Workshop

Trustable Connected Vehicles – Measureable Security and Privacy for Smart Cars

Please note, that this event takes place in English.

In case you prefer the german Version of this site, click here.

Trustable Connected Vehicles - VDI-Workshop

Smart cars have become vital already and their usage will even further increase in the near future. Cars are not only connected to other vehicles but also to infrastructure and to the internet offering new services and enabling new functions. As a matter of fact, these new options evoke new security and safety challenges and threats that will have to be taken into account.

A structured security and privacy analysis is required

Over the last few years a few smart cars have already been attacked by specialists. These attacks can lead to massive safety issues for the passenger as well as for other road users. To avoid such attacks structured security and privacy analyses leading to strong and comprehensive security concepts for future smart cars are required.

During the workshop “Trustable Connected Vehicles- Measureable Security and Privacy for Smart Cars” participants will learn about different approaches of how to analyze the security of cyber-physical systems, about the DEWI security metrics and corresponding case studies and about trustability as a key enabler for IoT. Participants are invited to present their own contributions and all topics will be discussed within the group.

Topics of the Workshop

This workshop will cover the following topics:

  • Introduction on measurable security
  • Case Study: Security concept enabling efficient and trustworthy wireless SW updates
  • Measurable security and privacy for smart cars
  • Trustability as key enabler for IoT
  • Summary „trustable connected smart cars“

Wednesday, July 5, 2017

08:30

Registration & welcome coffee

09:30

Opening Speech ConCarExpo at the ConCar Forum Stage:

Autonomous Driving, Digital Infrastructure & Mobility Solutions as Key Drivers for the Automotive Industry

Johannes Jungwirth, Chief Digital Officer, Volkswagen AG, Germany

10:10

Chair´s welcome and opening address

Dr.-Ing. H. Gregor Molter

I. Safety, Security & Privacy

10:15

No Need to fight the Cyber War alone! Auto-ISAC  an Information sharing for Vehicles Cyber Security

  • Auto-ISAC and its five important cornerstones
  • Collaboration instead of competition: Unique benefits for members
  • The glance into the crystal ball: Auto-ISAC and the future of cyber security

Faye Francy, Executive Director, Automotive ISAC, USA

10:45

Pay or Stay! Ransomware against modern Vehicles

  • Why are large-scale vehicle security attacks (still) seldom in real life?
  • What is ransomware? Can it become a serious threat to modern vehicles?
  • How can vehicles effectively protect against ransomware attacks?

Dr.-Ing. Marko Wolf, Head of Consulting & Engineering, co-author: Robert Lambert, both: ESCRYPT GmbH – Embedded Security, Germany

11:15

Development Department as a Hacker Space

  • Only real automotive hacks should drive product development
  • Vulnerabilities in the light of unintended and overlooked behavior
  • Procedures and guidelines are mandatory but insufficient
  • Hacker and “hacker” tools for vehicles are not available off the shelf 
  • The benefit of security in development departments is speed

Dipl.-Ing. Jürgen Belz, Senior Consultant Safety & Security, PROMETO GmbH, Germany

11:45

Networking & coffee break

12:15

Panel Discussion – The Triangle of Safety,  Security and Privacy and the Tensions between them:

How do we know that they exist and how can we simultaneously optimize the three of them?

Panelists:

Dr.-Ing. Marko Wolf, ESCRYPT GmbH – Embedded Security
Rasmus Robrahn, Independent Centre for Privacy Protection Schleswig-Holstein Daimler (invited)

13:15

 Lunch & visit of the accompanying trade fair ConCarExpo

II. Vehicle Connectivity

15:00

Features of automotive Ethernet: A Security Perspective

  • Automotive ethernet physics
  • Features of modern automotive switches
  • Secure network design

Dr. Olaf Krieger, Development Engineer for Ethernet- and IP-based in-vehicle Networks, Volkswagen AG, Germany

15:30

OTA Updates – What can go wrong?

  • Concept and examples
  • Threats and challenges
  • Recommendation and best practices

Roger Ordman, Director Marketing, HARMAN Connected Services, Israel

16:00

Networking & coffee break

16:30

Message Authentication – Challenges and Attack Surface

  • How message authentication is used to secure in-vehicle networks
  • Challenges for deploying message authentication on production vehicles
  • Practical attacks which can be used to circumvent the protection offered by message authentication

Yuval Weisglass, Sr. Director, R&D, Automotive Cybersecurity – TowerSec, HARMAN Connected Car, Israel

III. On-Board Security Challenges

17:00

Performance of Cryptography in AUTOSAR based ECUs

  • Performance of cryptography on state of the art MCUs
  • Integration of modern crypto systems in AUTOSAR
  • Incorporation of HSMs into automotive ECUs

André Himmighofen M.Sc., Project Manager, easycore GmbH, Germany

17:30

Chair´s remarks

17:45

Evening Keynote on the ConCar Forum Stage:

Volvo Cars Development of Autonomous Electrified Vehicles in Cooperation with Uber

Kent Melin, Senior Technical Leader, Electrical System Design, Volvo, Sweden

18:30

End of conference day one

Get-together with Participants of all parallel Conferences

At the end of the first conference day we kindly invite you to use the relaxed and informal atmosphere for in-depth conversations with other participants and Speakers.

Thursday, July 6, 2017

III. On-Board Security Challenges

09:15

Example of Security Integration with E/E Architecture

  • Cyber security requires some overhead and OEM needs to have solution
  • Standardization would be an important aspect to reduce complexity
  • E/E architecture level approach to mitigate security risk could be important
  • Software oriented architecture will be important for future including security aspect
  • New business model in software would require more security features

Kenji Hontani, Technical General Manager, Toyota Motor Europe NV/SA, Belgium

09:45

Usage of a Trusted Platform Module (TPM) to secure the central Gateway

  • Role and requested functionality of the central gateway in a generic vehicle security architecture
  • Suggestions regarding a potential security system partitioning (EVITA Hardware Security Module HSM & Trusted Platform Module TPM)
  • Possible application of a TPM in the central gateway for on-board key generation & management, protected authentication of code updates as well as authorization of diagnosis access
  • Summary of the benefits of the proposed system partitioning

Dr.-Ing. Florian Schreiner, Dipl.-Phys. Martin Klimke, Dipl.-Ing. Björn Steurich, all: Infineon Technologies AG, Germany

IV. The Security Perspective on major automotive Trends

10:15

Blockchain – The Technology the automotive Industry has been waiting for?

  • Most influential blockchains
  • Properties of blockchain technology
  • Automotive blockchain use cases

Dr. Mathias Dehm, Head of Security & Privacy Research for Digital Services, co-author: David Noack, both: Continental Teves AG & Co. oHG, Germany

10:45

Networking & coffee break

11:30

Cyber Security in the Era of automotive Technology Disruption

  • Present the impact associated with cyber security  
  • Discuss the advent of disruption and how it contributes or helps the Problem
  • Discuss collaboration efforts and status

Henry Bzeih BSEE/MBA, Managing Director, Connected & Mobility, KIA MOTORS AMERICA, USA

12:00

Roundtables: The IT Security Perspective on major automotive Trends

Organizational Information: All conference attendees find  their roundtable numbers on their conference ticket: Please only  visit the tables with your personal numbers so that all tables will be frequented equally.

13:00

Lunch & visit of the accompanying trade fair ConCarExpo

14:45

Electric Vehicles, Artificial Intelligence and huge  Amounts of Data:

What happens at Faraday Future in  regard to IT Security?

Michael Brouwer, Director & Chief Security Architect, Faraday Future, USA

V. Towards a more secure Automobile: Learning from other Industries

15:15

Cyber Security from a global Players‘ Perspective

  • Threat intelligence for safety critical customers
  • Customer threats and requirements
  • The manufacturer perspective in the security process of Airbus

Michael Gerhards, Head of CyberSecurity, Airbus, Cassidian CyberSecurity GmbH, Germany

15:45

Cyber Insurance for industrial Control Systems: A comparative Examination of Market Development

  • Understanding cyber risk for insurers
  • The cyber insurance market and policy development in Germany
  • International state of play in the US, UK and Switzerland

Dr. Tim Stuchtey, Executive Director, Brandenburg Institute for Society  and Security, Tyson Barker, Program Director and Fellow, Aspen Institute,  both: Germany

16:15

A Survey of Healthcare Cyber Security Practices: What can be learned from one of the most targeted Industries?

  • Understanding the new world order of cyber security
  • Challenges to securing complex systems and organizations
  • Applying healthcare lessons learned to autonomous vehicle cyber security
  • Developing a path forward

John Gomez, CEO, Sensato Cybersecurity Solutions, USA

16:45

Farewell coffee in the accompanying trade fair ConCarExpo

17:00

End of conference

Who should attend this international Workshop?

This workshop on trustable connected vehicles primarily addresses managers interested in trustable connected smart cars. Also engineers, technologists, IT specialists, IoT experts, suppliers and solution providers from:

  • Automotive industry
  • Car IT industry

will benefit from this workshop.

Benefit from our Package Price: Conference + Workshop

Secure your personal package price by booking the international Conference “IT Security for Vehicles” in combination with the international Workshop “Trustable Connected Vehicles – Measureable Security and Privacy for Smart Cars”which will take place the day prior to the conference on July 4, 2017.

 (Please note that the number of participants is limited. Registrations and individual parts and segments of the workshop are subject to confirmation. Contributions 5–10 min are appreciated.)