Automotive Cyber Resilience: Operationalizing, Standards and Research

Presenting the work of AESIN and the UK Automotive Council and Zenzic, supported by Queens University Belfast, University of South Wales, University of Edinburgh and the Turing Institute and with further support from BSI, this series of workshops is designed to:

  • Present and discuss the limitations with existing standards in meeting the requirements of the Automotive and other mobility industries worldwide
  • Present the methodology proposed by AESIN, UK Automotive Council and Zenzic to achieve operationalizable and legally sustainable cyber resilience
  • In the context of that methodology set out the research agenda and give examples of applying the outcomes of existing and potential research in support of the methodology

There are 4 workshops which are each limited to 50 attendees. At each site a different academic partner will highlight examples of applying the outcomes of existing and potential research in different areas in support of the methodology.

The workshops will be held at:

4th Dec 2019 – ECIT, Queen’s University of Belfast, Queen’s Road, Queen’s Island, Belfast, BT3 9DT. QUB are the academic partner and will use research examples from hardware. Click here for tickets

11th Dec 2019 – University of South Wales Conference Centre, CF37 1DL UoSW are the academic partner and will use research examples from Forensics. Click here for tickets

8th Jan 2020 – NXP, Colvilles Road, Glasgow G75 0TG. University of Edinburgh are the academic partner and will use research examples from Modelling. Click here for tickets

15th Jan 2020 – Plexal, 14 East Bay Lane, Here East, Queen Elizabeth Olympic Park, London, E20 3BS. The Turing Institute are the academic partner and will use research examples from mathematics and probability. Click here for tickets

Who should attend?

This event is designed specifically for researchers with an interest in automotive cyber resilience and the application of security and other research outcomes, including PhD and other research students and their supervisors, early career researchers, representatives from industry, government and other defence and security-relevant NGOs.

For further information please refer to the below guide.

RISE @ ETSI Security Week 2019

Nice Promenade

Nice to be in Nice

That is an obvious and cheap play on words for the popular South of France destination and a joke I made back in 2016 during the European Championships, but one worth re-cycling for a new audience…

RISE was invited to speak at ETSI Security week, (last week) and we gave an update on hardware security, including the latest R&D from the RISE researchers.

I have to honest with you readers, I can think of worse places to be sent away on business in late June than Nice. If there is any consolation for the readers, we were cooped up in a conference room that was just about underground, with questionable Air-Con and far away from the beaches of the French resort.

ETSI HQ


EDSI @ ETSI Security Week

ETSI stands for the European Telecommunications Standards Institute and is a not-for-profit, and one of only three bodies officially recognized by the EU as a European Standards Organization. Essentially, the Standards people. The ETSI HQ is a short drive from Nice, in Sophia Antipolis.

Tucked away in some very picturesque French hills, Sophia Antipolis, the ‘French Silicon Valley’, is celebrating its fiftieth anniversary this year.

ETSI host multiple events each year and Security Week hosts a couple of hundred people across 5 days, each year in late June. ETSI was established in 1992 and this Security Week was number 13. The great and the good from all over the globe were on site to debate and discuss all things policy related, AI, 5G, IoT and cryptography. To give you an idea of the calibre of people there, two introductions were, “The 3GPP Godfather” and “the Godfather of 3G”; both experts in their field.

RISE gave an update on each of the 8 projects that are now in-life, focusing on hardware security, more specifically on the threat of hardware Trojans and Side-channel attacks and I am delighted to report than we had interest from some major global brands about collaboration moving forward. This can only be good news for UK (and wider afield) consumers.

Les Standards > Les Algorithms (ETSI & IoT)

Earlier this year, ETIS announced a new Technical Specification (TS) for Cyber Security in Consumer IoT – TS 103 645 to be precise, the first globally applicable industry standard for consumer IoT security. This industry standard builds on the Code of Practice from DCMS, but has been designed to work for European and wider global needs. The standard is set to inform, at home and abroad, the development of regulation and industry-led certification schemes. For businesses with an international supply chain and customer base, the standard provides an avenue to pursue a harmonised approach to implementing good security practice for their products. This TS will move to become a European Standard, telecommunications series (EN) and legislation is also looming on the horizon in the UK.

Days 4 & 5 (RISE spoke on Day 5)

What does the ‘S’ stand for in IoT?

This is a good idea. I remember being at CES in 2014 & 2015. In 2014, IoT had just become mainstream, one of the new hype technologies at CES that year, but nobody was talking about security. Thankfully, 12 months later, industry was more aware of the threat landscape about ‘everything being connected’, therefore vulnerable to a range of cyber-attacks, not least botnets. However, industry wanted to promote self-regulation, which still made me concerned for the future of IoT and consumer adoption.

As consumers, we still have the choice to buy a smart gadget, or not. My preference is to avoid smart gadgets where possible. And it isn’t just the security aspects that concern me, privacy is another major aspect around the IoT, not to mention technological obsolescence. 

Fast forward to 2019, here we are with international standards and legislation imminent in the UK around basic consumer IoT security measures. The community is working together to bring more secure IoT products and services to market, meaning the things we use and need, will be secure by design.

Good job ETSI and et al (DCMS, NCSC and the State of California).

Regards from the RISE (EDSI) Rookie