7th International VDI Conference - Cyber Security for Vehicles

Dr. Markus Tschersich, Head of Security & Privacy Research and Governance, Continental AG, Germany

• Impact on processes
• Impact on risk management
• Technical impacts on vehicles

Pierre Gachon, Cybersecurity Expert Leader, Groupe Renault, France

• How UNECE (IEC 21434) not only affects processes but also technology innovation
• Robustness of ADAS against adversarial attacks on AI-based systems
• What cyber security can do for AI & vice versa

Michael Eisenbarth, Head of Cyber Security Research Lab, ZF Friedrichshafen AG, Germany

• Implementing the requirements in our policies & procedures
• Applying the requirements to components developed out-of-context
• Practical experience & challenges

Timo van Roermund, Director Automotive Security, NXP Semiconductors, Germany

• CSMS as a connector between Vehicle and IT World
• ISMS/CSMS/QMS – differentiation and comparability
• Automotive-SMS – a combination approach to use synergies

Alexander Ersoy, Head of Automotive Cybersecurity Regulations & Policies,
Miriam Gruber, Chief Security Architect, both: CARIAD, Germany

• Cyber Security in SDVs and ICVs – The Trends and Challenges
• Security Architecture for ICVs – A Multilayered, Multi-dimension Approach
• Standards and Ecosystem in China Domestic Market

David Yu, VP of Engineering, AICC Silicon Valley, AICC Inc., USA

• Security protocols, e.g. authentication, key establishment or key transport, are at the heart of modern communication systems
• Careful design of a security protocol is crucial: Flawed protocols cause severe vulnerabilities which completely destroy security even in the case of a perfect implementation or an unbroken cryptosystem
• Guidelines & best practices for building security protocols, useful also for the automotive domain, which avoid the most common mistakes

Dr. Josef Wagenhuber, Specialist Development, BMW Group, Germany

• MACsec can protect many more messages than other solutions – does this make it the best solution?
• What key exchange options exist & what are their implications
• Finding the missing pieces – startup performance & optimization options

Dr. Lars Völker, Technical Fellow, Technica Engineering GmbH, Germany

Directly engage with international experts in these highly interactive sessions. Discuss current challenges, needs, and solutions with your peers!

• Optimal Integration of Security in a Company, Stefan Römmele, Head of Security & Privacy Competence Center, Continental AG, Germany
• Requirements & Needs for Future Security Architectures, Miriam Gruber, Chief Security Architect, CARIAD, Germany
• Automated Security Testing in Agile Product Development, Rakshith Amarnath, R&D Project Lead, Robert Bosch GmbH, Germany

• Challenges that have prevented the broad adoption of automotive IDS in the industry
• The standardized technical infrastructure & protocols for IDS released with the latest AUTOSAR version
• The opportunity for reducing the cost & effort for implementing automotive IDS

Dr. Eduard Metzker, Principal Solution Manager, Vector Informatik GmbH, Germany

• Scarcity of published work on intrusion detection in cars, in particular for service-oriented communication
• Discussion of selected challenges & opportunities for intrusion detection in SOME/IP
• Proposal of an architecture for a SOME/IP intrusion detection system, discussion of its security properties & report of preliminary experimental results

Dr. Paul Duplys, Program Lead „Security, Privacy & Safety“ & Senior Manager, co-author: Tobias Gehrmann, Security Researcher, all: Robert Bosch GmbH, Germany

• Overview: C-ITS Security (as part of overall vehicle cyber security)
• Overview of intrusion & anomaly detection in C-ITS
• Principles and framework(s)

Tim Leinmüller, Manager Corporate R&D, Denso International Europe, Germany

• Cloud based infrastructure for connected vehicles & security issues
• Privacy & security of cloud based services & impact on automotive areas
• Tools for & attacks on cloud based infrastructures
• Role of regulations

Dr. Hosnieh Rafiee, Mainframe Group / Security Expert in Automotive, Cloud & IT Systems, Volkswagen AG, Germany

• 64% see data privacy as a criterion when buying a new car
• In practice most modern cars do not implement privacy by design
• How to improve privacy in vehicles with organizational & technical measures

Florian Stahl, Principal Consultant, msg systems ag, Germany

• Model-based engineering
• Homogenization of ITS standards
• Ecosystem or system of system viewpoint

Dr. Christophe Jouvray, Product Cybersecurity Regulation & Norms Manager, Valeo SA, Antonio Kung, CEO, Trialog, all: France

• Project consortium, three industries: automotive, railway & aeronautics
• Project approach: cyber security add-ons to all phases of product’s lifecycle
• Project outcomes: secure and supervised architecture, validation methodology
• Focus on Computer Aided Risk Analysis & autonomous car use case

Dr. Witold Klaudel, Research Project Leader, co-author: Dr. Artur Rataj, Senior Researcher, both: Institute for Technological Research (IRT) SystemX, France

• Automating automotive cyber security risk identification & assessment
• Reuse of assets & upkeep of threat information
• Identification of attack paths & rating of attack likelihood

Christoph Schmittner, Safety & Security Engineering, AIT Austrian Institute of Technology GmbH, Austria

• Introduction & motivation of security monitoring & secure operation centers for vehicle fleets
• Challenges in incidence response for safety critical systems; translation of fail-safe and fail-operational concepts to incidence response
• Exemplification of the incidence response processes containment, recovery & eradication for vehicles

Prof. Dr. Falk Langer, Team Manager Connected Software Systems & Services, co-author: Lukas Stahlbock, Systems Engineer, all: IAV GmbH, Germany

• Demonstration of a real life investigation of a vehicle security incident
• See how threat intelligence is used as a data source in the investigation rather than just a mechanism for alerts

Adi Dubin, Director of Product Management, Argus Cyber Security Ltd., Israel

• What is an ISAC & how does the Auto-ISAC work?  
• Success stories from the Auto-ISAC & examples of sharing within the AutoISAC

Robert Kaster, Chief Technical Expert, Dr. Martin Emele, VP Cybersecurity, both Robert Bosch LLC., Auto-ISAC Global Task Force Europe Chair, USA

• Need for a new, comprehensive approach to automotive cybersecurity lifecycle management that enables harmonized communication across the entire ecosystem.
• Proposal of a practical, uncomplicated approach to cybersecurity lifecycle management that enables vertical integration, empowers OEMs & Tier 1s to own every step of the security lifecycle & equips them with the agility required to identify & respond to attacks quickly

David Mor Ofek, Productmanager, C2A Security, Jersusalem, Isreal