Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles

HARMAN International. Confidential. Copyright 2019. 1
HARMAN WEBINAR:
ENABLING SAFE, SECURE AND
ENRICHED DRIVING EXPERIENCES

©2017 HARMAN INTERNATIONAL INDUSTRIES, INCORPORATED
Domenico
RaguseoCTO for Italy, SPIGI, and CEE
IBM Security
Dom.Raguseo@it.ibm.com
Asaf Atzmon
Vice President & GM of Automotive
Cybersecurity
HARMAN International
Asaf.Atzmon@harman.com
TODAY’S SPEAKERS

THREAT MONITORING
AND AUTOMOTIVE-SOC

Security Strategy for Automotive
IBM Point ofView
Domenico Raguseo
August 2019
@domenicoraguseo
IBM Security / © 2019 IBM Corporation

Cybersecurity is a universal challenge
IBM Security / © 2019 IBM Corporation 5

Today’s instrumented and intelligent
1. Automobiles offer a plethora of driver
features
2. Risks associated with system and vehicle
security breaches, as well as concerns over
data privacy
3. Digital security must be infused into every
step of the manufacturing process

Help me…
From thousands of engagements across
the world, we’ve heard some common security
concerns.
What we’re hearing
from customers
Design a secure vehicle.
Design a secure infrastructure.
Harden the vehicle.
Create a trusted maintenance
ecosystem.
Enable new and trusted use
models.
Control the production environment.
Create a trusted supply chain.

Build a secure vehicle
When you connect experts and proven frameworks with
a deep understanding of business and compliance needs
What holds us back?
Secure production environments and trusted supply chains
are crucial to building a secure vehicle.
Manufacturing plants have
become increasingly automated
and reliant on information
technology to increase
productivity and quality.
The integrity of the IT
and production systems
and the facilities
themselves must be
assured.
Integrity of the automotive
components means preventing
counterfeit or malicious
components that jeopardize the
vehicle’s quality or safety from
entering the vehicle’s parts supply
chain.

• Understand the functions, applications, interfaces and protocols
associated with each system used in manufacturing.
• Have a codified security policy that guides implementation and
maintenance of critical assets.
• Implement access and security controls to protect the equipment
and data, guided by the security policy.
• Instrument systems to monitor events and perform analytics to
detect not only failures, but also suspicious activity potentially
indicating a security threat.
Create a trusted supply chain
• Where did the component originate? Who has had access to it
since it was created?
• Has the component been tampered with or altered?

Design security in
When you connect people, process, and
technologies with AI and continuous insights
Security Operations Consulting | Threat Management Services | Security Analytics | Response and Orchestration | Threat Hunting
What holds us back?
Design a SecureVehicle and a Secure Infrastructure
The R&D environment needs to
be secure and certified to
adhere to relevant standards,
and practices for secure
engineering need to be enforced
Connected vehicles allow
passengers to interact
with them, while in the
cabin or across the
world.
Manufacturers must also
carefully protect sensitive
information like GPS
coordinates and consumer
personally indentifiable
information (PII).
Infrastructure
components, such as
connected traffic lights
and toll lanes, should
also be secured from
tampering.

Design a secure vehicle
• Adherence to technical standards such as ISO26262, AUTOSAR,
MISRA and Automotive SPICE3
• Establishment of a security methodology for design and
development
• Maintainability over long in-service lifetimes
• “Fail safe” contingencies
• Assertions related to trusted technology providers
• Trust assertions and mechanisms for software
Design a secure infrastructure
• The communications between the vehicle and a remote user
are mediated by the service provider, often the automaker.
The communication should be encrypted and impervious to
tampering. In addition, the service provider needs to protect
its network and monitor transactions to detect suspicious
activity.

Drive with confidence
When you connect policy, analytics,
and controls across your entire system
Data Protection and Privacy | Application Security | Identity Governance | Digital Identity Trust | Cloud and Mobile Security
What holds us back?
In the 1950s and ‘60s, it took a mechanical engineer to design vehicle
control systems; now it takes a computer scientist
Harden the
vehicle
Create a trusted
maintenance
ecosystem
Customers
demand better
experiences
Enable new
and trusted
use model
Being secure while
offering drivers
personalized features

Harden the Vehicle
• The threat surface has expanded beyond the chassis to the global
Internet as many vehicles are now outfitted with Bluetooth, USB
ports and even near-field communications sensors, allowing
passengers to play music through the vehicle’s entertainment
system, make and receive calls hands free, pay for purchases from
within the car and even customize dashboard gauges.
• Car manufacturers provide remote safety and assistance services
over mobile networks
Create a trusted maintenance
ecosystem
Before a new connected vehicle owner first sits behind the
steering wheel, a number of preparatory steps for final
delivery should be accomplished, including updating
electronics and ECUs with the most current software and
firmware and setting up access with maintenance and
support services, as well as third-party, value-add services
and subscriptions like traffic and weather feeds.
Remain Secure while offering
new personalized features
• Integrates strong authentication and authorization of
consumer devices with the vehicle and automaker’s
service network
• Policy-driven security is also provided at the service
network portal.
Enable new and trusted use model
The introduction of intelligent, sustainable vehicles is redefining
personal mobility around the world. To stay competitive and
differentiated in the market, automakers have created open, scalable
and flexible mobility services that are customizable.

IBM Security can help transform your security program
GetAhead ofRisk andCompliance
• Strategyand Planning
• Risk Assessments
• Advisory Services
BuildLeadership and Culture
• X-Force Cyber Range
• X-Force Comes to You
• X-Force Cyber Tactical
Operations Center
Detect and StopAdvanced Threats
• SecurityOperations Consulting
• X-Force Threat Mgmt. Services
• X-Force Red
• QRadar
• X-Force Detect
Orchestrate Incident Response
• Resilient
• X-Force IRIS
Master Threat Hunting
• i2 Intelligence Analysis
• QRadar Advisor with Watson
Protect Critical Assets
• SDLC Consulting
• DataProtection Services
• AppScan
• Guardium
• DataRisk Manager
• Multi-cloudEncryption
• Key Lifecycle Manager
GovernUsers and Identities
• Identity Mgmt. Services
• Identity Governance
• Cloud Identity
• Access Manager
• Secret Server
DeliverDigital Identity Trust
• Trusteer
• Cloud Identity
SecureHybrid Cloud
• Infrastructureand
Endpoint Services
• Hybrid Cloud
SecurityServices
• QRadar Cloud Analytics
• Cloud Identity
• Guardiumfor Cloud
Unify Endpoint Management
• Endpoint Mgmt. Services
• MaaS360
• BigFix
Digital
Trust
Threat
Management
Strategy
and Risk

IBM Security can help transform your security program
Assess the design anddevelopment process
• Security by Design Consultancy – X-Force
Red
• Security Impact Analysis and Treat Modelling
– X-Force Red
Review theIT-Production andin-service IT
Infrastructure
• Hardware Security Testing – X-Force Red
• Supplier Component Security Testing – X-
Force Red
• Integration Security Testing –X-Force Red
• Connected Services Security Testing –X-
Force Red
• Autonomous sensor control and fusion
subsystem testing – X-Force Red
Assess the supply chain
Apply Analytics Solutions
• Security Requirement Definition as partof
supply chain Assistance –X-
Detect and StopAdvanced Threats
• SecurityOperations Consulting
• Vehicle SOC
• FusionSOC
Orchestrate Incident Response
• Engineered Remediation
Master Threat Hunting
• Apply Analysts Solutions – i2
Protect Critical Assets
• IBM X-Force Exchange
• IBM APPS Exchange
Digital
Trust
Threat
Management
Strategy
and Risk

Manage vehicle security threats matched with IBM Security Services and Offerings
Insight Prevention Detection Response Recovery
Metrics & Reporting Issue Management Change Management Program MaturationGovernance
A programmatic
framework leads to a
prescriptive integrated
approach that drives
better results.
A trusted security partner
with world class experts that
can bring critical insight and
scale.
IBM X-Force Red
Automotive Security
Testing
IBM Security Intelligence
and Operations
Consulting
IBM Global Managed
Security Services
IBM X-Force IRIS
(Emergency Response
Services)
A smarter platform
that can accelerate
investigation and response
with analytics, AI and
orchestration.
Partner Ecosystem
IBM Innovation
Watson
AI
Resilient
Orchestration
X-Force
Exchange
Analytics
Engines
Portal &
Mobile App
Use Case
Library
Identify assets/ vehicle
endpoints, know your
threats (research), and also
pen test or ethically hack
• Apply preventative
measures, vulnerability
scanning, policy& patch
management,
maintenance, etc.
• 24x7 Threat Monitoring
attack, triage, enrich,
etc.
• Respond via
• automation, playbooks,
• and govern the
• response via an
• incident management
• system.
• Recover/restore if and
when damage has been
done

ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2019. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of
direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines
Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in
information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single
product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve
additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the
malicious or illegal conduct of any party.
FOLLOW US ON:
THANKYOU
ibm.com/security/community

SECURITY FOR A DATA
CENTRIC INDUSTRY

Digitalization hits the automotive space

A new revenue model = A new type of asset
• Vehicles, drivers, passengers and
infrastructure are now all data points
• A collection of data points forms information
• Information is organized and insights are
extracted
• Insights generate revenue

Software updates case study
You can’t have software, but
not have a software update
mechanism.
“
”
Synopsis/Ponemon: Securing the Modern Vehicle
Does your organization's software
update delivery model address
critical security vulnerabilities in a
timely manner?
What is the mechanism
deployed to deliver software
updates to vehicles?
Yes
No
None
Other
OTA

64%test less than half of
hardware, software, and
other technologies for
vulnerabilities
It gets worse…
23
Synopsis/Ponemon: Securing the Modern Vehicle
84%have concerns that
cybersecurity practices
are not keeping pace
with evolving
technologies
30%do not have an
established product
cybersecurity program
or team

The Automotive Paradox
24
• In the last 10 years, the industry has come to
realize the importance of protecting vehicles and
mobility IT systems from cyber threats
• The need to keep pace with technology and the
rapidly growing threat landscape is inhibiting the
industry from reaching the cybersecurity posture
that will achieve adequate defense maturity
A significant leap is required to reach that goal

Risk =
Value of attack
Cost of attack
Recalculating the route
to a significant, large-scale incident

Visibility is key
• What vulnerabilities do I have?
• What’s my exposure?
• Are threats realized?
• Are vulnerabilities exploited?
• Are attacks attempted?
• Does security control
withstand?

Realizing the Automotive-SOC
A data driven business requires a data-centric solution
• A central instrumentation, orchestration and analytics platform
that leverages the unique vantage point the OEM has
• The marriage of in-vehicle (product) security solutions with
InfoSec analytics approach
• A collaboration ecosystem for fusing ad-hoc point-solutions
together creating synergies and value added for the OEM
• Full analytics-detection-response cycle, including OTA
capabilities for security updates

In-Vehicle
Instrumentation Analytics Center
Cloud
ID/PS
Cloud
Platform
3rd party
controls
Sensors
IT/Mobility
Data
OTA Server
Recommended intrusion detection &
analytics structure

…to business enablers.
From gatekeepers…

Asaf Atzmon
Vice President & GM of Automotive
Cybersecurity
HARMAN International
Asaf.Atzmon@harman.com
Thank You!
linkedin.com/in/asafatzmon
HARMAN Website

Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles

Ähnlich wie Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles (20)

Mehr von HARMAN Connected Services

Mehr von HARMAN Connected Services (7)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles