ThreatModeling AutoMotive

Use-cases, research, tips & much more !

  • 4 Topics
  • 21 Replies

4 Topics

A
Anonymous
published in ThreatModeling AutoMotive

Automotive Cybersecurity Standards and RegulationsBlog

A further element of vulnerability emerges with the automobile industry's transition to connected vehicles and smart mobility, notably the risk of cyberattacks. As a result, government and regulatory bodies have pushed to guarantee that cybersecurity is a top priority at every stage of the automotive supply chain. Cybersecurity standards are essential in securing the automobile industry by providing a structured approach to identifying, mitigating, and managing cybersecurity risks. They provide a framework and set of guidelines that automakers, suppliers, and other stakeholders can follow to establish effective cybersecurity practices. These standards help ensure that vehicles are designed and built with security in mind, help address the unique challenges and risks associated with modern vehicles, and contribute to the overall safety and trustworthiness of connected and autonomous vehicles. Key Cybersecurity Standards and Regulations ISO/SAE 21434: This standard offers a framework for

537
D
5 months ago
T
ThreatModeler
published in ThreatModeling AutoMotive

Enhancing Automotive Security: A Guide to Threat ModelingBlog

The modern automobile industry is undergoing a profound transformation, with vehicles becoming increasingly connected and autonomous. While this technological evolution brings a wealth of benefits, it also introduces new security challenges. To safeguard vehicles and their occupants from potential threats, the practice of threat modeling plays a crucial role.  Understanding the System Thorough comprehension of the vehicle's architecture is paramount. This includes all components such as hardware, software, and communication interfaces. From the on-board computer systems to sensors and communication networks, every aspect must be considered. A clear understanding is the foundation upon which threat modeling is built. Asset Identification Determine what assets need protection. These assets can range from the vehicle itself to user data, personal information, safety-critical systems, and more. Identifying and prioritizing these assets is vital. Defining Attack Vectors Attack vectors are t

484
vaidehirana
5 months ago
M
Mahdi Fotouhi
posted in ThreatModeling AutoMotive

Given the current cybersecurity risks that are associated with modern vehicles, Would you rather drive a new car, or one from 30/40 years ago?

We all know that cars are becoming more and more connected to our environment around us. Just being able to pair to an audio device through bluetooth is now a common occurrence on almost all cars. However, New vehicles are taking a step up, integrating CarPlay in the cars giving users almost full functionality of their mobile phones through the vehicles head unit. We can take it a step further and look at Tesla’s self driving vehicles, are the complexity that their systems have to be able to “self-drive” for short distances. Almost 10 years ago, researchers at black hat were able to take full control of Jeep remotely. Even with the security hardening of these new systems, potential for attack is still quite high. My question is given the current state of cybersecurity architecture, would you rather drive a car that is brand new that has ease of usability features yet remains susceptible to cyber attacks on the ECU, Engine and Transmission?Or drive a much older car (1965/1975) that does

8
A
6 months ago
Todd
Todd
asked in ThreatModeling AutoMotive

Automotive Standards and Compliance Frameworks

Are you part of the automotive industry?  What automotive standards and compliance frameworks are most important to your organization?  ISO 21434?  UNECE?

2
M
8 months ago
Terms & ConditionsCookie settings