Presentation is loading. Please wait.

Presentation is loading. Please wait.

Connected Car – Cybersecurity Update

Published byEsther Stafford Modified over 5 years ago

Similar presentations

Presentation on theme: "Connected Car – Cybersecurity Update"— Presentation transcript:

1 Connected Car – Cybersecurity Update
Carroll Gray-Preston VP Innovation and Strategic Initiatives ATIS Denis Niles R&D Leader, Cybersecurity Autonomous Vehicles TELUS 8 March, 2019

2 Technology Focus Areas
About ATIS Technology Focus Areas Critical Infrastructure Critical Communications Vertical Industry Collaboration Interdomain Solutions & Interconnection 5G Technologies NFV and Cloud Networks Network Evolution Security, Trust and Privacy Industry Numbering Ordering and Billing Internet of Things ATIS strategic initiatives and solutions/standards work progresses new business opportunities, solves common industry challenges, and creates a platform for collaboration with other industries. Membership made up of ICT companies including Network operators/service providers, software/hardware vendors, application providers, & government Members innovate and compete “on top of” ATIS’ foundational work Collaborative efforts across industries can lead to greater scale and customer adoption

3 Disrupting the Current Cybersecurity Model for Vehicle OEMs
Since the publication of our white paper in August 2017, TELUS and ATIS have been engaging various cybersecurity companies, defining the Collaborative Cybersecurity framework for the Vehicle OEMs To deal with the new realities of cybersecurity threats, the current models to protect various vertical industries are not sufficient - close collaboration is not only the best way forward but a must in terms of developing and applying a new disruptive model that serves the interests of all players involved A collaborative approach is needed to achieve a “WIN-WIN” outcome Image as published in

4 Perceived Hurdles For Not Sharing Information
There are many reasons why vehicle OEMs would not want to collaborate with each other. Some probable points of contention include… Issues of TRUST. Simply put, the OEMs have a distrust of sharing information. Legal issues. Sharing information may or could be seen as damaging to the company. Long standing ingrained corporate policy not to share information & collaborate. Not the type of behavior the company is used to. Difficult to change the corporate culture. Not convinced that sharing information & collaboration will serve their interests. Don’t understand the value of sharing cybersecurity information. Misguidedly believe that individual cybersecurity tech investments are much better than what any combined efforts can achieve. Suspicious of other OEMs and their motives to collaborate vis-à-vis cybersecurity. Don’t believe that their cybersecurity costs will actually go down.

5 Individual Cybersecurity Programs = Advantages
Vehicle OEMs cannot compete on cybersecurity strategies - any cybersecurity advantage is a perceived one and a very short-lived one at the best of times. Vehicle OEM “X” Vehicle OEM “X” advertises its vehicles as the safest Vehicle OEM “X” gets hit with a major attack due to a bug in its s/w Damaging events of OEM “X” repeat themselves for vehicle OEMs “Y” and “Z” as time moves forward. It is not a question of “IF” but rather “WHEN” other OEMs get hit with a similar attack. Customer confidence Revenue/Profits Government scrutiny, Investigations, Audits, Lawsuits Vehicle OEM “X” recovery is slow & costly Vehicle OEM “Y” Vehicle OEM “Z” Sales + - Sometimes, recovery is next to impossible When vehicle OEMs think their respective cybersecurity program is the best amongst its peers, this is where the problems begin whereas OEMs are pitted against each other for the wrong reasons. Time

6 Example : Collaborative Cybersecurity App Store Module = + Risk & Cost aspects
When a bad-acting or potentially harmful applications are discovered by one OEM, all other vehicle OEMs immediately benefit from this information thus the risk is much lower when all OEMs collaborate in the shared program Risk is always kept at its lowest based on the continuous real-time findings from all OEMs in the shared program Interestingly, when vehicle OEMs limit their cybersecurity costs by sharing information and working together with respect to bad applications, the net benefit for OEMs is that it actually increases the security position for their individual companies and products Cybersecurity app costs go down due to collaborative approach, and the fact that the same organization running the Bug Bounty program would also run the App Store cybersecurity program intensifies/multiplies the cost reductions for all vehicle OEMs A collaborative program means that there is actually more money in the overall combined cybersecurity bucket to deal with bad applications which also means that the collaborative program can… Hire the best and most experienced people to deal with bad applications Support more research into limiting the impact of potentially harmful applications Acquire and/or develop the best tools to find and address cybersecurity application issues Test & evaluate new app-related cybersecurity strategies & technologies Create and design a significantly more secure connected and autonomous vehicle… especially where it concerns governments & consumers

7 Connected Vehicle Security Framework
Unmanaged Environment where device & connectivity are NOT controlled by Telcos Managed Environment which includes Managed Connectivity External Domain Connected-Vehicle Domain or End-Point Network Domain Backend Systems or Cloud Domain NFC, Bluetooth, Public & Private WiFi Data Acquisition Vehicle Management, Registration and Control Edge Processing & Transformation Layered Secure Connectivity Platforms Data Aggregation, Abstraction & Accumulation Application & Analytics Business System & Processes Vehicle ECUs Internal & Local Communication Telco Managed Layered Security LTE Vehicle OEM Backend or Cloud Systems HSS SGW Mobile Devices & WiFi Services OTA Since the publication of our white paper that proposes a Collaborative Cybersecurity model, TELUS and ATIS have been engaging various partners, defining the framework An effective cybersecurity framework must address the many possible communications paths to the connected vehicle.  securing the communication paths outside of the vehicle but also securing the environment that makes up the internal vehicle platform. Framework needs to address End-to-end security internal to the vehicle platform. (This includes OEMs and their suppliers, including software and hardware suppliers along the critical data and communication paths within the vehicle.)  In addition to cyber attacks directed against the vehicle, it is also possible for attacks to be directed against the cloud-based platforms that offer connected vehicle services.  Require End-to-end security from outside the vehicle as it communicates with the cloud, with specific servers or with individuals.  MME PGW PCRF End-Point security for Connected-Vehicle Antenna & LTE Wireless Base Station Evolved Packet Core Network MPLS Core Network Internet An end-to-end security framework that encompasses the connected vehicle, network, and back-end system domains

8 Key Framework Elements
Threat Intelligence Hardware Security Software Security Network Security Cloud Security Working with Trend Micro we have developed the Threat Intelligence component of the Security framework Key capabilities include: Threat Engine Up-to-date Global Threat Intelligence feeds Bug Bounty Program TELUS engaging 5GAA to enlist their participation and support for program Trustonic has committed to provide expertise around TEE ARM has committed to participate and provide their expertise related to Tier 1 vehicle OEM suppliers So Where are we? Working with Trend Micro we have defined the Threat Intelligence component of the security framework Key capabilities include Threat Hunting Engine that delivers up-to-date global threat Intelligence collection and feeds to the OEM Security Operation Centers (SOC). incorporates multi-channel data analytics for analysis and correlation to generate threats knowledge For Hardware security we have been working with ARM and they have committed to participate and provide their expertise with the Tier 1 vehicle OEM suppliers. ARM – has developed a multi-threaded Automotive Enhanced (AE) CPU (Cortex-A76AE) designed for devices requiring high throughput and safety critical tasks – like ADAS(advanced drive assistance) and Autonomous Vehicle systems Trustonic has committed to provide their expertise around their Trusted Execution environment, Trustonic currently works with multiple partners such as Harman, Delphi, Mediatech, LSI, Samsung, etc…Their TEE tech is embedded in a number of vehicle OEM In-Vehicle Infotainment (IVI) systems Other discussions - TELUS as a member of 5GAA is engaging them to enlist their participation and support for program “By PresentationGO.com“

9 Threat Intelligence Components
Shared Analytics for... Central OP Center for Cyber Data Ingestion & Analysis For All Vehicle OEMs Zero Days Trends Targeted software modules Hardware specific Cybersecurity Supplier/Partner ranking Most persistent attackers H/W component specific S/W service modules Unknowns Learnings & Strategic Direction Success rates of stopping & containing Time to identify Time to intercept Time to remediate Success rates of attacks Most effective models Shape Next Cyber Tech Strategy Threat engine ratings for OEMs Threat Intelligence Output Example Bug Bounty Data From All Vehicle OEMs Individual Vehicle OEM Cybersecurity OPs Data Vehicle OEM H/W & S/W Modules - Partner Cyber Test Data Log Data from All OEM Connected Vehicles

10 Threat Intelligence Data Flow Model
Connected Vehicles Cybersecurity Operations Center for All Vehicle OEMs Threat Intelligence Vehicle OEM Bug Bounty logs Cyber Bugs reported by all vehicle OEMs from individual Bug Bounty Programs Threat Hunting Multi-Channel data analytics Up-to-date Global Threat Intelligence feeds Unknown threat hunting Suspicious logs ECU21 ECU22 ECU23 Internal GW logs Suspicious logs ECU11 ECU12 ECU13 Suspicious logs logs SIEM/Data Lake External GW DCM ECU01 ECU02 ECU03 Global Threat Intelligence Collection Engine Meta data inquiry API PLC ITS BT WI-FI OBDII Our proposed 1st deliverable includes an advanced cloud-based threat intelligence and analysis engine: Threat Intelligence collection engine … gathers global threat intelligence feeds produces analytics to identify the attack and its source qualifies and prioritizes the risk determines a course of action to counter the threat and/or attack Solution also includes a “Security Client” which loads on critical ECUs like the Transmission Control Unit (TCU) Central GW (CGW) - central communication node, which acts as a router (for in-vehicle communication and through the CCU to the outside) and is the gate for all data coming into the vehicle In vehicle infotainment (IVI) Security client monitors and protects ECU’s from potential risks, including data theft and ransomware attacks. ensures firmware integrity takes action on its own locally for things like preventing “known” malware from loading, etc… Input From Multiple Different Sources Alerts Updates Patches Fixes Individual Vehicle OEM Cybersecurity OP Centers Vehicle OEM S/W and H/W Partners Dark Web Cybersecurity University Researchers Threat Intelligence Companies Connected Vehicle Honeypots

11 Collaborative Cybersecurity Program - Key Milestones
Initial meetings with Cybersecurity companies Engage Network Operators Collaborative program guidelines defined Begin Engaging Vehicle OEM’s Dec/Jan 15 Mar 12 Apr Apr Nov/Dec 21 Jan 5 Apr Continue discussions with targeted partners Key framework elements defined Program Proposal Complete By mid March we are aiming to have all the key framework elements defined and the partners identified With the partners in place our goal is to have the program proposal complete in early April so we can begin talking to the vehicle OEM’s Program proposal will include the technical description of each framework component and proposed priority for delivery

Download ppt "Connected Car – Cybersecurity Update"

Similar presentations

© 2012 IBM Corporation IBM Israel Software Lab (ILSL( Daniel Yellin, Director March 2013.

© 2012 IBM Corporation IBM Israel Software Lab (ILSL( Daniel Yellin, Director March 2013.
1. 2 IT innovations in specialized areas where competitors will have difficulty copying Excellence in design of processes and activities and how they.

1. 2 IT innovations in specialized areas where competitors will have difficulty copying Excellence in design of processes and activities and how they.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
HP Network and Service Provider Business Unit Sebastiano Tevarotto February 2003.

HP Network and Service Provider Business Unit Sebastiano Tevarotto February 2003.
Department of Internal Affairs Disrupting Government Service Models Tim Occleshaw Government Chief Technology Officer Service and System Transformation.

Department of Internal Affairs Disrupting Government Service Models Tim Occleshaw Government Chief Technology Officer Service and System Transformation.
 Remote monitoring and management (RMM), also known as network management or remote service software, is a built on application to help managed IT service.

 Remote monitoring and management (RMM), also known as network management or remote service software, is a built on application to help managed IT service.
Azure Stack Foundation

Azure Stack Foundation
Broadband Challenges 2017 Christopher Tamarin

Broadband Challenges 2017 Christopher Tamarin
The time to address enterprise mobility is now

The time to address enterprise mobility is now
Service Assurance in the Age of Virtualization

Service Assurance in the Age of Virtualization
Chapter 6: Securing the Cloud

Chapter 6: Securing the Cloud
3 Do you monitor for unauthorized intrusion activity?

3 Do you monitor for unauthorized intrusion activity?
JD Edwards EnterpriseOne In-Memory Sales Advisor

JD Edwards EnterpriseOne In-Memory Sales Advisor
ATIS Priorities and Initiatives Susan Miller, President & CEO, ATIS

ATIS Priorities and Initiatives Susan Miller, President & CEO, ATIS
Security of In-Vehicle Software

Security of In-Vehicle Software
Consolidated M2M standards boost the industry

Consolidated M2M standards boost the industry
Hybrid Management and Security

Hybrid Management and Security
Attention CFOs How to tighten your belt and still survive May 18, 2017.

Attention CFOs How to tighten your belt and still survive May 18, 2017.

Similar presentations

Ads by Google