Cybersecurity Requirements and GlobalPlatform
In order to support the deployment of connected vehicles and services, the automotive sector is rightfully prioritizing the cybersecurity of vehicle components. Industry players have to ensure an appropriate defense against hackers to foster the privacy and safety of consumers, as well as to comply with recent international regulations and standards around Cybersecurity, the Right-to-Repair, Post Quantum Cryptography, and the Software Bill of Materials.
With over 20 years of experience in secure components from the banking, financial services, government identification and mobile markets, GlobalPlatform technologies provide a key element in ensuring the cybersecurity of vehicles.
Automotive Initiative
GlobalPlatform has launched an automotive initiative to foster direct engagement between trusted digital service experts from banking, government and mobile industries and the full Automotive Value Chain to optimise the efficient deployment of Secure Components, Trusted Digital Architecture, Security APIs, and Security Lifecycle Management within the Automotive sector.
Our automotive initiative is led by the GlobalPlatform Automotive Task Force (open to GP members) and will work in consultation with the GlobalPlatform Cybersecurity Vehicle Forum, which is open to the wider automotive value chain, to ensure collaboration between GP members and non-members.
Automotive Task Force Objectives
GlobalPlatform’s Automotive Task Force focuses on identifying alignment issues between Automotive requirements and GlobalPlatform specifications, in particular to:
- Define requirements for secure components and services in the automotive industry related to GlobalPlatform technology, including Secure Element (SE), Trusted Execution Environment (TEE), Trusted Platform Services (TPS) technologies
- Provide input into GlobalPlatform’s technical committees on how GlobalPlatform specifications can be advanced to extend the support to automotive requirements
- Provide guidelines to the full value chain on the use of GlobalPlatform technology for automotive use cases
- Foster common definitions, and where relevant, alignment with standards bodies regarding automotive use cases
- Provide insight to the Automotive industry on:
- Future-proofing secure components through roadmaps for migration to Post-Quantum Cryptography (PQC) and through guidance leveraging Software Bill of Materials (SBOM) in the software update process
- Leveraging SESIP as a Security Evaluation Methodology in demonstrating compliance to automotive security requirements
Cybersecurity Vehicle Forum Objectives
The Cybersecurity Vehicle Forum is open to members and non-members alike, providing a consultation arm for the automotive taskforce to identify, detail and prioritize automotive industry challenges in delivering secure component services over the planning, producing, operating, and decommissioning of vehicles.
The input from the Forum feeds into GlobalPlatform’s Automotive Task Force for the assessment and launch of eventual work items.
The Forum holds global and regional meetings to validate use cases, prioritize challenges, establish solutions, and capture unique regional and emerging requirements.
The Automotive Task Force is chaired by Richard Hayton from Trustonic. All GlobalPlatform members are eligible to participate in the Automotive Task Force and the Cybersecurity Vehicle Forum is open to non-members.
UPCOMING EVENTS
| JUNE | SEPTEMBER | OCTOBER | NOVEMBER |
|---|---|---|---|
| June 20th Plymouth, MI 10am-5pm In-person or virtually | Sept. 14th Tokyo In-person | Mid-Oct China In-person | Nov. 14th Hamburg In-person or virtually |
| Prior to ESCAR USA | Sept. 25th Virtual update | Prior to ESCAR USA |
Join Us!
- If you are interested in getting involved, please contact Automotive@globalplatform.org
GlobalPlatform Cybersecurity in Automotive
GlobalPlatform specifications are regarded as the industry standard for banking, financial services, government identification and mobile markets. They support trusted end-to-end secure deployment and management solutions. This whitepaper discusses the key GlobalPlatform technologies and initiatives that are relevant to the automotive ecosystem security requirements.
Learn About GlobalPlatform’s First Cybersecurity Vehicle Forum Results
GlobalPlatform’s 1st Cybersecurity Vehicle Forum was held on 17 November 2022 and brought together over 65 participants from a diverse group of automotive stakeholders to discuss key automotive cybersecurity challenges, including securing IVI, gateway and telematic systems, securing ADAS and autonomous systems, and securing mobile phone apps, car keys and off vehicle components. Download the event highlights to learn more.
Join GlobalPlatform’s Cybersecurity Vehicle Forum – June 20th
Automotive stakeholders are invited to join the Cybersecurity Vehicle Forum to discuss the cybersecurity challenges around secure components, security APIs, and the trusted platform services that are most important to their businesses. The next event is planned for June 20th in Plymouth, MI prior to ESCAR USA. If you are an Automotive OEM or supplier responsible for planning and /or deploying secure components, learn more about the Cybersecurity Vehicle Forum and join us today.
Interested in joining the Automotive Task Force?
