• Session No.38 Automotive Security Technology II (OS)
  • May 27Pacifico Yokohama North G418+G41914:55-16:10
  • Chair: Hiroshi Ueda (AutoNetworks Technologies / Sumitomo Electric Industries)
Contents
With the publication of ISO/SAE 21434, strengthening cybersecurity has become important. In this session, we will broadly discuss research, best practices, and technologies related to attacks, defense, and evaluation techniques in automotive security.
Committee
Cyber Security Technology Committee
Organizer
Ryo Kurachi (Nagoya University), Fumiaki Kouno (Suzuki Motor), Toshihisa Nakano (Panasonic Automotive Systems)
For presentations that will not be available video streaming after congress, a “✕” is displayed in the “Video” column, so please check.
No. Video Title・Author (Affiliation)
1

Strategic aspect of Crypto Agility

Dennis Kengo Oka (IAV Co. Ltd.)・Philipp Jungklass・Claude-Pascal Stoeber-Schmidt (IAV)

Cryptographic agility is crucial in the automotive sector due to threats from quantum computers and other factors like increased computing power, vulnerabilities in algorithms, and security bugs. It is a continuous process affecting a vehicle's entire service life, requiring updates to cryptographic algorithms. This article explores cryptographic agility's impact on vehicles, covering phases like development, production, and end customer usage. The focus is on ensuring security throughout the vehicle's lifecycle, adapting to evolving threats and technological advancements to maintain robust protection against potential security breaches.
2

Cybersecurity for Euro 7: Requirements, Risks and Technical Solutions for Next-Generation Vehicles

Dennis Kengo Oka (IAV Co. Ltd.)・Claude-Pascal Stoeber-Schmidt・Dustin Woertge・Philipp Jungklass (IAV)・Steve Peters (IAV Co. Ltd.)

The Euro 7 regulation imposes stricter vehicle emissions, durability, and data integrity requirements, emphasizing cybersecurity as crucial for compliance. With vehicles relying on interconnected ECUs, secure diagnostics, and on-board monitoring (OBM), protection against tampering and unauthorized access is vital. This paper examines Euro 7 cybersecurity obligations, focusing on anti-tampering, OBM data integrity, secure data transmission, software update security, and alignment with UNECE R155/R156. It highlights threat analysis, secure update processes, and the need for testing and vulnerability assessment of OBM and diagnostic interfaces. We explore regulatory and organizational frameworks and technical solutions to meet Euro 7 security expectations.
3

Penetration tests for guiding development

Claude-Pascal Stoeber-Schmidt・Yasare Agac・Christian Jess・Florian Look・Marco Siebert (IAV)・Dennis Kengo Oka・Takuya Nigoro (IAV Co. Ltd.)

This paper explores the integration of realistic penetration testing within development timelines, emphasizing the balance between thorough security assessments and project deadlines. It examines the expectations for results, highlighting the necessity for advanced methods, automation, and tools to streamline the process. The study discusses the benefits of early detection of vulnerabilities, which can enhance security and reduce post-release fixes, while also addressing potential disadvantages such as resource allocation and possible delays. By providing insights into effective penetration testing strategies during development, the paper aims to guide developers in optimizing security practices without compromising project timelines.
Back to Top