Cybersecurity Requirements and GlobalPlatform

In order to support the deployment of connected vehicles and services, the automotive sector is rightfully prioritizing the cybersecurity of vehicle components. Industry players have to ensure an appropriate defense against hackers to foster the privacy and safety of consumers, as well as to comply with recent international regulations and standards around Cybersecurity, the Right-to-Repair, Post Quantum Cryptography, and the Software Bill of Materials.

With over 20 years of experience in secure components from the banking, financial services, government identification and mobile markets, GlobalPlatform technologies provide a key element in ensuring the cybersecurity of vehicles.

Automotive Initiative

GlobalPlatform has launched an automotive initiative to foster direct engagement between trusted digital service experts from banking, government and mobile industries and the full Automotive Value Chain to optimise the efficient deployment of Secure Components, Trusted Digital Architecture, Security APIs, and Security Lifecycle Management within the Automotive sector.

Our automotive initiative is led by the GlobalPlatform Automotive Task Force (open to GP members) and will work in consultation with the GlobalPlatform Cybersecurity Vehicle Forum, which is open to the wider automotive value chain, to ensure collaboration between GP members and non-members.

Automotive Task Force Objectives

GlobalPlatform’s Automotive Task Force focuses on identifying alignment issues between Automotive requirements and GlobalPlatform specifications, in particular to:

• Define requirements for secure components and services in the automotive industry related to GlobalPlatform technology, including Secure Element (SE), Trusted Execution Environment (TEE), Trusted Platform Services (TPS) technologies
• Provide input into GlobalPlatform’s technical committees on how GlobalPlatform specifications can be advanced to extend the support to automotive requirements
• Provide guidelines to the full value chain on the use of GlobalPlatform technology for automotive use cases
• Foster common definitions, and where relevant, alignment with standards bodies regarding automotive use cases
• Provide insight to the Automotive industry on:
  • Future-proofing secure components through roadmaps for migration to Post-Quantum Cryptography (PQC) and through guidance leveraging Software Bill of Materials (SBOM) in the software update process
  • Leveraging SESIP as a Security Evaluation Methodology in demonstrating compliance to automotive security requirements

Cybersecurity Vehicle Forum Objectives

The Cybersecurity Vehicle Forum is open to members and non-members alike, providing a consultation arm for the automotive taskforce to identify, detail and prioritize automotive industry challenges in delivering secure component services over the planning, producing, operating, and decommissioning of vehicles.

The input from the Forum feeds into GlobalPlatform’s Automotive Task Force for the assessment and launch of eventual work items.

The Forum holds global and regional meetings to validate use cases, prioritize challenges, establish solutions, and capture unique regional and emerging requirements.

The Automotive Task Force is chaired by Richard Hayton from Trustonic. All GlobalPlatform members are eligible to participate in the Automotive Task Force and the Cybersecurity Vehicle Forum is open to non-members.

Join Us!

• If you are interested in getting involved, please contact automotive@globalplatform.org