Presentation is loading. Please wait.

Presentation is loading. Please wait.

Outcome TFCS-05 // May OICA, Paris

Published byBrianne Parks Modified over 6 years ago

Similar presentations

Presentation on theme: "Outcome TFCS-05 // May OICA, Paris"— Presentation transcript:

1 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
ISO/SAE update on their activities on cyber security Overview presented by OICA/CLEPA (see TFCS-05-12) 4 project groups working on different fields Main targets: uniform definitions min. requirements on security engineering process, activities and criteria for assessment describe state-of-the-art of automotive security engineering for E/E development - 1st draft (WD) aimed for vote in February 2018 - Publication of ISO/SAE expected by October 2019 OICA/CLEPA will update TF-CS/OTA on regular basis in order to ensure coodination of groups

2 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Definitions FIA presentation (TFCS-05-11) on definitions for data protection, data privacy, authorized access and more. ITU offered to contribute to definitions (see TFCS-05-17) Definitions to be reviewed once used for the working document on respective topics

3 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Reference Model regarding Cyber Security TFCS-05 agreed to add “lifecycle” and the “information flow” to the reference model Presentation by Germany (TFCS-05-13) on a “Reference Architecture Model Automotive”

4 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Cyber security threat analysis: Table of threats modified to clarify spoofing to include the example of GPS messages (request by France) The group noted that the scope of the threats identified is wider than just connected/automated vehicles (=> ITS/AD guideline) The format and content of the table was agreed. The table will now be used as basis for the future work on mitigations (TFCS Rev1)

5 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Mitigations: Based on the Japanese proposal the group agreed to consider: Pre attack (prevention) During attack (detection) Post attack (response) OICA will apply an „extended CIA“ approach for mitigations to the threats listed in the table (TFCS Rev1), Note: CIA = Confidentiality, Integrity, Availability Japan will consider mitigations for individual threats and reference these to the UNECE Cyber Security guideline principles and UK DfT principles ITU agreed to consider software aspects more => Target is to identify a way forward to define mitigations

6 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Mitigations (continued): Reference documents identified were: ENISA report „Cyber Security and Resilience of Smart Cars” TFCS-03-09 UK DfT Cyber Security principles TFCS-03-07 NHTSA Cyber Security Guideline TFCS-03-08 IPA “Approaches for Vehicle Information Security” (Japan) TFCS-04-05 UNECE Cyber security guideline (ITS/AD) WP.29/2017/46 SAE J 3061 ISO 26262 US Auto ISAC (report by Booz Allen Hamilton) - Any other relevant documents shall be shared/identified within the group (depending on copyright restrictions)

7 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Software updates: Presentation by Japan (TFCS-05-06): Proposal that TF-CS/OTA should focus for post-registration S/W updates on technical issues, rather than mandatory administrative provisions OICA/CLEPA presentation on S/W updates (TFCS-05-08), related to software configuration control and approval process FIA input on a process for software updates (TFCS-05-11) The group agreed to use the OICA/CLEPA presentation as its basis for further work => Participants to provide comments/input on TFCS-05-08

8 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Software updates (continued): The group agreed that systems with „deep learning/self learning“ is currently out of scope It was noted that an electronic CoC/DoC may be needed Consideration should be given to the work on the so called „ACSF TAN“ (see UNECE GRRF IWG ACSF: document ACSF-08-10) as a possibility to address software approval/ software version identification Furthermore, the task force shall give considerations to safety aspects and security of software updates and may review ITU recommendation X.1373 (Secure software update capability for ITS communication devices)

9 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Action items for next session: Cyber security (mitigations): Japan to provide table of threats adding mitigations as proposed on slide 9 of TFCS-05-07 OICA/CLEPA to prepare table of threats with „extended CIA“ approach for identification of mitigations ITU will consider software mitigations further Other additional thoughts are welcome All to share additional references to be considered for mitigations Software updates: Japan to update the group on their considerations

10 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Action items for next session (continued): Software updates: All participants to provide feedback on approval process and configuration control in order to develop more detailed proposals Input shall be sent to: and, if OICA/CLEPA documents concerned, in copy

11 Outcome TFCS-05 // 10-11 May 2017 @ OICA, Paris
Next meetings: TFCS June Washington DC TIA (Arlington, VA) TFCS August Europe (NL/UK/F ?) date confirmed venue tbd TFCS October Tokyo date confirmed exact place (building) tbd

Download ppt "Outcome TFCS-05 // May OICA, Paris"

Similar presentations

Privacy and Security for the HES Gateway Presentation and discussion for SC25 WG1 By: Ludo Bertsch and Tim Schoechle Arlington, USA April 24, 2013 SC25/WG1-N1620.

Privacy and Security for the HES Gateway Presentation and discussion for SC25 WG1 By: Ludo Bertsch and Tim Schoechle Arlington, USA April 24, 2013 SC25/WG1-N1620.
1 Item 2.1.b of the agenda IT Governance in the ESS and related issues Renewal of mandates STNE Adam WROŃSKI Eurostat, Unit B5.

1 Item 2.1.b of the agenda IT Governance in the ESS and related issues Renewal of mandates STNE Adam WROŃSKI Eurostat, Unit B5.
FIA MOBILITY & TOURISM Gerd Preuss, FIA Representative at UNECE, WP 29 Protection Against Mileage Fraud Current Status in ITS-AD 110 th GRSG Meeting Geneva,

FIA MOBILITY & TOURISM Gerd Preuss, FIA Representative at UNECE, WP 29 Protection Against Mileage Fraud Current Status in ITS-AD 110 th GRSG Meeting Geneva,
Status report on the activities of TF-CS/OTA

Status report on the activities of TF-CS/OTA
Suggestion for Summarizing Process of the Principles

Suggestion for Summarizing Process of the Principles
Comments on 18 mitigations proposed by OICA(TFCS-06-11)

Comments on 18 mitigations proposed by OICA(TFCS-06-11)
Co-Sponsors: China, Japan, EU and US 59th Session GRSP May 9-13, 2016

Co-Sponsors: China, Japan, EU and US 59th Session GRSP May 9-13, 2016
Status report on the activities of TF-CS/OTA

Status report on the activities of TF-CS/OTA
30-31, August 2017 Den Hague, Netherlands)

30-31, August 2017 Den Hague, Netherlands)
Main problems of NL proposal for UN Software Regulation

Main problems of NL proposal for UN Software Regulation
Case studies on software update

Case studies on software update
OICA input on software updates to UN TF CS/OTA

OICA input on software updates to UN TF CS/OTA
Submitted by the expert form Japan Document No. ITS/AD-09-12

Submitted by the expert form Japan Document No. ITS/AD-09-12
Chair: Jin Seop Park, Republic of Korea Secretary: Thomas Kinsky, OICA

Chair: Jin Seop Park, Republic of Korea Secretary: Thomas Kinsky, OICA
Concept of ACSF TAN (Type Approval Number)

Concept of ACSF TAN (Type Approval Number)
Outcome TFCS-04 // March ITU, Geneva

Outcome TFCS-04 // March ITU, Geneva
Suggestion on software update

Suggestion on software update
Informal document GRE Rev.1

Informal document GRE Rev.1
Outcome TFCS-07 // August NH Den Haag, NL

Outcome TFCS-07 // August NH Den Haag, NL
Outcome TFCS-11// February Washington DC

Outcome TFCS-11// February Washington DC

Similar presentations

Ads by Google