Connected Car – Cybersecurity Update

Slides:



Advertisements
Similar presentations
© 2012 IBM Corporation IBM Israel Software Lab (ILSL( Daniel Yellin, Director March 2013.
Advertisements

1. 2 IT innovations in specialized areas where competitors will have difficulty copying Excellence in design of processes and activities and how they.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
HP Network and Service Provider Business Unit Sebastiano Tevarotto February 2003.
Department of Internal Affairs Disrupting Government Service Models Tim Occleshaw Government Chief Technology Officer Service and System Transformation.
 Remote monitoring and management (RMM), also known as network management or remote service software, is a built on application to help managed IT service.
Azure Stack Foundation
Broadband Challenges 2017 Christopher Tamarin
The time to address enterprise mobility is now
Service Assurance in the Age of Virtualization
Chapter 6: Securing the Cloud
3 Do you monitor for unauthorized intrusion activity?
JD Edwards EnterpriseOne In-Memory Sales Advisor
ATIS Priorities and Initiatives Susan Miller, President & CEO, ATIS
Security of In-Vehicle Software
Consolidated M2M standards boost the industry
Hybrid Management and Security
Attention CFOs How to tighten your belt and still survive May 18, 2017.
Digital Workplace.
Real-time protection for web sites and web apps against ATTACKS
2 ATIS 5G OVERVIEW ATIS launched its 5G Ad Hoc in 2015 to advance regulatory imperatives, deliver an evolutionary path, address co-existence of technologies,
SAMPLE Develop a Comprehensive Competency Framework
Building the foundations for innovation
Active Cyber Security, OnDemand
ASSET - Automotive Software cyber SEcuriTy
How Smart Networks are Changing Corporate Networks
Senior Management Leadership Programme Review and next steps
Digital Disruption An ISP take on trends and possibilities
Speaker’s Name, SAP Month 00, 2017
Intel® network builders university
Get Real Value and Insights from Your Data: Biin Solutions Provides Predictive Analytics, IoT, and Business Intelligence with Microsoft Azure Power MICROSOFT.
MEF 3.0.
Standards for success in city IT and construction projects
Challenges for the European Automotive Software Industry
Built on the Powerful Microsoft Azure Platform, Lievestro Delivers Care Information, Capacity Management Solutions to Hospitals, Medical Field MICROSOFT.
CIS 500Competitive Success/tutorialrank.com
CIS 500 Education for Service-- tutorialrank.com.
5G Security Training
Making Information Security Manageable with GRC
Consulting Services for IoT
Michael Nawrocki, Vice President of Technology and Solutions ATIS
Digital Transformation Asia 2018 – CALL FOR SPEAKERS
Improving Vehicle Cybersecurity: ICT Industry Experience & Perspectives Denis Niles Senior Mobile & IoT Security Specialist Wireless Devices & Applications.
CUSTOMER RELATIONSHIP MANAGEMENT CONCEPTS AND TECHNOLOGIES
Securing the Internet of Things: Key Insights and Best Practices Across the Industry Theresa Bui Revon IoT Cloud Strategy.
Carl Data Solutions Collects Utility Sensor and Meter Data to Provide Advanced Reporting, Alarming, and Analytics with Microsoft Azure MICROSOFT AZURE.
Securing the Threats of Tomorrow, Today.
WIS Strategy – WIS 2.0 Submitted by: Matteo Dell’Acqua(CBS) (Doc 5b)
Cloud computing Technology: innovation. Points  Cloud Computing and Social Network Sites have become major trends not only in business but also in various.
Cloud computing Technology: innovation. Points  Cloud Computing and Social Network Sites have become major trends not only in business but also in various.
Cybersecurity ATD technical
Information Technology Services Strategic Directions
SOUTH AFRICAN INSURANCE ASSOCIATION
ATIS Priorities and Initiatives Susan Miller, President & CEO, ATIS
The People Ready Vision for Business in the Enterprise
Information Technology Services Strategic Directions
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Automating Profitable Growth™
GRC - A Strategic Approach
KEY INITIATIVE Financial Data and Analytics
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
KEY INITIATIVE Financial Data and Analytics
KEY INITIATIVE Internal Control and Technical Accounting
Alliance for Telecommunications Industry Solutions (ATIS) Update
Wide Ideas Idea Management Software Idea Management Process
NACE International Update
Towards a frictionless social security
Cloud Computing for Wireless Networks
Presentation transcript:

Connected Car – Cybersecurity Update Carroll Gray-Preston VP Innovation and Strategic Initiatives ATIS Denis Niles R&D Leader, Cybersecurity Autonomous Vehicles TELUS 8 March, 2019

Technology Focus Areas About ATIS Technology Focus Areas Critical Infrastructure Critical Communications Vertical Industry Collaboration Interdomain Solutions & Interconnection 5G Technologies NFV and Cloud Networks Network Evolution Security, Trust and Privacy Industry Numbering Ordering and Billing Internet of Things ATIS strategic initiatives and solutions/standards work progresses new business opportunities, solves common industry challenges, and creates a platform for collaboration with other industries. Membership made up of ICT companies including Network operators/service providers, software/hardware vendors, application providers, & government Members innovate and compete “on top of” ATIS’ foundational work Collaborative efforts across industries can lead to greater scale and customer adoption

Disrupting the Current Cybersecurity Model for Vehicle OEMs Since the publication of our white paper in August 2017, TELUS and ATIS have been engaging various cybersecurity companies, defining the Collaborative Cybersecurity framework for the Vehicle OEMs To deal with the new realities of cybersecurity threats, the current models to protect various vertical industries are not sufficient - close collaboration is not only the best way forward but a must in terms of developing and applying a new disruptive model that serves the interests of all players involved A collaborative approach is needed to achieve a “WIN-WIN” outcome Image as published in https://www.pcquest.com/security-in-the-age-of-connected-cars/

Perceived Hurdles For Not Sharing Information There are many reasons why vehicle OEMs would not want to collaborate with each other. Some probable points of contention include… Issues of TRUST. Simply put, the OEMs have a distrust of sharing information. Legal issues. Sharing information may or could be seen as damaging to the company. Long standing ingrained corporate policy not to share information & collaborate. Not the type of behavior the company is used to. Difficult to change the corporate culture. Not convinced that sharing information & collaboration will serve their interests. Don’t understand the value of sharing cybersecurity information. Misguidedly believe that individual cybersecurity tech investments are much better than what any combined efforts can achieve. Suspicious of other OEMs and their motives to collaborate vis-à-vis cybersecurity. Don’t believe that their cybersecurity costs will actually go down.

Individual Cybersecurity Programs = Advantages Vehicle OEMs cannot compete on cybersecurity strategies - any cybersecurity advantage is a perceived one and a very short-lived one at the best of times. Vehicle OEM “X” Vehicle OEM “X” advertises its vehicles as the safest Vehicle OEM “X” gets hit with a major attack due to a bug in its s/w Damaging events of OEM “X” repeat themselves for vehicle OEMs “Y” and “Z” as time moves forward. It is not a question of “IF” but rather “WHEN” other OEMs get hit with a similar attack. Customer confidence Revenue/Profits Government scrutiny, Investigations, Audits, Lawsuits Vehicle OEM “X” recovery is slow & costly Vehicle OEM “Y” Vehicle OEM “Z” Sales + - Sometimes, recovery is next to impossible When vehicle OEMs think their respective cybersecurity program is the best amongst its peers, this is where the problems begin whereas OEMs are pitted against each other for the wrong reasons. Time

Example : Collaborative Cybersecurity App Store Module = + Risk & Cost aspects When a bad-acting or potentially harmful applications are discovered by one OEM, all other vehicle OEMs immediately benefit from this information thus the risk is much lower when all OEMs collaborate in the shared program Risk is always kept at its lowest based on the continuous real-time findings from all OEMs in the shared program Interestingly, when vehicle OEMs limit their cybersecurity costs by sharing information and working together with respect to bad applications, the net benefit for OEMs is that it actually increases the security position for their individual companies and products Cybersecurity app costs go down due to collaborative approach, and the fact that the same organization running the Bug Bounty program would also run the App Store cybersecurity program intensifies/multiplies the cost reductions for all vehicle OEMs A collaborative program means that there is actually more money in the overall combined cybersecurity bucket to deal with bad applications which also means that the collaborative program can… Hire the best and most experienced people to deal with bad applications Support more research into limiting the impact of potentially harmful applications Acquire and/or develop the best tools to find and address cybersecurity application issues Test & evaluate new app-related cybersecurity strategies & technologies Create and design a significantly more secure connected and autonomous vehicle… especially where it concerns governments & consumers

Connected Vehicle Security Framework Unmanaged Environment where device & connectivity are NOT controlled by Telcos Managed Environment which includes Managed Connectivity External Domain Connected-Vehicle Domain or End-Point Network Domain Backend Systems or Cloud Domain NFC, Bluetooth, Public & Private WiFi Data Acquisition Vehicle Management, Registration and Control Edge Processing & Transformation Layered Secure Connectivity Platforms Data Aggregation, Abstraction & Accumulation Application & Analytics Business System & Processes Vehicle ECUs Internal & Local Communication Telco Managed Layered Security LTE Vehicle OEM Backend or Cloud Systems HSS SGW Mobile Devices & WiFi Services OTA Since the publication of our white paper that proposes a Collaborative Cybersecurity model, TELUS and ATIS have been engaging various partners, defining the framework An effective cybersecurity framework must address the many possible communications paths to the connected vehicle.  securing the communication paths outside of the vehicle but also securing the environment that makes up the internal vehicle platform. Framework needs to address End-to-end security internal to the vehicle platform. (This includes OEMs and their suppliers, including software and hardware suppliers along the critical data and communication paths within the vehicle.)  In addition to cyber attacks directed against the vehicle, it is also possible for attacks to be directed against the cloud-based platforms that offer connected vehicle services.  Require End-to-end security from outside the vehicle as it communicates with the cloud, with specific servers or with individuals.  MME PGW PCRF End-Point security for Connected-Vehicle Antenna & LTE Wireless Base Station Evolved Packet Core Network MPLS Core Network Internet An end-to-end security framework that encompasses the connected vehicle, network, and back-end system domains

Key Framework Elements Threat Intelligence Hardware Security Software Security Network Security Cloud Security Working with Trend Micro we have developed the Threat Intelligence component of the Security framework Key capabilities include: Threat Engine Up-to-date Global Threat Intelligence feeds Bug Bounty Program TELUS engaging 5GAA to enlist their participation and support for program Trustonic has committed to provide expertise around TEE ARM has committed to participate and provide their expertise related to Tier 1 vehicle OEM suppliers So Where are we? Working with Trend Micro we have defined the Threat Intelligence component of the security framework Key capabilities include Threat Hunting Engine that delivers up-to-date global threat Intelligence collection and feeds to the OEM Security Operation Centers (SOC). incorporates multi-channel data analytics for analysis and correlation to generate threats knowledge For Hardware security we have been working with ARM and they have committed to participate and provide their expertise with the Tier 1 vehicle OEM suppliers. ARM – has developed a multi-threaded Automotive Enhanced (AE) CPU (Cortex-A76AE) designed for devices requiring high throughput and safety critical tasks – like ADAS(advanced drive assistance) and Autonomous Vehicle systems Trustonic has committed to provide their expertise around their Trusted Execution environment, Trustonic currently works with multiple partners such as Harman, Delphi, Mediatech, LSI, Samsung, etc…Their TEE tech is embedded in a number of vehicle OEM In-Vehicle Infotainment (IVI) systems Other discussions - TELUS as a member of 5GAA is engaging them to enlist their participation and support for program “By PresentationGO.com“

Threat Intelligence Components Shared Analytics for... Central OP Center for Cyber Data Ingestion & Analysis For All Vehicle OEMs Zero Days Trends Targeted software modules Hardware specific Cybersecurity Supplier/Partner ranking Most persistent attackers H/W component specific S/W service modules Unknowns Learnings & Strategic Direction Success rates of stopping & containing Time to identify Time to intercept Time to remediate Success rates of attacks Most effective models Shape Next Cyber Tech Strategy Threat engine ratings for OEMs Threat Intelligence Output Example Bug Bounty Data From All Vehicle OEMs Individual Vehicle OEM Cybersecurity OPs Data Vehicle OEM H/W & S/W Modules - Partner Cyber Test Data Log Data from All OEM Connected Vehicles

Threat Intelligence Data Flow Model Connected Vehicles Cybersecurity Operations Center for All Vehicle OEMs Threat Intelligence Vehicle OEM Bug Bounty logs Cyber Bugs reported by all vehicle OEMs from individual Bug Bounty Programs Threat Hunting Multi-Channel data analytics Up-to-date Global Threat Intelligence feeds Unknown threat hunting Suspicious logs ECU21 ECU22 ECU23 Internal GW logs Suspicious logs ECU11 ECU12 ECU13 Suspicious logs logs SIEM/Data Lake External GW DCM ECU01 ECU02 ECU03 Global Threat Intelligence Collection Engine Meta data inquiry API PLC ITS BT WI-FI OBDII Our proposed 1st deliverable includes an advanced cloud-based threat intelligence and analysis engine: Threat Intelligence collection engine … gathers global threat intelligence feeds produces analytics to identify the attack and its source qualifies and prioritizes the risk determines a course of action to counter the threat and/or attack Solution also includes a “Security Client” which loads on critical ECUs like the Transmission Control Unit (TCU) Central GW (CGW) - central communication node, which acts as a router (for in-vehicle communication and through the CCU to the outside) and is the gate for all data coming into the vehicle In vehicle infotainment (IVI) Security client monitors and protects ECU’s from potential risks, including data theft and ransomware attacks. ensures firmware integrity takes action on its own locally for things like preventing “known” malware from loading, etc… Input From Multiple Different Sources Alerts Updates Patches Fixes Individual Vehicle OEM Cybersecurity OP Centers Vehicle OEM S/W and H/W Partners Dark Web Cybersecurity University Researchers Threat Intelligence Companies Connected Vehicle Honeypots

Collaborative Cybersecurity Program - Key Milestones Initial meetings with Cybersecurity companies Engage Network Operators Collaborative program guidelines defined Begin Engaging Vehicle OEM’s Dec/Jan 15 Mar 12 Apr Apr Nov/Dec 21 Jan 5 Apr Continue discussions with targeted partners Key framework elements defined Program Proposal Complete By mid March we are aiming to have all the key framework elements defined and the partners identified With the partners in place our goal is to have the program proposal complete in early April so we can begin talking to the vehicle OEM’s Program proposal will include the technical description of each framework component and proposed priority for delivery