez@iti.esITIResearchES depandability, reliability, consistency in middleware; SLA definitions; Access control and intrusion detection; mem alloc and scheduling in RT systems; computer vision (e.g. pedestrian / situaiotn recognition) Pablo P. Sanchezsanchez@teisa.unican.esUCUniES security metrics performance analysis tools / Project TOISE; network analysis & simulation will check with SME's and LE's; automotive & building domain Carles Ferrer i Ramiscarles.ferrer@uab.catUABUniES security in HW & SW and WSN / Project TruDevice; experience from POLLUX Roberto Gimenezrgimenez@eurob.esEUROBSMEES mobile platforms, devices as gateways, as security token in vehicles Jorge Villagrajvillagra@ixion.esixionSMEES embedded systems for autonomous vehicles (cars, UAV,…); interactions; safety measures estibaliz Delgado Martinez estibaliz.delgado@tecnalia.com TecnaliaResearchES certification ; safe and secure SW dev; smart analytics; use cases smart mobility, smart city; also in DEWI and SAFERDAT security in V2V, V2I Automotive & building domain Christos Verikoukis cveri@cttc.es CTTCResearchES design of protocols and building blocks implementation for mobile solutions, Smart cities and smart mobility Jacobo Dominquez Mosquera jacobo.dominquez@acorde.com AcordeSMEES Wireless comm links (also satelite comm., GNSS, ZigBee, Wifi, BT,..) Jani Mänty Järvijani.mantyjarvi@vtt.fiVTTResearchFI scuerity testing; alt. contact: Ailisto Heikki Jaakko Saarela jaakko.saarela@centria.fi CentriaResearchFI Keijo Haataja keijo.haataja@uef.fi University of Eastern Finland UniFI WS security; intrusion detection & preevention; auth. & encr. methods, intell. alg. ; machine compmuter vision, learning systems will talk to companies like F-Secure Eric Menard, Guy Convenant guy.convenant@valeo.com, eric.menard@valeo.com ValeoLEFRindustrial use cases PEBAY-PEYROULA Florian florian.pebay@cea.frCEA-LetiResearchFRfocused on SW David Servatdavid.servat@cea.frCEA-ListResearchFR security assessment and testing in automotive context, development of countermeasures, HW based security, system integrity, secure low level communication layers Caroline Bedrancaroline.bedran@nxp.comNXP FranceLEFR Girardi Antonio agirardi@micron.comMICRONLEIT simulation platforms and modeling for system performance analysis (UFS); bottom-up simu (e.g. verify mem alternative); derive impact/requ. to mem. systems; memory systems for security and low-power; Roberto Petroccia roberto.petroccia@wsense.it WsenseSMEITsecurity in wireless networks Francesco Fileppo francesco.fileppo@akhela.com akhelaSMEIT context-aware UI, bus interfaces, penetration testing for automotive apps Romano Hoofman romano.hoofman@nxp.comNXP NL, BELENL secure IVN, secure access (wireless keys), secure Car-2-x communication; provide system view of V2x Peter J. van Otterloo p.j.v.otterloo@tue.nl; k.g.w.goossens@tue.nl; eirict@tue.nl; j.j.lukkien@tue.nl TU/eUniNL 1. system integrity, reliability, dependability 2. V2V communication 3. security by virtualization (HW, SW) (Kees) 4. intrusion detection, tamper resistance Marleen Boonenmarleen@methods2business.com Methods2Busine ss SMENL methodologies for HW, SW formal verification, model driven SW + HW dev. methods including formal methods, SystemC, wireless communication IP and security for wirless connectivity; HW and SW for the MAC layer of IEEE 802.11n, partner for PHY; AES security encryption Guido Dolmans guido.dolmans@imec-nl.nl Holst Center IMEC ResearchNL Security in wireless communications for automotive connectivity see imec proposal doc Maurits De Graaf maurits.degraaf@nl.thalesgroup.com Thales NLLENL Martin Linges jdelavara@simula.no SimulaResearchNO Lukasz Kulaslukasz.kulas@wicomm.orgGUTUniPL observe, monitor wireless transmissions to check for security on radio layer vehicle and building domain Przemyslaw Sekalski ps@open-rnd.pl Open RnDSMEPL SW & HW prototyping; collaborates with Arynga; secure over-the-air updates of xCU'S, remote diagnostics CarSync http://www.arynga.com/car sync; will talk to PKP (Polish Railways) Alexey Vinelalexey.vinel@hh.se Halmstad University UniSEV2V and V2I protocol design Jakob Axelssonjakob.axelsson@sics.se Swedish Inst. of Computer Science ResearchSE securing plug-in architecture for automotvie systems "AppStore" open demo platform Michael R. V. Chaudron, Christian Berger chaudron@chalmers.se;christian.berger @gu.se Chalmers University UniSEdata flow analysis / data leakage detection Mauro Montanarimauro.montanari@thalesgroup.comThales ITLEITsecurity on wireless networks Gerd vom Bögelgerd.vom.boegel@ims.fraunhofer.deFraunhofer IMSResearchDE hardware design & verification (antenna design, SWR) Roberto Zafalonroberto.zafalon@st.com STMicroelectron ics LEIT

3. Ideas, topics define threat models security verification on IVN, wireless com, SW and HW level testing methodologies capture & replay of attacks (library) on vehicle test beds random testing (guided by captured attacks/formal protocol analysis) Grammar-Based Fuzzing test generation apply known hacking methods (buffer overflow testing…) test automation, test management, result management systems formal methods, MBT, DoE / test cases design HW and SW simulators and test facilities for security testing embedded sandboxing, firewalls, intrusion detection, tamper proofing, intrusion detection, …

4. GUARD Status day 2 Domains Automotive Aeronautics Building Railway