4. Daimler AG
Internet
Authority Cloud Environment
Smart Roads / Smart Cities
VANET with
DSRC/WiFi
(M2M)
Drivers
Personal
Devices
Cloud Environment
(Analytics / Applications)
(Data Supply / FrontEnd)
Internet Connectivity
3G/LTE/5G
Fleet Customers
Fleet Owners
Suppliers
Dealers
Content
Providers
Finance Insts.
Insurance
Authorities
Regulators
Research Inst.
IoT
Backend
Open API
Data
Delivery
In Vehicle
Network
Applications
5. Daimler AG
Cryptographic Hygiene
Hardening
Isolation
3rd Party Trust
Obscurity
Authorization
Authentication
Tuning
Cloud Hygiene
Development Hygiene
Secure Communication
API Hygiene
Data Protection and Privacy
Threat Modeling
Trusted Computing
Secure OTA
Collaborative Trust
Detection
Incident Response
Threat Intel
Pentesting
Red Team Blue Team
7. Daimler AG
Cryptographic Hygiene
Hardening
Isolation
3rd Party Trust
Obscurity
Authorization
Authentication
Tuning
Cloud Hygiene
Development Hygiene
Detection
Secure Communication
API Hygiene
Data Protection and Privacy
Threat Modeling
Incident Response
Trusted Computing
Secure OTA
Collaborative Trust
Threat Intel
Redundant Sensors Vehicle Identity Management
Multi Sensor Integration
Closed Information
Vehicle Membership Management
Security Provenance
Pentesting
Red Team Blue Team
9. Daimler AG
Cryptographic Hygiene
Hardening
Isolation
3rd Party Trust
Obscurity
Authorization
Authentication
Tuning
Cloud Hygiene
Development Hygiene
Detection
Secure Communication
API Hygiene
Data Protection and Privacy
Threat Modeling
Incident Response
Trusted Computing
Secure OTA
Collaborative Trust
Threat Intel
Redundant Sensors Vehicle Identity Management
Multi Sensor Integration
Closed Information
Vehicle Membership Management
Security Provenance
Pentesting
Red Team Blue Team
Compliance
Best Practices
Standards
• Eco System of Diverse Stakeholders
• Rapidly Evolving Technology
• Complex Architectures
• Race to Features
• Adversarial Safety
Challenging Trends
10. Daimler AG
Electronic
Vehicle
Remote Vehicle
Mgmt. and
Operations
Environmental
and Driving
Support
Fleet
Management &
Content Services
M2M
Smart Infra
Integration
Extended Risk Continuum
Information Security Cyber Security Business Risks Vehicle/People Safety
IT Infra
Applications
Scope has changed and so has Risks
Automated /
Augmented
Security
Model Driven /
Simulated
Security
Layered
Security
Holistic and Automated Security
Lifecycle
Integrated
Security
Need New Capabilities
Adverserial
Security
Cybersecurity through collaboration
Connected Vehicle Security as a core research practice
Connected Vehicle Security as a Strategic Initiative
Safety in a connected world
People
CAL