Status report on the activities of TF-CS/OTA

Slides:



Advertisements
Similar presentations
Status report on the activities of TF-CS/OTA
Advertisements

Principles Identified - UK DfT -
SAE Cybersecurity Standards Activity
Submitted by FIA Document No. ITS/AD-10-06
Suggestion for Summarizing Process of the Principles
Reference Model The model shall be: - the vehicle including:
Security of In-Vehicle Software
Outcome TFCS-05 // May OICA, Paris
30-31, August 2017 Den Hague, Netherlands)
Main problems of NL proposal for UN Software Regulation
Case studies on software update
OICA input on software updates to UN TF CS/OTA
Chair: Jin Seop Park, Republic of Korea Secretary: Thomas Kinsky, OICA
Concept of ACSF TAN (Type Approval Number)
Outcome TFCS-04 // March ITU, Geneva
Suggestion on software update
Outcome TFCS-07 // August NH Den Haag, NL
Outcome TFCS-11// February Washington DC
Status report on the activities of TF-CS/OTA
Electric Vehicles and the Environment (EVE IWG)
DG Environment, Unit D.2 Marine Environment and Water Industry
Outcome TFCS-11// February Washington DC
Proposal for Next Actions - Based on Threats Table Approach -
Final Report of TF-CS/OTA September The Amba Hotel, London
Outcome of TFCS-12 - summary slides - (detailed meeting minutes will be provided separately) April The Shilla Seoul, ROK.
Transmitted by the IWVTA Informal Group
Summary of software update progress
Japan’s proposal for security regulation
Working Party on General Safety Provisions (GRSG) General information
Simplification of the UN Lighting and Light-signalling Regulations
Proposals from the Informal Working Group on AEBS
VIAQ (Vehicle Interior Air Quality) Informal Working Group
Working Party on Automated/Autonomous and Connected Vehicles (GRVA)
Status report on the activities of TF-CS/OTA
VIAQ (Vehicle Interior Air Quality) Informal Working Group
Chair: Jin Seop Park, Republic of Korea Secretary: Thomas Kinsky, OICA
Outcome TFCS-06 // June TIA, Arlington/VA (USA)
Informal document GRVA nd GRVA, 28 Jan Feb. 2019
Original slide of TFCS-ahSU2-02-Rev1
Status report from UNECE Task Force on Cyber Security &
Transmitted by Co-Chairs of VMAD
New Assessment & Test Methods
Informal document GRVA st GRVA, September 2018
Proposals from the Informal Working Group on AEBS
Replies by the Task Force to the comments provided by GRVA members
Task Force – Cyber Security, Data Protection and Over-the-Air issues
Status report of TF-CS/OTA
Informal document GRE-79-15
Safety concept for automated driving systems
Why a „test phase“? Overview
International Telecommunication Union CITS meeting 8 March 2019 Geneva Status report of the GRVA activities Context, current activities and impact François.
Progress report of GRSG informal group
Informal document GRSG Rev.1
Software Update - Type approval related issues -
Overview of the recommendations on cyber security
Overview of the recommendations on software updates
Highlights of the 177th WP.29 session and
Informal document GRSG
Working Party on General Safety Provisions (GRSG) General information
Issues identified in connection with the work of TF-CS/OTA
Status report on the activities of TF-CS/OTA
Inputs Regard to “Test Phase” to TFCS
A proposal for approach to proceed work in Cybersecurity TF
ACSF B2 and C2 Industry expectations from ACSF IG Tokyo meeting
Summary on initial findings
Access to data requirementS
Transmitted by the experts of IWG ASEP
1) Application of Cybersecurity Regulation for new registrations
FIA position on Lifecycle of a vehicle type* vs. Lifetime of a vehicle
EDR/DSSAD IWG Status Report
Presentation transcript:

Status report on the activities of TF-CS/OTA Transmitted by the Secretary of TF-CS/OTA Status report on the activities of TF-CS/OTA UNECE - Joint meeting of WP.1 and WP.29/GRRF 20 September 2017,UN Palais des Nations, Geneva

Status report on the activities of TF-CS/OTA Overview on Task Force – Cyber Security and Software updates (incl. over-the-air issues) Start of activity: 21 December 2016 Co-Chair: Mr. Darren Handley (UK/DfT) Mr. Tetsuya Niikuni (Japan/NTSEL) Secretary: Mr. Jens Schenkenberger(OICA/Hyundai) Participants: Contracting Parties (AU, BE, CN, EC, EG*, FR, DE, JP, KR, NL, NO, RU*, ES, SE, CH, UK, US), NGO (ITU, FIA, CITA, IRU, ISO, SAE, OICA, CLEPA) Participation: Type approval and cyber security experts approx. 30 people per meeting Mandate: until Dec. 2017 * No active participation yet

Status report on the activities of TF-CS/OTA Scope of TF-CS/OTA Data protection Cyber Security Software updates Legal aspects Security aspects Security aspects Type approval aspects Safety aspects pre- registration post- registration out of scope Threat analysis Table of threats Develop recommendation for safe execution Develop flow diagram Define mitigation principles Define approval method Develop guidance/recommendation for ITS/AD

Status report on the activities of TF-CS/OTA Cyber security: The reference model shall be: - the vehicle including: its hardware its software data held on the vehicle its internal communications its interfaces with external communication systems/ functions (e.g. V2X and emergency comms) and devices (e.g. USB, CD etc) vehicle functions/systems that use wireless communications (e.g. TPMS, keyless entry) - support servers which directly communicate with the vehicle - diagnostic / maintenance systems Furthermore, it shall incorporate the information flow and the vehicle lifecycle. German “Reference Architecture Model Automotive”

Status report on the activities of TF-CS/OTA Cyber security (continued): The group has identified key risks and threats, resulting in a table of threats. It includes threats associated with cyber security, data protection and software updates (incl. over-the-air issues) The group agreed to consider “pre attack” (prevention), “during attack” (detection) and “post attack” (response) Reference documents identified for mitigations are : ENISA report „Cyber Security and Resilience of Smart Cars” TFCS-03-09 UK DfT Cyber Security principles TFCS-03-07 NHTSA Cyber Security Guideline TFCS-03-08 IPA “Approaches for Vehicle Information Security” (Japan) TFCS-04-05 UNECE Cyber security guideline (ITS/AD) WP.29/2017/46 SAE J 3061 ISO 19790 ISO 26262 US Auto ISAC (report by Booz Allen Hamilton) https://www.automotiveisac.com/best-practices

Status report on the activities of TF-CS/OTA Cyber security (continued): Mitigations for the threats identified had been developed, based on an extended CIA approach (CIA = Confidentiality, Integrity, Availability) leading to 18 mitigations During the development of the mitigations the references, especially the ITS/AD cyber security guideline principles, the UK DfT principles for cyber security had been considered The detailed outcome of the threat analysis, including the identified mitigations and correlating principles are comprised in a spread sheet (see document TFCS-08-03) Note: This document will be finally confirmed by the group at the 8th session of TF-CS/OTA The Consolidated Resolution (R.E. 3), already incorporating the ITS/AD guideline on Cyber Security for Connected and Automated , was identified by the group as a suitable document to incorporate the outcome on cyber security. Recommendations will be given accordingly.

Status report on the activities of TF-CS/OTA Software updates: The group agreed that systems with „deep learning/self learning“ is currently out of scope The group is considering both pre- and post-registration updates, as well as safety aspects of software updates It was acknowledged by the group that post-registration updates are dealt with nationally. Therefore any output relating to this issue will be as guidance to support national processes.

Status report on the activities of TF-CS/OTA Software updates (continued): - The group defined a matrix for necessary actions depending on the timing of a software update and its impact on an approval moment of update no impact limited impact severe impact Initial type approval (TA) not applicable Existing TA, before Certificate of Conformity (CoC) no action extension TA new TA Existing TA, after CoC, before registration extension TA and new CoC new TA and new CoC Existing TA, after registration, by OEM extension TA or individual approval or approval with limited scope. Registration according to national rules new TA or individual approval or approval with limited scope. Registration according to national rules Existing TA, after registration, not by OEM (multi stage) new National approval. Registration according to national rules

Status report on the activities of TF-CS/OTA Software updates (continued): The introduction of a Regulation-linked Software Identification Number (=> RxSWIN) was agreed by the group. Currently different views on introducing the number: in each relevant Regulation vs. introducing a standalone “Software Regulation” The SWIN concept should support following use cases: Type approval, Periodical Technical Inspection (PTI), Roadside inspection, Market surveillance and Accident investigation Principle: Cover the type approval relevant software versions of all impacted ECUs by one Type Approval Number for each system type approval.

Status report on the activities of TF-CS/OTA Timeline: TF-CS/OTA is well „on track“ to deliver guidance papers/ recommendations on the cyber security and software updates as planned for IWG ITS/AD in March 2018. However, the group may whish to extend the mandate by six month in order to finalize its work in January 2018 an to be in existance when presenting the outcome to WP.29 IWG ITS/AD. End of original mandate End of potentially extended mandate Ad hoc „SWU2“ 27 Sep. 2017 TFCS-08 Tokyo 11-12 Oct. 2017 TFCS-09 Paris 09-10 Nov. 2017 ITS/ADGeneva Nov 2017 Ad hoc „Recom“ Dec. 2017 TFCS-10 UK or D 16-17 Jan. 2018 ITS/ADGeneva March 2018 Dec. 2017 Jun. 2018 Agree status report for ITS/AD Status report Finalize and adopt recommendation papers Presentation of recommendation papers Commonize position on S/W Updates Adopt CS/M table; Agree format for recommendations

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.