30-31, August 2017 Den Hague, Netherlands)

Slides:



Advertisements
Similar presentations
SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.
Advertisements

T.Russell Shields, Co-Chair, Collaboration on ITS Communication Standards Martin Adolph, Programme Coordinator, ITU ITU activities on secure vehicle software.
FIA MOBILITY & TOURISM Gerd Preuss, FIA Representative at UNECE, WP 29 Protection Against Mileage Fraud Current Status in ITS-AD 110 th GRSG Meeting Geneva,
Status report on the activities of TF-CS/OTA
Principles Identified - UK DfT -
Suggestion for Summarizing Process of the Principles
Outcome TFCS-05 // May OICA, Paris
Comments on 18 mitigations proposed by OICA(TFCS-06-11)
Status report on the activities of TF-CS/OTA
Main problems of NL proposal for UN Software Regulation
Case studies on software update
OICA input on software updates to UN TF CS/OTA
Support- IRDiRC Proposed Work Plan And Communication Strategy
Japan proposal on schedule
Outcome TFCS-04 // March ITU, Geneva
Suggestion on software update
UNR116 splitting Informal document GRSG
Outcome TFCS-07 // August NH Den Haag, NL
Outcome TFCS-11// February Washington DC
Status report on the activities of TF-CS/OTA
Outcome TFCS-11// February Washington DC
Japan proposal on schedule
Proposal for Next Actions - Based on Threats Table Approach -
Final Report of TF-CS/OTA September The Amba Hotel, London
Outcome of TFCS-12 - summary slides - (detailed meeting minutes will be provided separately) April The Shilla Seoul, ROK.
Transmitted by the IWVTA Informal Group
Mitigation Principles PROPOSAL OICA/CLEPA
Working Party on General Safety Provisions (GRSG) General information
Summary of software update progress
Japan’s proposal for security regulation
Working Party on General Safety Provisions (GRSG) General information
Working Party on Automated/Autonomous and Connected Vehicles (GRVA)
Status report on the activities of TF-CS/OTA
Outcome TFCS-06 // June TIA, Arlington/VA (USA)
Informal document GRVA nd GRVA, 28 Jan Feb. 2019
2009 TIMELINE PROJECT PLANNING 12 Months Example text Jan Feb March
Status report from UNECE Task Force on Cyber Security &
Transmitted by the IWVTA Informal Group
Discussion of OBD2 by “Correspondence Group” Japan’s proposal
IEEE IMT-Advanced Review Process
LAMAS Working Group June 2016
Japan’s opinion on SWIN
New Assessment & Test Methods
Informal document GRVA st GRVA, September 2018
IEEE IMT-Advanced Review Process
Task Force – Cyber Security, Data Protection and Over-the-Air issues
Status report of TF-CS/OTA
Progress Report GRE TF AVSR
Why a „test phase“? Overview
Progress report of GRSG informal group
Informal document GRE Rev.1
Security in SDR & cognitive radio
Informal document GRSG Rev.1
Software Update - Type approval related issues -
Overview of the recommendations on software updates
Informal document GRSG
Working Party on General Safety Provisions (GRSG) General information
Informal document GRE-80-0X
Issues identified in connection with the work of TF-CS/OTA
Status report on the activities of TF-CS/OTA
Inputs Regard to “Test Phase” to TFCS
Progress Report GRE TF AVSR
2009 TIMELINE PROJECT PLANNING 12 Months Example text Jan Feb March
A proposal for approach to proceed work in Cybersecurity TF
SLR-21-08/Rev Transmitted by The International Automotive Lighting and Light-signalling Expert Group Preparation of a detailed proposal concerning.
Palais des Nations, Geneva
ACSF B2 and C2 Industry expectations from ACSF IG Tokyo meeting
Japan CS/OTA 15th session, Geneva 27-28, August 2019
Access to data requirementS
EDR/DSSAD IWG Status Report
Presentation transcript:

30-31, August 2017 Den Hague, Netherlands) <Discussion point> How the position of CSTF’s recommendation can be given in WP29? Japan (Security TF of ITS/AD 30-31, August 2017 Den Hague, Netherlands)

Remind:Outcome TFCS-06 @ TIA, Arlington/VA (USA) Mitigations: OICA/CLEPA introduced proposal for “extended CIA” approach with corresponding mitigations defined (see document TFCS-06-11: > mitigations based on threats identified in the table > 18 mitigations identified Based on comments from ITU/NICT the 18 mitigations in combination with the UK DfT principles had been reviewed The group reviewed the threat table accordingly and cross checked the 18 mitigations with the ITS/AD guideline principles in order to identify necessary amendments/additions

Remind:Outcome TFCS-06 @ TIA, Arlington/VA (USA) Mitigations (continued): The group agree to clarify the terms „Software“, „Data“, „Messages“, „Configuration“ and „Information“ Reference document added: ISO 19790 „Security requirements for cryptographic modules“ An ad hoc meeting „Mitigations“ was agreed (mid/end July – doodle poll) to review the table of threats with mitigations by OICA, ITS/AD principles, UK DfT Principles and NL comments on the OICA/CLEPA mitigations in order to conclude on the mitigations > CS/OTA ad hoc "Mitigations„ Web meeting (3rd, Aug. 2017), 31 of threats were reviewed and modified

Toward finalizing CSTF’s work How can we appeal the recommendation to public through the system of WP29? For example, “Guideline on cybersecurity and data protection” by ITS/AD was combined to “Consolidated Resolution on the Construction of Vehicles (R.E.3) ” 11, July 2017. R.E.3 is an official document of WP29 and is accessible for everyone (includes manufacturer).

Contents of ITS/AD’s guideline and CSTF’s recommendation The security guideline by ITS/AD (Annex 6 to Resolution 6) The recommendation(mitigation) by CSTF Reference model Not covered Covered Possible attack, threats to the systems Mitigations, Security controls Principles Similar in many parts

Possible instruction for ITS/AD on the recommendation document To replace the recommendation to Annex 6 of Resolution 6. Resolution 6 (administrated by GRSG?) Annex 6 Security guideline by ITS/AD Remind: steps for the amendment of annex 6 Proposal by CSTF to ITS/AD Adoption by ITS/AD, proposal by ITS/AD to WP29 Adoption by WP29, request by WP29 to GRSG(? administration body of Resolution 6) This plan depends on ITS/AD’s decision.

Schedule(TBD) 2017 2018 F 2 M 3 A 4 5 J 6 7 8 Sep. (9) Oct. (10) Nov. (11) Dec. (12) Jan. (1) Feb. (2) Mar. (3) ★2/16-17 TF#3@Paris ★5/10-11 TF#5@Paris ★8/30-31 TF#7@NL ★11/9-10 TF#9@Europe? ★3/13-14 TF#4@Geneva ★6/13-14 TF#6@Washington ★10/11-12 TF#8@Tokyo ★12/x TF#10 @xx Drafting recommendation ☆11/16 ITS/AD #13 ☆March ITS/AD #14 The CSTF’s document will be reviewed in March(2018) and its position will be given in later sessions.

Proposal of interim approach The position of CSTF’s document (e.g. endorsement as a formal document) depends on ITS/AD’s decision. Until its position is clarified, the CSTF’s document could be posted as a “referable document” on the WP29’s website. (Proposal) As an interim approach, CSTF may ask ITS/AD to store the CSTF’s document in a dedicated stationary folder which everyone can access to.

Proposal of interim approach Advantage: People can refer the CSTF’s document soon. The CSTF’s document can be modified flexibly when its position is fixed. No need to compromise with the ITS/AD’s guideline Disadvantage: Some task will be left after CSTF is closed.   e.g. To modify the CSTF’s recommendation as a guideline or to amend the ITS/AD’s guideline.

Then, matched/unmatched items were identified. Reminder: Process of Matching between the threats and the principles Japan worked on matching between the threats and the existing principles. The point of matching was that the “principles” can mitigate the “threats” on the table. Then, matched/unmatched items were identified. 26 items 86 items Threats Principles + 8 items by UK DfT

Proposal of next actions Reminder: Proposal of next actions Items listed on the threat analysis table (TFCS-05-05-Rev1) - Total 86 items - Conditions of existing principles (ITS/AD, UK DfT) Proposed Next Actions 62 items Existing principles are applicable. (UK DfT could cover more.) Review the matching / Modification of principles (If necessary) 24 items Existing principles are NOT applicable. Reference/Development of principles (Mitigations to justify the principles are necessary) 0(Zero) items 12 principles are unmatched (1 principle by UK DfT is unmatched.) Reasoning for these principles (Principles for data protection will be majority. Responses in post attack should be considered.) The count is ITS/AD guideline basis.

Recommended contents of “Recommendation” The security guideline by ITS/AD (Annex 6 to Resolution 6) The recommendation(mitigation) by CSTF Reference model Not covered Covered Possible attack, threats to the systems Mitigations, Security controls Principles Similar in many parts Japan recommends this area to be reflected on the “Recommendation” . The “Mitigations” provide concrete security control to follow “Principles”. We should take care that “Mitigations” are recommended security controls and are NOT regulations. (The “Mitigations” are providing flexibilities on vehicle design.)

In addition, Japan needs time to peer at “Mitigations” until #8 session of CSTF because “Mitigations” will be the most major output in the recommendation.

Threat: Spoofing of messages (e. g. 802 Threat: Spoofing of messages (e.g. 802.11p V2X during platooning, GPS messages, etc.) by impersonation Principle: (ITSAD) 2.4.4 Online Services for remote access into connected vehicles and vehicles with ADT should have a strong mutual authentication of messages and assure secure communication (confidential and integrity protected) between the involved entities. Mitigation: Messages processed by a receiving vehicle shall be Authenticated and Integrity protected. Controls may include: o Message authentication for all messages received. o Encryption for communications containing sensitive data. o Techniques to prevent replay attacks, such as timestamping and use of freshness values o Use of techniques for integrity checking, such as hashing, secure protocols and packet filtering. o Session management policies to avoid session hijacking o consitency checks using other vehicle sensors (e.g. temperature, radar…)