MAIN STAGE DAY ONE – TUESDAY 28th NOVEMBER 2023

DISCUSSION ON WORLDWIDE CYBER SECURITY REGULATIONS

• Understand if there are regulations coming up in China and the United States that will require mandatory compliance for automakers wanting to sell in these key markets.
• Learn if/which regulations are going to be revised to include new regulated clauses and reporting duties.
• Deep dive into Euro7 regulation: what is the impact on automakers globally?
• Assess requirements and test methods for vehicle cyber security that are under draft and are likely going to be released in 2024.

This presentation will discuss the current state of automotive cyber security and its likely evolution over the next three to five years. The expert speaker will examine: t Current vulnerabilities and attack trends. t The pace of introduction, of remediation and their impact on the overall trustworthiness and safety of the automotive platform and its supporting infrastructure, including EV charging stations, V2I, and Intelligent Transport Systems. t Recommendations for future action and milestones to track progress against those projections.

KEYNOTE OEM PANEL DISCUSSION

This opening keynote panel recognises that the industry cannot be successful if there is no information sharing and exchange of ideas. With representation from OEM cyber security subject matter experts, and knowledge transfer from all parts of the ecosystem, this open panel discussion allows attendees to learn more about the real challenges that companies are facing right now, while answering some of your biggest questions, including:

• Technical risks and challenges are keeping OEMs up at night and how similar or different are vehicle manufacturing companies are.
• OEMs are currently tackling these issues and where they are struggling to find solutions.
• How are they trying to mitigate risks on products? And are they aligned with their suppliers?
• Ask the OEMs where the wider ecosystem can step in and support, and in what ways the vehicle manufacturer will benefit from having this support.
• Find out what kind of cooperation the industry needs to put in place between OEMs and suppliers to drive the market in the right direction.

If the OEM requires compliance with ISO/SAE 21434, what specifically needs to be done? Based on our consulting experience with international suppliers and OEMs, we describe the key findings:

• Learn how to reduce the extra work and create true ISO/SAE 21434-compliant processes that match your own way of working.
• What really needs to happen in terms of management, organizational structures and processes?
• Why is quality management and competence development so crucial to reach compliance?
• What role do the attributes and characteristics of a product actually play and how can cybersecurity really be integrated into the overall development?
• How does a roll-out succeed without wasting time and gaining full acceptance?
• What is already common practice but not described in the standard?

PRESENTATION

• Device Attestation
• FOTA
• Automotive Vault

The days of debating the ‘what’ and ‘why’ behind ISO/SAE 21434 are over. With organisations now taking deliberate and strategic action to achieve conformance, and with the spectre of revisions on the horizon, it’s time to hear about the ‘how’. Learn how one leading OEM ensured compliance in this practical case study looking at:

• How ISO/SAE 21434 was interpreted and approached.
• The roadmap to compliance and how priorities were set.
• The practical day-to-day implications and what changes were required.
• The evaluation process, success, blind spots and areas for future evolution.

• Learn how to conduct TARA through the product lifecycle.
• Understand how to maintain and update your TARA.
• Understand each aspect of the TARA, including risks, requirements, verification, and validation.

• Journey from Component TARA to Vehicle System TARA
• No one-size-fits-all methodology - how to choose wisely?
• Analysing the security of functions across multiple components

PRESENTATION & DIALOGUE

• Understand the important work products and evidence that are required to meet the compliance requirements of R155 and R156 in Europe.
• Distinguishing the exact requirements from a R155 compliance point of view and what products need to be shown as evidence.
• Clarifying exact features that OEMs need to consider to achieve technical compliance with CSMS and software update management system in the vehicle.
• Discussing what different stakeholders can do to support compliance with technical legal requirements.
• Discussing the impact of increasing regulatory demand and pressures on the automotive industry in the future.

ESTABLISHING STEPS TO COMPLY WITH THIS MILESTONE CHANGE IN REQUIREMENT

• Examine how this new requirement will impact the industry, and what the vehicle manufacturers’ and suppliers’ greatest challenges are going to be.
• Lifting ambiguities and going through different steps of the regulatory requirements.
• Discussing practical steps to do tests and assure cyber compliance.
• Discussing how vehicle manufacturers and OEMs plan to scale their abilities to comply with these standards.
• How will OEMs structure their processes, type approvals and certifications.
• Find out how OEMs can provide proof that serviceability has been done.