cyber security and the connected vehicle
play

Cyber Security and the Connected Vehicle How to adapt to the new - PowerPoint PPT Presentation

Jun 29, 2023 •782 likes •1.04k views

STEER Cyber Security and the Connected Vehicle How to adapt to the new age challenge S STEER Founded in 2016 by Automotive Cybersecurity Leaders with previous successful commercialization and acquisitions Proudly encouraging Focused on

  1. STEER Cyber Security and the Connected Vehicle How to adapt to the new age challenge S

  2. STEER Founded in 2016 by Automotive Cybersecurity Leaders with previous successful commercialization and acquisitions Proudly encouraging Focused on massively Headquartered in STEM activities and enabling secure self Columbia, Women in the driving cars Maryland Workforce

  3. The modern car ….a journey S 3

  4. What Automotive is Today 4

  5. Connected to Everything 5

  6. Cybersecurity S The art of protecting ones assets electronically, or electromechanically S Hacker vs Defender S Hacker Mentality S Look for easiest path in Unsecured entryways, unsecured interfaces, openings! S S Always trying to game the system S Reward driven S Defender mentality? 6

  7. Open exploitable surfaces • Bluetooth • WiFi DSRC (V2V) Short Range Comm • Near Field Communication • Sensors • LIDAR • RADAR • Camera • • OBD-II Tire Pressure Monitoring System • • USB Remote Keyless Entry • • Data Line for EVs 7

  8. 8

  9. How else can a Hacker Penetrate a System to Cause an Inadvertent Outcome? S Vehicle S Using peripheral devices (smart phones, Can/JBus devices, USB devices) S Sensors (tpms, radar, lidar, camera) S On-board telemaGcs S Fleet S From a compromised vehicle into the fleet management infrastructure S Service Network S From a secure, valid entry point by inserGng malware into the vehicle being serviced

  10. No Truck LeN Behind 2. Malware into Fleet Cloud undetected NOC Corporate IT network 3. Malware from Cloud into unsuspecting fleets Firewall Server 1. Malware from Vehicle into Fleet Cloud

  11. 2011-2016 Physical Attack Remote Attack S 2011: First physical hack on a car 10 by university researchers 8 S 2012: First OBD-II hack on car 6 S 2013: TPMS hack 4 S 2014: Radio hack 2 0 S 2015: Remote hack! 11

  12. 2015 – The Breakout year S First public demonstration of a S First time OEM $ value remote hack on a vehicle associated with lack of cyber security: S “No-physical-contact” attack S $1.4B in recall cost S $105MM in fines S First cyber security associated recall in automotive history! S First class action lawsuits S First NHTSA cyber security S First PR firms engaged to related fine! counter cyber security messages S First NHTSA action on Tier1! S First $$ spent for cyber damage! 12

  13. Need for Cyber Security • Brand reputation damage • Lawsuits • NHTSA fines • Recall costs • Board and top executives on-hook • Congressional hearings 13

  14. Need for Cyber Security (cont.) • Fear of loss of life • Penetration of back-end systems through vehicle • Penetration of other networks through vehicle • Trojanization of car! • Just waiting for the motivated attacker 14

  15. Hacker conquest list o Ford o Tesla o GM o Hyundai o BMW o Nissan o Toyota o Audi o Mercedes o Mitsubishi o FCA o VW o Honda 15

  16. How to solve the cyber security problem? S 16

  17. Automotive Development Cycle 17 Image source: Black Duck

  18. What the industry needs and, how to provide it S Cyber security must become an integral part of all offerings S It is a qualifier S Training programs that capture cross disciplinary domains S Incident Response 18

  19. Goal of Automotive Cybersecurity Training S Build cyber secure and robust electronics and systems inside out S Ready to face next gen of connected vehicles S Ready to face cyber adversaries, and cyber criminals S Ready to face connected automated and electrified vehicles S Ready to service and maintain all of the above in top shape with minimum vulnerabilities 19

  20. Cyber Security Training Strategy Corporate Training S Corporate Structure changes S S Processes Development, testing and Operations side S Data & Benchmark Testing S Service side training S Service –a real backdoor. S Technology Side S Best practices, Secure design, verification and validation to include security requirements S 20

  21. Corporate Structure S Correct posture on cyber security S Risk assessments and threat analysis S Hiring key talent for cyber security operations S Staff Certifications & Training 21

  22. Process S Cyber Security Framework: SAE J3061 S NHTSA Guidelines S ISAC bulletins S Secure Coding Practices S Incident Notification, Response and Handling 22

  23. Data & Benchmarking S Cyber security benchmark / T&E Framework S Vulnerability assessment cataloging S Gray/Black box testing data mining S Continuous Penetration Testing 23

  24. Summary S Cyber security is a necessity and not an add-on differentiator any more S Comprehensive cyber security needs comprehensive attention and 4-pronged approach S Several methodologies that can be applied internally, incrementally, and conclusively S Positive impact on cyber liability and cyber insurance 24

  25. Thank you! Anuja Sonalker, Ph.D anuja@steer-tech.com www.steer-tech.com S

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Desay's Cyber Security Initiative & Autonomous Vehicle

Desay's Cyber Security Initiative & Autonomous Vehicle

Desay's Cyber Security Initiative & Autonomous Vehicle Development D E S AY S V A U T O M O T I V E E w e Te i k E n g 2 9 M a r c h 2 0 1 8 Confidential Contents l INTRODUCTION l

1.1k views • 24 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy

CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy

Jens Thonke, EVP, Cyber Security Services Jyrki Rosenberg, EVP, Corporate Cyber Security CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy Family Connected home 2 F-Secure Capital Markets Day 2017

736 views • 19 slides
Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

1.07k views • 39 slides
Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web application weaknesses XSS AJAX weaknesses SQL Injection Attacks (Slides from Lars Olson)

588 views • 41 slides
Connected Corridor Initiative Roadmap to Near-Term Connected Vehicle Benefits Minnesota

Connected Corridor Initiative Roadmap to Near-Term Connected Vehicle Benefits Minnesota

Connected Corridor Initiative Roadmap to Near-Term Connected Vehicle Benefits Minnesota Department of Transportation October 31, 2019 Dan Rowe & Kevin Chan mndot.gov Why are we talking about CAV & Connected Corridor? 381 Program

309 views • 19 slides
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD students and employees)

359 views • 23 slides
Cyber Safety How to Stay Connected & Protected Overview Cybe Cyber r Fr Fraud aud &

Cyber Safety How to Stay Connected & Protected Overview Cybe Cyber r Fr Fraud aud &

Cyber Safety How to Stay Connected & Protected Overview Cybe Cyber r Fr Fraud aud & Cybe & Cybercri rcrime me Online Fraud and Cyber Scams Quiz What percent of people dont use a passcode for their smartphone? A. 10% B.

611 views • 30 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* * Preliminary programme, subject to revision/update status 16 December 2014 4 February 2015 Day 1: Cyber Security Readiness Registration KU

306 views • 4 slides
Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

16 Oct 2012 Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford Willke Cyber Security Advisor, MidAtlantic Region National Cyber Security Division (NCSD) Office of Cybersecurity and Communications

443 views • 20 slides
Redefining Mobility: Contra Costa Transportation Authoritys Connected Vehicle/ Autonomous

Redefining Mobility: Contra Costa Transportation Authoritys Connected Vehicle/ Autonomous

Redefining Mobility: Contra Costa Transportation Authoritys Connected Vehicle/ Autonomous Vehicle Summit Panel #1: National Vision for a Connected Future March 31, 2015 Kenneth Leonard Director, Intelligent Transportation System Joint

351 views • 21 slides
1 U.S. Department of Transportation Connected Vehicle Pilot Deployment Program U.S. Department

1 U.S. Department of Transportation Connected Vehicle Pilot Deployment Program U.S. Department

1 U.S. Department of Transportation Connected Vehicle Pilot Deployment Program U.S. Department of Transportation Announces up to $42 Million in Next Generation Connected Vehicle Technologies September 15, 2015 New York City Tampa, FL

1.24k views • 75 slides
Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs ! 3 properties ... Confidentiality (including personal data) Integrity Availability 2 -Sminaire LIRIMA: Cyber security: current

876 views • 64 slides
2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor, Region VII Office of Cybersecurity and Communications (CS&C) National Protection and Programs Directorate (NPPD) FOUO / UNCLASS Cyber Security

333 views • 12 slides
CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

Eric Weston Wally Magda, CISSP, PSP, CISA Compliance Auditor, Cyber Compliance Auditor, Cyber Security Security CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September 24-25, 2013 Salt Lake City, UT No

2.02k views • 198 slides
WELCOME TO HIGH PERFORMANCE-1 COACHING CERTIFICATION A COACHING JOURNEY Northern Ontario

WELCOME TO HIGH PERFORMANCE-1 COACHING CERTIFICATION A COACHING JOURNEY Northern Ontario

High Performance Coaching WELCOME TO HIGH PERFORMANCE-1 COACHING CERTIFICATION A COACHING JOURNEY Northern Ontario Hockey Association (NOHA) April 2014, Presentation HOCKEY CANADA SEMI-ANNUAL MEETING NOVEMBER 2013 All Head Coaches

356 views • 23 slides
WELCOME TO THE 10 TH ANNUAL BRANTFORD SPORTS COUNCIL BANQUET WEDNESDAY, FEB. 4 th , 2015

WELCOME TO THE 10 TH ANNUAL BRANTFORD SPORTS COUNCIL BANQUET WEDNESDAY, FEB. 4 th , 2015

WELCOME TO THE 10 TH ANNUAL BRANTFORD SPORTS COUNCIL BANQUET WEDNESDAY, FEB. 4 th , 2015 BRANTFORD SPORTS COUNCIL MEMBERS ORGANIZATIONS BRANTFORD MINOR LACROSSE BRANTFORD MINOR HOCKEY BRANTFORD MINOR SOFTBALL BRANTFORD CHURCH HOCKEY

1.43k views • 115 slides
Cross Country BC 2017 Club Development Workshop Case study: Do incentives and deadlines work? 2

Cross Country BC 2017 Club Development Workshop Case study: Do incentives and deadlines work? 2

Cross Country BC 2017 Club Development Workshop Case study: Do incentives and deadlines work? 2 Gold Star pass upgrade EXAMPLE (when buying your membership on Zone4) NEW OPTION : (in support of our ___ program) For $49, upgrade your pass

535 views • 18 slides
2017-2018 Review Cross Country Ski Ontario Grassroots to High Performance Top OST Performances

2017-2018 Review Cross Country Ski Ontario Grassroots to High Performance Top OST Performances

2017-2018 Review Cross Country Ski Ontario Grassroots to High Performance Top OST Performances YOB 2001 Eric Schlyter - 4 th in YOB Aggregate, within 2 points of IPB YOB 2000 Malcolm Thompson 3 points above IPB and good performances

514 views • 22 slides
Who is American Youth Football (AYF)? MISSION AND GOALS: Mission: Promote the wholesome

Who is American Youth Football (AYF)? MISSION AND GOALS: Mission: Promote the wholesome

Who is American Youth Football (AYF)? MISSION AND GOALS: Mission: Promote the wholesome development of youth through their association with adult leaders in the sport of American Football and Cheer. To provide a wholesome competitiveness within

518 views • 26 slides
Public Comment Period Public comment period for the MITT Draft SEIS is open from February 1,

Public Comment Period Public comment period for the MITT Draft SEIS is open from February 1,

Public Comment Period Public comment period for the MITT Draft SEIS is open from February 1, 2019 until April 17, 2019. A copy of the Draft MITT SEIS is available at https://mitt-eis.com/ The public is encouraged to submit substantive

443 views • 22 slides
Apps for Education Overview of AbilityNet DSA/Student Services : We have eight DSA Centres to

Apps for Education Overview of AbilityNet DSA/Student Services : We have eight DSA Centres to

Apps for Education Overview of AbilityNet DSA/Student Services : We have eight DSA Centres to help students Workplace Services: Workplace assessments across the UK Accessibility Services : Helping people to make websites, apps and

511 views • 28 slides
On-Site Assessment of Compliance On-Site Assessment of Compliance Monitoring - Gaseous Species

On-Site Assessment of Compliance On-Site Assessment of Compliance Monitoring - Gaseous Species

On-Site Assessment of Compliance On-Site Assessment of Compliance Monitoring - Gaseous Species Monitoring - Gaseous Species (Manual Methods) (Manual Methods) Dave Scott & Alan Leonard Dave Scott & Alan Leonard AEA Technology

599 views • 12 slides

More recommend