– Hi Tobias, welcome to Upstream’s Tech Talk series. I’m Fay from Upstream security, and we offer the first cloud-based cybersecurity solution, that’s purpose-built to protect connected vehicles and smart mobility services from cyber threats and misuse through the use of data. I’ll be the host of this Upstream Tech Talk and I’m gonna hand it over to you to introduce yourself real quick.
– Thank you Fay for having me here and to be part of that interview. So my name is Tobias, I am the Head of Solutions and Architecture in Automotive and Manufacturing for Fujitsu, the Central Region. So when I’m working with Fujitsu since four years now in helping up delivering our near automotive solutions to our customers. So that the big ambition of Fujitsu in the moment is to transform to a DX company. And one of the major blocks or major, in those three is we are focusing on at the moment, is bringing the new services to automotive mobility and manufacturing because of the industry challenges, which means dealing with mobility data or AVs, autonomous driving and all that stuff. So we are focusing on new platforms that could be integrated very easily in the environments of OEMs to help them in move very fast, forward in this new direction. This is what we as Fujitsu are doing and investing a lot in these new ITs and technologies.
– And this new direction that OEMs are leading to have a lot to do with this digital transformation of the automotive ecosystem. So there’s a lot of changes and a lot of additions that need to be made in their traditional security apparatuses or their SOCs in order to accommodate these new security challenges. Is it possible for an OEM to integrate or shift their already existing enterprise SOC into one that, you know, deals with these new challenges of automotive cybersecurity and shift it into maybe a VSOC?
– This is a very good question, we have this question internally as well. So if, if let’s say a common IT SOC is able to deal with this? Firstly yes, you have to know about security operations and how to operate the Z model, which is good. So in terms of the processes behind the regulation, because doing security operation means you have to be very careful, we have to have good processes and analyzing skills. On the other hand, we are talking about totally new mobility solutions. You know, the chain of, we have to cover in VSOC is from the car, from the ECU to the software in the car between entertainment system, assistance systems and as well, the other software in the entertainment system, to the telematics server, to the mobile application. So this is a quite very new space and which is very complex. And there’s another topic where it’s very important, you know, how long are, how many years are using your, your smartphone, two years or three years? The car today is used 10 to 15 years. And can you imagine having after every three or five years, a new generation of the car with this complexity, and this has to be managed in the future from a security perspective, in terms of all this kind of complexity attach services, any, any kind of assistant drive modules, any kind of modularity in the car. So you have types, you have what I mean at the end, so this complexity is quite new and we have to cover the whole ecosystem, which means this has to be a trusted environment at all, for the end customer and for the user and for the OEM as well.
– So I know, you know, you mentioned that there needs to be that understanding and that, that, that recognizing these challenges. And I know that’s something that Upstream and Fujitsu are working on. We’re working on, with and in partnership to help OEMs recognize those challenges and overcome them and help them with this integration. Can you elaborate a little bit more on what that looks like?
– Yeah, as I said before, in my introduction, what we’re doing right now, we are, we are working on a new framework for OEMs and dealing with the data in the middle of all of these services. This means data utilizing, but as well, remote software update, functionalities and OTA. These are our main core, let’s say development activities we are doing. So, and if you are delivering these services, it’s really needed to have a very good security solution on top of that to say, “Okay, the services and the data flow and the needs of all my communication topics are running around is, is okay.” So, therefore, setting up a new security, innovative security solutions on top of our services is really important. And that’s why we choose Upstream as our global strategic partner in making our portfolio more comprehensive, and to make sure that we are able to deliver a really secure package to our customer.
– Could we dive in a little bit deeper into that? So I know that, you know, when it comes to our collaboration, we’re working, you know, with utilizing our Upstream detection abilities, when it comes to cyber threats and mixing that with your CM offerings and tradition, you know, transitioning the data that we’re, you know, getting from these cars to the OEMs for specific use cases that may benefit the OEMs. Can you touch a little bit more on, in that process, obviously, without giving away any industry secrets, but kind of discuss a little bit more on how that works. Cause that really answers the question of that challenge of converting this enterprise SOC into something that’s a lot more useful, which would be, you know, utilizing the same or similar SEM possibilities, but now utilizing them with, through the data that’s being gained from vehicles. Is that something that you can dive a little bit deeper into?
– Yeah, the biggest challenge is to deal with the analytics on top of that, because what we are doing is looking for anomalies. So there was no, you know, dealing with predefined rules that we have in the, the SEM and the SOC today is not the thing that we have any more in the future for, for the VSOC. So we have to deal with unpredicted threats and therefore we are building with your solutions and our solution, with AI solutions, with robotics, a comprehensive solution that which enables us to, to, to, to understand the threats much more better than dealing with predefined and hard-coded regulations in the IT SOC. So we have to look forward and we have to deal with threats we don’t know in the moment. So this is so important and that’s why we are enhancing your solutions with other analytics and robotics solutions as well, to understand the threats, to, to define countermeasures and as well to automate this quite new style of security operations.
– Beautiful, well thank you so much Tobias for joining us today. And I look forward to working with you in the future.
– It was a pleasure Fay, many thanks. Have a nice day.
– You too.