Cybersecurity Vehicle Forum – Shanghai, China – May 15, 2025

Driving Forward: Key Insights from GlobalPlatform's CyberSecurity Vehicle Forum in Shanghai

The automotive industry is racing toward a more connected, secure future, and the recent GlobalPlatform CyberSecurity Vehicle Forum in Shanghai provided a fascinating glimpse into this evolution. Held on May 15th as part of SAE International's Safety and Security Congress in Shanghai Anting, the forum brought together industry leaders, researchers, and security experts to tackle one of the most pressing challenges in modern automotive: cybersecurity.

Setting the Stage: China's Automotive Security Landscape

The forum opened with crucial context about the Chinese market and international developments. Bao Yue from CATARC kicked things off with insights into standards and test technologies for commercial cryptography applications in automotive systems. This foundation-setting presentation highlighted how China is approaching the integration of robust security measures into vehicles.

Gil Bernabeu from GlobalPlatform then provided an overview of GlobalPlatform technologies, while Dennis Oka from IAV GmbH rounded out the opening segment with a comprehensive look at international regulatory developments. Together, these presentations painted a picture of a rapidly evolving regulatory and technological landscape that's pushing the industry toward higher security standards.

Real-World Applications: Industry Voices on Automotive Security

The forum's second segment brought together diverse industry perspectives on how standardization can shape automotive security's future. Representatives from major players shared their visions:

• David Wei Wang from NIO offered insights from the electric vehicle pioneer's perspective
• Raymond Li from Uni-Sentry discussed security solutions tailored for the automotive sector
• Xiaochua Xie from UAES shared experiences from the automotive electronics supplier side
• Kevin Zhang from Rambus provided semiconductor security expertise

What made this segment particularly valuable was the concrete suggestions these companies offered for potential work items within GlobalPlatform, showing how industry needs are directly informing standardization efforts.

Bridging Standards: GlobalPlatform and SAE Collaboration

Francesca Forestieri from GlobalPlatform presented a detailed look at the organization's automotive activities, with special focus on their collaboration with SAE International. The highlight was their work on J3101-5, where GlobalPlatform specifications are being mapped to demonstrate compliance with SAE's hardware-protected security requirements and best practices. This collaboration represents a significant step toward harmonizing security standards across the industry.

Testing and Certification: SESIP in the Automotive World

The forum dedicated substantial time to SESIP (Security Evaluation Standard for IoT Platforms) certification in automotive applications. Forestieri's presentation on SESIP was followed by Wei Yuan Mao from Applus, who dove deep into attack methodologies and protection profiles specifically designed for automotive use.

Bai ZhiChao from DPLS labs then addressed a critical challenge: coordinating security testing between individual chips and complete vehicle systems. This coordination is essential for ensuring that security measures work effectively at every level, from individual components to the entire vehicle ecosystem.

Secure Elements: The Foundation of Digital Car Security

The discussion on Secure Element (SE) technology revealed exciting developments in how these security chips are being deployed in automotive applications. The segment explored how SEs can extend the capabilities of Hardware Security Modules (HSMs), providing additional layers of protection for critical automotive functions.

Song Weifeng from Giesecke+Devrient provided a compelling real-world example, explaining how SEs are currently being implemented in digital car key solutions. This practical application demonstrates how security technologies are already enhancing the user experience while maintaining robust protection.

The Future is Trusted: Execution Environments in Automotive

The forum concluded with Richard Hayton from Trustonic presenting on Trusted Execution Environments (TEEs) – perhaps one of the most forward-looking segments of the day. Hayton traced the evolution of TEEs and explored how they're being adapted for automotive applications.

Several emerging areas show particular promise:

Performance and Flexibility: TEEs could replace or augment traditional HSMs, offering better performance, cryptographic agility, and operational flexibility.

Expanded Applications: As vehicles become more sophisticated, there's growing demand for larger, more complex secure applications, particularly for data capture and processing.

Microcontroller Integration: The development of Micro-TEE technology could bring trusted execution capabilities to smaller, more resource-constrained automotive systems.

Safety-Critical Applications: Mixed-criticality systems that can handle both safety and security requirements simultaneously represent a significant advancement.

Lifecycle Management: Attestation and lifetime services ensure that security measures remain effective throughout a vehicle's operational life.

Looking Ahead

The GlobalPlatform CyberSecurity Vehicle Forum highlighted both the challenges and opportunities facing automotive cybersecurity today. From regulatory compliance and standardization to cutting-edge technologies like TEEs and advanced secure elements, the industry is actively building the foundation for tomorrow's secure, connected vehicles.

The collaboration between organizations like GlobalPlatform and SAE International, combined with active participation from automotive manufacturers, suppliers, and security specialists, suggests that the industry is taking a comprehensive, coordinated approach to these challenges. As vehicles become increasingly connected and autonomous, events like this forum play a crucial role in ensuring that security keeps pace with innovation.

The road ahead may be complex, but with continued collaboration and innovation, the automotive industry is well-positioned to deliver the secure, connected driving experience that consumers expect and deserve.  Come join us at GlobalPlatform as we tackle this ambitious objectives.

View the agenda and access the presentations at the links below: