Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAE Cybersecurity Standards Activity

Published byGervase Adams Modified over 6 years ago

Similar presentations

Presentation on theme: "SAE Cybersecurity Standards Activity"— Presentation transcript:

1 SAE Cybersecurity Standards Activity
ETI ToolTech 2017 New Orleans, LA April 27, 2017

2 Car Hacking in the News…
ToolTech 2017

3 But The Good News… ToolTech 2017

4 The Automobile is an Incredibly Complex Environment
ToolTech 2017

5 SAE Publishes the World’s First Automotive Cybersecurity Standard
J3061 Cybersecurity Guidebook for Cyber-Physical Automotive Systems Published January 2016; drive to a risk-based, process-driven approach to address the Cybersecurity threats the automotive environment is experiencing. Provides guidance on how to integrate cybersecurity into their product development life- cycle Establishes the desired relationships between cybersecurity and safety J3061 provides a foundation for further security standards development and is the “go-to” resource throughout industry ToolTech 2017

6 SAE Vehicle Cybersecurity Portfolio WIPs
J Automotive Cybersecurity Integrity Levels Develops an objective cybersecurity classification scheme J Security Testing Methods Provides a detailed breakdown of currently available software and hardware security testing methods. J Security Testing Tools This document serves as an agnostic list of manufacturers of security related tools and their capabilities. J3101 Requirements for Hardware-Protected Security for Ground Vehicle Applications Defines a common set of requirements for security to be implemented in hardware for ground vehicles to facilitate security enhanced applications and hardware protection for ground vehicle applications ToolTech 2017 6

7 SAE-ISO Automotive Cybersecurity Engineering Joint Work Group
SAE-ISO Automotive Cybersecurity Engineering JWG Committee Co-Convenors: Lisa Boran, Ford, SAE Gido-Scharfenberger-Fabian, Carmeq, ISO Risk Management Project Team Product Development Project Team Operations Maintenance and Other Processes Project Team Process Overview and Inter-dependencies Project Team JWG Participation from: 11 ISO Nations 11 SAE experts Over 100 Project Team Participants from : 10 OEMs 11 major suppliers Dozens of consultants, security firms, and other suppliers ToolTech 2017

8 SAE Cybersecurity Activities
J3061 is becoming a “go-to” resource for many SAE Committees in different discipline areas, e.g. On-Road Automated Driving Committee Vehicle Electrical and Electronics Diagnostics Committee Truck and Bus Controls and Communications Network Committee New Data Link Connector Vehicle Security Committee ToolTech 2017 8

9 Acute Focus on OBDII Security
scenario hacker attack hacker attack over the mobile communication to the OBD dongle hacker starts critical functions over the UDS protocol September 12: Letter from House Committee on Energy and Commerce to NHTSA RE: OBD-II Security “…request that NHTA convene an industry-wide effort to develop a plan of action for addressing the risk posed by the existence of the OBD-II port in the modern vehicle ecosystem.” Courtesy of Bob Gruszczynski, Volkswagen: SAE September OBD Symposium September 2016 ToolTech 2017

10 SAE Convenes Industry to Address OBD-II Security
SAE hosted invitation-only industry workshops December 1, 2016 and January 30, 2017. Goals: Identify common issues, needs, and approach to secure the OBD Gain buy-in to development of an accelerated standards approach Launch a new Standard Very well-attended by industry Leads: Mark Zachos, DGTech and Bob Gruszczynski, VW OEMS, Light Vehicle Suppliers, Heavy Manufacturers and Suppliers, and Auto-ISAC Associations: MEMA, ETI, AutoCare Association Government/Regulators: CARB, NHTSA, NIST ToolTech 2017

11 New Data Link Connector Vehicle Security Committee
New Standard Work Item: J3138- Guidance for Securing the Data Link Connector (DLC) Goal: This document provides guidelines for securing communications with any off-board device for vehicles. Scope: The Data Link Connector supports communication of diagnostic information to off-board devices as well as legislated diagnostic information. This standard is focused on the securing the DLC in Vehicle network environments including: Open access to communication busses Communication busses isolated via a gateway  Any “hybrid” approaches ToolTech 2017

12 Data Link Connector Vehicle Security Committee: New Work Item
Vehicle Interface Security Information Report Rationale: Other standards projects, mostly in ISO TC22 and TC204, aimed at securing the totality of interface to the vehicle (h/w and s/w interfaces). We want to learn from other activities and integrate as we can into future SAE Standards (and potentially joint standards with ISO). Proposed Scope: Provide an overview of some current practices which could be utilized for securing the vehicle’s interfaces from cybersecurity risks Samples: ISO Extended vehicle methodology (ExVe) ISO Vehicle Station Gateway (VSG) ISO Secure Vehicle Interface (SVI) ToolTech 2017

13 Other Cybersecurity Collaborations
Working with NIST to examine Assurance testing for cybersecurity using NIST Cyber-Physical System Framework and Federated Test Bed Software testing suite Early collaboration with UN Economic Commission for Europe (UNECE) Working Party 29 Task Force on Automotive Cybersecurity and Over-The- Air Updates ToolTech 2017

14 Tim Weisenberger Contact: Tim.Weisenberger@sae.org Ph: 248.840.2106
ToolTech 2017

Download ppt "SAE Cybersecurity Standards Activity"

Similar presentations

The International Security Standard

The International Security Standard
AASHTO Subcommittee on Maintenance Vehicle Communication Standards, Issues, & Potential Solutions July 19, 2011.

AASHTO Subcommittee on Maintenance Vehicle Communication Standards, Issues, & Potential Solutions July 19, 2011.
IHRA-ITS UN-ECE WP.29 ITS Informal Group Geneva, March, 2013 Overview of International Activities to Limit Distraction Document No. ITS-21-06 (21st ITS,

IHRA-ITS UN-ECE WP.29 ITS Informal Group Geneva, March, 2013 Overview of International Activities to Limit Distraction Document No. ITS (21st ITS,
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ETSI Standardization Activities on M2M communications Joachim Koss, ETSI Board Member Document No:

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ETSI Standardization Activities on M2M communications Joachim Koss, ETSI Board Member Document No:
Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.

Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.
NHTSA Cyber Security Best Practices Study Tim Weisenberger December 7, 2011.

NHTSA Cyber Security Best Practices Study Tim Weisenberger December 7, 2011.
BITS Proprietary and Confidential © BITS 2003. Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.

Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.
Developing PC-Based Automobile Diagnostic System Based on OBD System Authors : Hu Jie, Yan Fuwu, Tian Jing, Wang Pan, Cao Kai School of Automotive Engineer.

Developing PC-Based Automobile Diagnostic System Based on OBD System Authors : Hu Jie, Yan Fuwu, Tian Jing, Wang Pan, Cao Kai School of Automotive Engineer.
1 Configuration Management “The Cookbook Approach”

1 Configuration Management “The Cookbook Approach”
Status Report for Critical Infrastructure Protection Advisory Group

Status Report for Critical Infrastructure Protection Advisory Group
Machine Health and Condition Based Maintenance Mark N. Pope, General Motors.

Machine Health and Condition Based Maintenance Mark N. Pope, General Motors.
Jeju, 13 – 16 May 2013Standards for Shared ICT TIA TR-50 M2M-Smart Device Communications Dr. Jeffery Smith Chief Innovation and Technology Officer/EVP.

Jeju, 13 – 16 May 2013Standards for Shared ICT TIA TR-50 M2M-Smart Device Communications Dr. Jeffery Smith Chief Innovation and Technology Officer/EVP.
1 Automotive industry Reducing Noise Emissions from Motor Vehicles: New EU Commission legislative proposal World Forum on Vehicle Regulations (WP.29) 156.

1 Automotive industry Reducing Noise Emissions from Motor Vehicles: New EU Commission legislative proposal World Forum on Vehicle Regulations (WP.29) 156.
January 2016 Lisa Boran Ford Motor Company SAE J3061 Committee Chair

January 2016 Lisa Boran Ford Motor Company SAE J3061 Committee Chair
SAE and Technical Policy Analysis Shuvo Bhattacharjee ETAS Inc. – Diagnostic Systems

SAE and Technical Policy Analysis Shuvo Bhattacharjee ETAS Inc. – Diagnostic Systems
I/M Solutions Conference

I/M Solutions Conference
I/M Solutions 2011 Training Forum for Jurisdictions May 17, 2011 SAE J1699-2 Recommended Practice Overview Bob Gruszczynski, OBD Specialist Volkswagen.

I/M Solutions 2011 Training Forum for Jurisdictions May 17, 2011 SAE J Recommended Practice Overview Bob Gruszczynski, OBD Specialist Volkswagen.
Standards Certification Education & Training Publishing Conferences & Exhibits 1 Copyright © ISA, All Rights reserved ISA99 - Industrial Automation and.

Standards Certification Education & Training Publishing Conferences & Exhibits 1 Copyright © ISA, All Rights reserved ISA99 - Industrial Automation and.

Similar presentations

Ads by Google