Presentation is loading. Please wait.

Presentation is loading. Please wait.

A proposal for approach to proceed work in Cybersecurity TF

Published byPéter Gáspár Modified over 4 years ago

Similar presentations

Presentation on theme: "A proposal for approach to proceed work in Cybersecurity TF"— Presentation transcript:

1 A proposal for approach to proceed work in Cybersecurity TF
Japan (Security TF of ITS/AD 21. Dec. 2016)

2 Background 1.Recent vehicles install electric actuators for the mechanism to control steering, breaking… Such electric actuators are commanded by ECUs. This means that there is a potential to control these mechanism by the results of ECUs’ processing without drivers intentions. This is a common concern for vehicles include conventional and automated drive vehicles. 2.Information and entertainment services which are provided by on board systems require a variety of connections between the vehicles and off-vehicle/on- vehicles devices. On the other hand, such connections could increase the threat of attacks.

3 Background 3. Personal data, such as ID, destination, should be protected carefully. Clarifying necessary measures in WP.29 are required. The “Guidelines on measures ensuring cybersecurity and data protection of connected vehicles and vehicles with Automated Drive Technology” was developed as the first step.

4 Proposed work items Construction of revised version of the “Cybersecurity guideline” This item includes additional possible items such as, OTA, software integrity etc… b. Construction of proposal for the next step The next step includes a proposal of guidance to suggest necessary measures on security for relevant IWGs in WP.29, to ITS/AD.

5 Work item a. Revision of “Cybersecurity guideline”

6 a. Revision of “Cybersecurity guideline”
Step 1 Review of the “Cybersecurity guideline” by ITS/AD Finding technical missing points and making issues clear Step 2 Develop countermeasures to the issues Step 3 Drafting the amendment of the “Cybersecurity guideline” (~mid of 2018?)

7 a. Revision of “Cybersecurity guideline”
The work area of the TF is in vehicle systems excepting external communication, etc. In Vehicle Safety Privacy 7

8 Reviewing the context of the “Cybersecurity guideline”
Major points in the preamble part The guideline is intended to present requirements to automotive manufacturers, component/system suppliers and service providers This guideline is intended as interim guidance until the completion of on-going research and collaboration activities and the development of more detailed globally harmonized requirements on cybersecurity and data protection. The manufacturer, supplier and service providers shall respect the principles of data protection by design and data protection by default For cybersecurity and data protection required steps shall be checked, e.g. system checks by external organizations.

9 Reviewing the context of the “Cybersecurity guideline”
The connection and communication of connected vehicles and vehicles with ADT shall not influence on internal devices and systems generating internal information necessary for the control of the vehicle with appropriate measures. shall be designed to avoid fraudulent manipulation to the software of connected vehicles and vehicles with ADT as well as fraudulent access of the board information caused by cyber-attacks through; - wireless connection / - wired connection via the diagnosis port, etc. shall be equipped with measures to ensure a safe mode in case of system malfunction, e.g. by redundancy in the system.

10 Reviewing the context of the “Cybersecurity guideline”
When connected vehicles and vehicles with ADT detect fraudulent manipulation by a cyber-attack, the system shall warn the driver and control the vehicle safely according to the above requirements.

11 Reviewing the context of the “Cybersecurity guideline”
Connected vehicles and vehicles with ADT shall be equipped with integrity protection measures assuring e.g. secure software updates appropriate measures to manage used cryptographic keys The integrity of internal communications between controllers within connected vehicles and vehicles with ADT should be protected e.g. by authentication. ID DATA MAC ECU A ECU B

12 Reviewing the context of the “Cybersecurity guideline”
Online Services for remote access into connected vehicles and vehicles with ADT should have a strong mutual authentication and assure secure communication (confidential and integrity protected) between the involved entities. ID DATA MAC

13 Finding technical missing points and making issues clear
Reviewing the context of the “Cybersecurity guideline” Finding technical missing points and making issues clear For example… “authentication” means ? MAC? or … security anchor should be defined? “redundancy” should be clarified? Referring existing relevant standards

14 Work item b. Construction of proposal for the next step

15 Discussion for the next step on cyber security for example…
b. Construction of proposal for the next step Discussion for the next step on cyber security for example… scenarios of implementation of security measures on vehicles ….

Download ppt "A proposal for approach to proceed work in Cybersecurity TF"

Similar presentations

IHRA-ITS UN-ECE WP.29 ITS Informal Group Geneva, March, 2013 Overview of International Activities to Limit Distraction Document No. ITS-21-06 (21st ITS,

IHRA-ITS UN-ECE WP.29 ITS Informal Group Geneva, March, 2013 Overview of International Activities to Limit Distraction Document No. ITS (21st ITS,
The necessity of New Regulations for New Technologies regarding R79 Japan September / 2012 Informal document GRRF-73-16 (73rd GRRF, 18-20 September 2012,

The necessity of New Regulations for New Technologies regarding R79 Japan September / 2012 Informal document GRRF (73rd GRRF, September 2012,
Informal document GRPE-70-14

Informal document GRPE-70-14
Proposal of Automated Driving from Ad- hoc group on LKAS/RCP Submitted by the Chair of the Special Interest Group on Lane Keeping Assist Systems (LKAS)

Proposal of Automated Driving from Ad- hoc group on LKAS/RCP Submitted by the Chair of the Special Interest Group on Lane Keeping Assist Systems (LKAS)
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Outline of Definition of Automated Driving Technology Document No. ITS/AD-05-04 (5th ITS/AD, 24 June 2015, agenda item 3-2) Submitted by Japan.

Outline of Definition of Automated Driving Technology Document No. ITS/AD (5th ITS/AD, 24 June 2015, agenda item 3-2) Submitted by Japan.
1 Warning requirement for the management system of the REESS 13-15 May, 2014 U.S. DOT Head Quarter 1200 New Jersey Avenue, SE Washington, DG 20590 JASIC.

1 Warning requirement for the management system of the REESS May, 2014 U.S. DOT Head Quarter 1200 New Jersey Avenue, SE Washington, DG JASIC.
Software Security WP29 / ITS 11-11-2015 Document No. ITS/AD-07-03-Rev1 (7th ITS/AD, 11 November 2015, agenda item 3-2)

Software Security WP29 / ITS Document No. ITS/AD Rev1 (7th ITS/AD, 11 November 2015, agenda item 3-2)
Software Security WP29 IWG ITS/AD 3-11-2015 Document No. ITS/AD-06-09 (6th ITS/AD, 3 November 2015, agenda item 3-3)

Software Security WP29 IWG ITS/AD Document No. ITS/AD (6th ITS/AD, 3 November 2015, agenda item 3-3)
T.Russell Shields, Co-Chair, Collaboration on ITS Communication Standards Martin Adolph, Programme Coordinator, ITU ITU activities on secure vehicle software.

T.Russell Shields, Co-Chair, Collaboration on ITS Communication Standards Martin Adolph, Programme Coordinator, ITU ITU activities on secure vehicle software.
Common Understanding on Major Horizontal Issues and Legal Obstacles Excerpts from the relevant sections of the ToR: II. Working items to be covered (details.

Common Understanding on Major Horizontal Issues and Legal Obstacles Excerpts from the relevant sections of the ToR: II. Working items to be covered (details.
FIA MOBILITY & TOURISM Gerd Preuss, FIA Representative at UNECE, WP 29 Protection Against Mileage Fraud Current Status in ITS-AD 110 th GRSG Meeting Geneva,

FIA MOBILITY & TOURISM Gerd Preuss, FIA Representative at UNECE, WP 29 Protection Against Mileage Fraud Current Status in ITS-AD 110 th GRSG Meeting Geneva,
Introduction to Information Security Module 1. Objectives Definitions of information technology and information security Fundamental Security Concepts.

Introduction to Information Security Module 1. Objectives Definitions of information technology and information security Fundamental Security Concepts.
TF#4 – Mechanical Integrity Approved Japanese proposal for addition of vehicle mechanical protection structure into mechanical integrity requirement. EVS-11-17e.

TF#4 – Mechanical Integrity Approved Japanese proposal for addition of vehicle mechanical protection structure into mechanical integrity requirement. EVS-11-17e.
Status report on the activities of TF-CS/OTA

Status report on the activities of TF-CS/OTA
Principles Identified - UK DfT -

Principles Identified - UK DfT -
SAE Cybersecurity Standards Activity

SAE Cybersecurity Standards Activity
Connected Vehicles in the Internet of Things Presenter

Connected Vehicles in the Internet of Things Presenter
Submitted by FIA Document No. ITS/AD-10-06

Submitted by FIA Document No. ITS/AD-10-06
Informal document GRRF-84-32

Informal document GRRF-84-32

Similar presentations

Ads by Google