Ensuring vehicle cybersecurity across its lifecycle is required both by the WP.29 regulation and by the ISO/SAE standard. And doing that is actually a challenging task because it requires multiple players to collaborate across the vehicles’ lifetime, which is very long, and could be between 10 and 15 years.
So how do you do that?
Well, from our experience, there are a few methods that can help achieve this goal.
First is security by design: So, when you develop the vehicle, you need to apply TARA and have a secure development process, but you also need to make sure that meaningful telemetry is emitted, that will enable later detection in post-production, of existing and new cyber attacks. And, you also need to apply cybersecurity management on your supply chain.
Additionally, you need to have a centralized detection system for post-production. Such a detection system can collect logs from vehicles, communication channels, and backend systems, and this way, enables strong detection for a wide range of threats as listed in Annex 5 of the WP.29 regulation. And lastly, you need to have an automotive-specific threat feed.
Such a threat feed should be used by the OEM, the service providers, and the supply chain. And this can supply a good source of threats related to the vehicle and to the mobility service that can help the OEM, connectivity service provider, and the supply chain to create meaningful mitigations within a short period of time.
Protecting Electric Vehicles: Modern Cybersecurity Solutions and the Road to Revenue
There is much to enjoy in the performance of electric vehicles and advanced features of electric vehicles, yet each connected capability such as GPS, mobile…More Details
Protecting Commercial Vehicles: Continuous Operation and Uptime Amidst Cybersecurity Threats
Read about how a multi-layered cloud-based approach can protect today’s commercial vehicles while streamlining data processes.More Details
Cybersecurity for Connected Vehicles: From Cost Centre to Value Centre
OEMs are relying on their connected vehicles to drive them from “Car Co’s” to “Tech Co’s”.More Details
Upstream Detects a Critical Vulnerability in Linux-Based Head Units
Read about how Upstream’s AutoThreat® Intelligence team works to hunt threats that are hiding in the surface, deep, and dark web- allowing you to meet…More Details
What is Upstream’s AutoThreat® Intelligence?
Upstream’s AutoThreat® Intelligence is the automotive industry’s leading cyber threat intelligence and risk assessment solution. It is purpose-built to collect, analyze, and leverage automotive tMore Details
How AutoThreat® Supports Automotive Cybersecurity
AutoThreat’s® automotive-focused analysts scour the surface, deep, and dark web for incidents that matter most to the automotive ecosystem. Together, our researchers combine both manual…More Details