Telemetries and Data | ISO/SAE 21434 and WP.29 CSMS

TEAM UPSTREAM

Collecting vehicle telemetries and vehicle data is super-important for securing the vehicle in post-production. The reason is that in post-production, we need to protect the vehicle against attacks that were known at the time of the vehicle development, but also against new attacks that were unknown while the vehicle was developed. And these new attacks are result of new attack techniques and new services that are being introduced to the market.

This is why CSMS actually requires the OEM to detect cyber attacks based on vehicle logs. And if you look specifically
at the requirement, in CSMS, it’s required to have detection, a centralized detection system that is based on vehicle logs, detects cyber attacks, and provides a response within a reasonable timeframe to these attacks.

In the Vehicle Type requirements, it’s required to secure critical elements in the vehicle, but also to emit meaningful telemetry that will enable this type of post-production detection for vehicles while they’re on the road.

And when you combine these two requirements, you get a very powerful way to detect attacks in a centralized manner as
part of the management system.

So, such a detection system really enables a very broad coverage of the threats listed in Annex 5 of the WP.29, but also because you collect telemetries from millions of vehicles, you really can create a very strong baseline that describes the normal
behavior of the vehicle and have an effective anomaly detection system that can also help detect unknown attacks.

Lastly, when you collect lots of telemetries, you can not only detect the attack, but you can apply forensics and really detect the root cause of the attack.

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Upstream、日本での事業拡大のため元富士通幹部を迎える

佐藤俊也は、日本におけるUpstreamの成長加速の陣頭指揮をとります。 Upstreamは、2024年グローバルモビリティサイバーセキュリティ報告書の日本語版�

More Details

Exploring Upstream’s Cybersecurity Report with Giuseppe Serio

The episode explores the latest developments in automotive cybersecurity, focusing on the Upstream Cybersecurity Threat Report for 2023. It highlights the importance of responsible disclosure…

More Details

IoT Cybersecurity in an Evolving Regulatory Landscape

The rising use of IoT devices has transformed operations in the mobility and automotive ecosystem. However, this expansion has also escalated the risks associated with…

More Details

Enhance Cybersecurity Investigations with Ocean AI by Upstream

In the fast-evolving world of automotive and mobility cybersecurity, Ocean AI by Upstream adds another tool to the toolkit used by analysts to identify and…

More Details

Can Your Radio Take Control of Your Truck?

Cybersecurity risks facing the automotive industry are rapidly evolving beyond ransomware attacks on fleets. Hackers can weaponize connected vehicles through a wide array of connected…

More Details

2024 グローバル自動車サイバーセキュリティレポートUpstreamのグローバル自動車

サイバーセキュリティレポートは、自動車サイバーセキュリティの状況に関する包括的な概要を提供します。Upstreamの研究者が数百件の自動車サイバ

More Details