Fescaro Chief Technology Officer Lee Hyun-jung (Fescaro) Automotive cybersecurity has become increasingly critical as vehicles process vast amounts of data, including sensor inputs, autonomous driving inputs and outputs, vehicle location and condition, and software updates. In response, a growing number of jurisdictions — including the European Union, Korea and China — are enacting cybersecurity laws that require automakers to comply with strict security standards to sell their vehicles in these markets. A modern vehicle contains hundreds of electronic controllers, each of which must be secured to strengthen overall cybersecurity. To address this, automakers require electronic controller developers to implement cybersecurity measures such as Secure Flash, Secure Debug and Secure Onboard Communication (SecOC). Secure Flash ensures that firmware updates are applied only after verifying their authenticity and integrity through digital signatures. Secure Debug prevents unauthorized extraction or modification of firmware by controlling access to the debug interface. SecOC maintains the integrity and authenticity of in-vehicle communications by attaching a Message Authentication Code to messages, allowing verification of the sender. Growing role of key management systems These cybersecurity measures rely on security keys and passwords, but managing these assets poses significant risks of data leakage, particularly when dealing with thousands to millions of security credentials. Additionally, this increases operational workload for electronic controller developers. To address these challenges, the automotive industry is increasingly adopting key management systems. Key management systems serve two key functions: securely managing security assets and integrating them into electronic controllers and providing ongoing protection for these assets throughout the vehicle’s lifecycle. Key management systems generate and distribute a wide range of security keys, which can number in the hundreds per electronic controller model and millions per unit when including unique passwords. While IT security solutions outside the automotive industry offer similar functionality, a vehicle-specific KMS must consider the mobility industry value chain, the vehicle’s 15-year lifecycle, and evolving cybersecurity regulations. Electronic controller developers adopting a key management system must address two critical factors: Ensuring compliance with the diverse cybersecurity requirements of automakers and seamlessly integrating the KMS with the production line of electronic controllers. Integrating security assets into electronic controllers involves three essential components: the key management system (which generates and manages security keys); the electronic controller (which utilizes the security keys for cybersecurity functions); and diagnostic software on the production plant(which connects the two and ensures secure integration). One of the main challenges is ensuring that electronic controllers are designed to align with the cybersecurity approach of the key management system. If an electronic controller cannot decrypt a key due to misalignment in security protocols, the system becomes nonfunctional. Therefore, a well-coordinated cybersecurity approach across all three components is essential. To achieve seamless integration, collaborating with a company that provides a readymade solution covering all three components can be highly beneficial. A comprehensive security strategy enhances synergy among systems while improving cost efficiency by consolidating design, development and validation within a single company. Electronic controller developers must also ensure that their KMS solutions are adaptable to meet automakers’ evolving and diversifying cybersecurity needs. By proactively integrating comprehensive security measures, they can have flexible solutions that require only minor modifications instead of developing entirely new systems. This reduces costs while improving project efficiency. Fescaro’s role in advancing automotive cybersecurity Fescaro, a Korean mobility security solutions provider, has seen rising demand for its key management systems, as automakers increasingly require Secure Debug, Secure Flash, and SecOC implementations from electronic controller developers. As cybersecurity regulations tighten, the demand for advanced key management systems will continue to grow. Electronic controller developers must adopt long-term strategies to determine which KMS solution best supports their needs over the medium and long term. Leveraging its expertise in mobility security, Fescaro has developed a unified system that ensures seamless security integration across all three essential components, such as a proprietary key management system, electronic controllers, and production line. By applying unified security principles, Fescaro ensures that its cybersecurity solutions integrate seamlessly into electronic controller production, maintaining operational stability. Additionally, Fescaro’s proprietary security technologies have been validated against the FIPS 140-2 standard by the US National Institute of Standards and Technology. This certification confirms the correct implementation of cryptographic algorithms and enhances global credibility. With a scalable design, Fescaro’s automotive cybersecurity solutions can effectively adapt to fluctuations in automaker and electronic controller lineups, making them a preferred choice among multiple Korean automakers and electronic controller developers. Lee Hyun-jung is chief technology officer of Fescaro. The views in this column are her own. -- Ed. <Source : [Contribution] Key management systems: The next frontier in automotive cybersecurity - The Korea Herald>

Fescaro Chief Technology Officer Lee Hyun-jung (Fescaro) Addressing hacking threats to vehicle software programs has become increasingly critical as vehicles evolve into "computers on wheels," relying more heavily on chips and software. Lee Hyun-jung, the chief technology officer at mobility software solutions provider Fescaro, emphasizes the need for a comprehensive approach to ensure robust vehicle cybersecurity.  Based in Suwon, Gyeonggi Province, Fescaro collaborates with Korean automakers to provide security software that protects vehicles from hacker attacks and information leaks. "Vehicles are increasingly connected to external environments via software, interacting with urban infrastructure, personal communication devices and even other vehicles, while exchanging information in real time," said Lee. The CTO, a former white hat or ethical security hacker, added, "Enhancing cybersecurity for just vehicles will hardly ensure the safety of the entire mobility ecosystem. A flaw in the connected network could spread cyber threats throughout the entire value chain." In many countries, including the European Union, China and Korea, automakers can only sell their products if they provide systematic management of vehicle cybersecurity throughout the entire product lifecycle -- from design to production and disposal. “Korean automakers are obtaining European certifications for cybersecurity management systems and software update management systems to enter the regional market and comply with their legislation,” said Lee. Fescaro has helped multiple Korean companies acquire European qualifications and the ISO/SAE 21434 certification. ISO/SAE 21434 is an international standard for automotive cybersecurity engineering jointly developed by the International Organization for Standardization (ISO) and the Society of Automotive Engineers (SAE). The SAE is a prominent professional association based in the US, with approximately 128,000 engineers and technical experts primarily involved in the mobility industry. “(When working with an automaker to obtain CSMS and SUMS), Fescaro formed an IT infrastructure system that integrates all cybersecurity management tasks into a unified platform, automating processes to enhance seamless workflows,” Lee explained. “The system was also designed to monitor security-related events after the mass production of car models to prevent potential issues and track the effects of vehicle software updates,” Lee added, emphasizing the company’s ability to offer long-term solutions addressing various aspects of vehicle cybersecurity. As recognition for Fescaro's contributions to obtaining security certifications, Korean sport utility vehicle maker KG Mobility selected the company as its excellent business partner for 2024. Lee anticipated that the importance of vehicle cybersecurity would grow even further as electric vehicles and autonomous driving systems become more prevalent. “Autonomous driving requires a connection to external networks for precise and detailed recognition of the surrounding environment,” said Lee. “Cybersecurity is also crucial for EV chargers, as they are directly connected to EVs. This connection may allow external networks to access sensitive personal information, such as the vehicle’s identification and payment data.” To address these concerns, Fescaro’s business portfolio spans future mobility solutions. The company has collaborated with autonomous driving solution providers and EV charger manufacturers. "There is no perfect mobility cybersecurity system. Therefore, leading businesses must continuously upgrade their cybersecurity systems while also reducing costs. In response to this demand, Fescaro is developing the 'CSMS Portal,'" said Lee. The platform, built on Fescaro’s experience working with mobility companies, offers streamlined and automated cybersecurity maintenance solutions. It aims to facilitate continuous monitoring and updates of companies’ cybersecurity status with ease. "We plan to launch the portal in the first half of 2025. We hope to contribute to solving the challenges facing the mobility industry and enhance future competitiveness," Lee said.<Source: The Korea Herald(Fescaro CTO stresses comprehensive approach to vehicle cybersecurity - The Korea Herald)>

  Decoupling and a shift in industry awareness are essential to the realization of Software-Defined Vehicle (SDV)Enhancing work efficiency through the use of Software-Defined Operation (SDO) Hong Seok-Min, CEO of FESCARO We are witnessing a mobility revolution, with self-driving vehicles on the roads and seamless connectivity between smartphones and vehicles. The future remains unpredictable as technology rapidly advances. At 'AID 2024' (Automotive Innovation Day 2024), the largest conference on cutting-edge automotive technology in Korea, one speaker captured attention with the introduction of the Software-Defined Operation (SDO) concept. He emphasized that 'in the mobility era, work processes must also become software-centric.' ​ That speaker was Hong Seok-min, CEO of FESCARO, a company specializing in future mobility software solutions. I had the opportunity to meet CEO Hong to discuss his insights on the evolving automotive industry.   What is the most notable keyword in the mobility industry right now? The most prominent keyword is undoubtedly 'SDV (Software-Defined Vehicle).' Traditional internal combustion engine vehicles were hardware-centric, making it challenging to modify functions after release. However, with SDVs, key vehicle functions are controlled by software, allowing for performance improvements through updates. Tesla is the leading example of this transformation. By providing software updates, Tesla offers consumers enhanced value consistently, demonstrating that a subscription model is feasible for vehicles as well. Source=FESCARO When purchasing a vehicle, consumers typically consider factors like design, brand, and price. However, Tesla has demonstrated that the true demand lies in having a vehicle that remains up-to-date over time. The SDV concept addresses this consumer need while also offering automakers a new profit model. ​ To realize the SDV, software development methods are also evolving. The traditional V-model, which completes software development by the mass production stage, faces limitations in improving quality after mass production. To address this issue, a new methodology called DevOps is gaining traction. DevOps integrates development and operations, creating a continuous cycle from design to monitoring. This approach allows for ongoing product improvements, enabling automakers to continuously enhance competitiveness even after mass production. Source=FESCARO How should industry awareness change to realize SDV? In an evolving mobility landscape, it is crucial to first grasp the essence of this shift. The focus should be on enhancing the user experience through continuous service evolution, even after mass production. I believe the true value of SDV can be fully realized when the following three key elements are combined. ​ First, the focus should be on problem-solving rather than technology itself. The strength of SDV lies in automakers' ability to implement the latest features faster, more cost-effectively, and at scale across mass-produced vehicles. SDV encompasses various technologies, such as centralized architecture and vehicle operating systems (OS). Depending on the situation, some or all of these technologies may be utilized. However, what matters more than the technology is the 'problem' that the technology is designed to solve. ​ Second, decoupling is necessary between automakers and controller developers, or between automakers and third parties. Decoupling is about minimizing the impact when certain system components are modified by reducing interdependence. By increasing the independence of system components, software flexibility and scalability can be enhanced. ​ Lastly, the true value of software must be fully recognized. It should be seen as more than just a one-time development service but rather as a valuable product in its own right. The real competitiveness of future mobility software lies in continuous 'maintenance,' not just in the initial development phase. Therefore, a more effective strategy is to focus on improving quality through ongoing development and maintenance after release, rather than heavily investing in development costs before release. Source=AEM What is the core of competition in the mobility era? The core of competition is to continuously maximize the 'value that consumers recognize and are willing to pay for.' In the future, 'software,' which holds the key to this value, will determine the fundamental competitiveness of vehicles. To achieve true service innovation, product development methods must also shift to a software-centered approach. ​ FESCARO has defined this software-centric operational management solution as 'SDO (Software-Defined Operation).' Its key feature is the ability to centralize and manage complex, interwoven tasks across the vehicle life cycle and the entire automotive industry value chain in a single platform. This allows for easy and efficient tracking and analysis of the organic impacts caused by software changes through a computerized system. With SDO solution, automakers can streamline existing complex processes and focus more on enhancing vehicle quality. Please give us a real-world example of how SDO improved productivity. I would like to introduce a case involving an automaker and an electric vehicle charger manufacturer. ​ To sell vehicles in Europe, compliance with automotive cybersecurity (UN R155) and software update (UN R156) regulations is mandatory. In practice, many automakers face reduced work efficiency as they handle regulatory compliance work separately from vehicle development work. To address this, FESCARO has developed an integrated operational management system that minimizes work duplication, and it has already been implemented by a global automaker. ​ The core function of the system is real-time monitoring of the vehicle's cybersecurity status. When a software defect or security event occurs during the vehicle's operation, it can be quickly identified and addressed. Furthermore, the system allows for re-entering the vehicle development stage to update the software, enabling the reproduction of the vehicle with enhanced performance. ​ In addition, by systematically managing information on the vehicle's software versions and history, the system allows for proactive identification and response to potential impacts on interconnected systems during software updates. This enables efficient management of complex derivative and follow-up projects, optimizing operational resources while continuously enhancing cybersecurity. ​ FESCARO has also applied the SDO concept to electric vehicle chargers, where rapid identification and response to abnormalities are critical. Issues like overheating or battery malfunctions can lead to fires, making prompt action essential for safety. ​ In addition, we have developed an integrated operational management system for Software-Defined Charger (SDC) that enables remote management of multiple chargers distributed over long distances. This solution, already adopted by global charger manufacturers, allows for proactive issue resolution and damage minimization by monitoring the real-time status of charger models and components. Furthermore, it ensures keeping service quality at its best through OTA (Over-the-Air) updates, enabling effective response to maintenance issues on electric vehicle chargers. ​ SDO shows its true value when applied to complex, interconnected tasks such as cybersecurity and software updates. By creating a system optimized to the specific environment and needs of the customer, SDO can improve work efficiency, streamline management, increase convenience, reduce costs, and shorten development cycles. Moreover, it provides a strong foundation for SDV competitiveness and serves as a proven strategy for enhancing quality post-mass production. <Source: etnews(Ensuring the Competitiveness of Future Mobility Through Continuous Software-Based Services)>

Automotive cybersecurity threats will continue to intensify. The importance of a continuous and efficient operation management system throughout the vehicle lifecycle is emerging. Beyond the vehicle’s software-centric development, the true value of SDVs can be demonstrated when the way of working also becomes software-driven, creating mutual synergy. Just as SDV improves the user experience for drivers, a software-defined operation (SDO) management solution for SDV, enhances the user experience for those involved in vehicle cybersecurity, directly leading to improved work efficiency. To lay a secure foundation for SDVs, it's important to realize continuous cybersecurity with SDO. by Hyunjung Lee, CTO, FESCARO   Hyunjung Lee is a co-founder of FESCARO and is in charge of the Security Development Division. A former white hacker, she developed FESCARO's proprietary security algorithm technology and obtained FIPS 140-2 certification from the National Institute of Standards and Technology (NIST). She also successfully conducted V2X security technology R&D and demonstration projects for the Korea Automobile Testing & Research Institute (KATRI). By fusing automotive cybersecurity and IT server technology, she has developed an IT-based operation management solution that covers the entire lifecycle from vehicle production to post-mass production, contributing to dramatically increasing the work efficiency of automakers and controller developers.   Advancement of vehicle software and its inevitable consequences   The generative AI service ‘ChatGPT’ is also blowing in the automotive industry. GM is working with Microsoft to develop a ChatGPT virtual assistant, and Volkswagen, Mercedes-Benz, and BMW have also announced plans to introduce ChatGPT in their vehicles. While ChatGPT is undoubtedly a good choice for improving the driver experience, but it is also necessary to consider potential risks. ChatGPT is sophisticated software. Vehicles are equipped with software for driving, safety, infotainment, etc., and additional software will be added continuously. As software increases, there are inevitably vulnerabilities. This is the threat of hacking. Cybersecurity-related regulations are being enacted to welcome software-defined vehicles (SDVs), from R155 and R156 in Europe to the Motor Vehicle Management Act in Korea and GB in China. The automotive industry is applying cybersecurity to respond to these regulations, but hacking threats continue to evolve. This is why 'continuity' is emerging as the key to regulatory response.     V-model and DevOps    The automotive industry uses the V-model when developing software. It is a process of analyzing requirements, designing and applying architecture, and validating it. In effect, because development ends after the vehicle is launched, it is difficult to respond quickly to software errors and defects or improve quality after mass production. With the advent of the SDV era, the vehicle lifecycle is being extended with software technologies that are easy to update, increasing the importance of continuous development and management even after launch. This is the background to the emergence of a new methodology called DevOps, which compensates for the shortcomings of the V-model. It is a methodology that integrates development and operation to continuously improve products through a cycle of design, development, verification, distribution, operation, and monitoring.     Beyond Regulatory Response, Truly Continuous Cybersecurity (Feat. IT Infrastructure) Cybersecurity is no exception. The field where the DevOps concept must be applied is cybersecurity. This is because vehicles can be effectively protected only when continuously responding to evolving hacking threats. By integrating server technology, I have built an IT-based cybersecurity management system that covers the entire vehicle lifecycle. The IT infrastructure solution actually applied to a global automotive OEM consists of three systems, and the main roles of each system are as follows 1) Cybersecurity Certification Management System     - Vehicle type-specific project management and project-specific sub-item management - Security module and firmware electronic signature management for component suppliers - Certificate issuance and distribution management for vehicle diagnostics - Generation and management of encryption keys used in encryption algorithms   2) Real-time incident response management system   - Security event history management by vehicle type and individual vehicle - Real-time monitoring of security events - Security vulnerability management and security measure implementation - Wireless firmware update (OTA, Over The Air) for each vehicle type   3) Software update management system    - Software version, history, and update status management - Impact analysis and evaluation management by software changes - RXSWIN (Regulation X Software Identification Number) management - Vehicle type-specific package management for software updates   The above three systems are effective even when used individually, but they are recommended to be interconnected to maximize the ‘orchestration’ effect. This is because it enables automation and optimization of cybersecurity work processes throughout the vehicle life cycle, from development to production to post-production. There is a case where a global OEM has implemented all three systems to maximize regulatory response effectiveness and work productivity.   The IT infrastructure solution was evaluated as pivotal in helping OEMs obtain CSMS (Cybersecurity Management System) and SUMS (Software Update Management System) certification from the UN R155·R156 certification body. FESCARO's IT infrastructure solution delivers the following key values.  First, it systematically tracks and manages the organic impact of the complex interconnections between cybersecurity, software updates, and related regulations to minimize the spread of damage. In the event of a security issue, the impact on derivative and subsequent projects can be identified, and security measures can be taken collectively for all related vehicles. The impact on existing item certification can be effectively analyzed and assessed even when software is updated. Second, it improves work efficiency by unifying and computerizing the management of distributed cybersecurity tasks across all areas of vehicle development and operation. It is also possible to systematically manage the history of security-related work across the board, which can be utilized as evidence in the future. Third, it can facilitate practical regulatory responses. Many organizations conduct cybersecurity regulatory response work separately from their original work. FESCARO minimizes the overlap between the original work and regulatory response work by designing and implementing an IT infrastructure optimized for the customer's business processes. The rise of software-defined operation (SDO)   As automotive cybersecurity threats are expected to intensify in the future, the importance of a continuous and efficient operation management system throughout the entire vehicle lifecycle is emerging. Beyond developing products (vehicles) centered on software, it is expected that the true value of SDV can be fully demonstrated by creating mutual synergy when the way of working (management system) changes to be software-centered. I have defined the software-centered operation management solution for SDV as Software Defined Operation (SDO). Just as SDV improves the user experience for drivers, SDO enhances the user experience for those involved in vehicle cybersecurity, directly leading to greater work efficiency. In an era where the importance of the post-production phase is emphasized, it is essential to realize continuous cybersecurity with SDO to lay a secure foundation for SDV. Source: AEM (Software-Defined Operation Management Leveraging the True Value of SDVs)

Hong Seok-Min, CEO of FESCARO Key Considerations in the SDV (Software-Defined Vehicle) race Three months after Apple announced it was ceasing its self-driving electric vehicle development project, ‘Apple Car,’ a new announcement arose that it is considering cooperation with Rivian, an electric vehicle company. Apple will focus on semi-autonomous systems but leverage Rivian's automotive expertise in brakes, powertrains, etc. [1] As automotive functionality becomes increasingly software-driven, not only existing OEMs but also tech companies such as Apple, Huawei, and Xiaomi are joining the transition to SDV. The strategy is to utilize their software capabilities in the IT and consumer electronics markets.   However, it's important to bear in mind that an increase in software correlates with a heightened risk of vehicle hacking. To respond to vehicle cybersecurity threats and create an environment where vehicles can be operated safely, the UNECE World Forum for Harmonization of Vehicle Regulations (WP.29) has enacted relevant regulations (UN R155/R156), and in Korea as well, the Motor Vehicle Management Act has newly established provisions related to the 'vehicle cyber security management system' and 'software update'.   In order to comply with the 'Cyber Security Management System' provisions of the amendment to the Motor Vehicle Management Act, it is necessary to protect the electronic controller itself or defend the vehicle from external attacks and to establish a vSOC(vehicle Security Operation Center) to manage vehicle security continuously. These security measures are being implemented in software, and related requirements will continue to evolve. Therefore, controller developers (Tiers) must effectively develop and manage cybersecurity and controller software to flexibly respond to the requirements. This is why the need for a software platform comes in.   Essential element for SDV, ‘AUTOSAR (international standardization platform for vehicle software)’ The software platform aims to promote development convenience and versatility by standardizing software structures that have had difficulty responding to various needs and changes. Tiers need to consider the application of software platforms positively for efficiency in software development and management, reusability and scalability, and controller competitiveness. The most widely used platform in the automotive software field is AUTOSAR. AUTOSAR is an Automotive Open System Architecture developed by OEMs such as BMW, Ford, and VOLKSWAGEN GROUP, and Tiers such as BOSCH and Continental. AUTOSAR not only reduces development time and costs, but also improves responsiveness to new requirements and software quality.   Considerations when applying AUTOSAR When applying AUTOSAR, it is important to consider whether the features are ready to meet the OEM's requirements, support the microcontroller units (MCUs) to be used, provide effective engineering services at a reasonable cost, and enhance software reusability and business scalability. Previously, only the original functionality of the controller was considered, but now, cybersecurity, functional safety, and software over-the-air (OTA) updates should also be considered to select the optimal AUTOSAR solution. After selecting a solution, it is necessary to check what services and components are required for the controller within the AUTOSAR Basic Software (BSW). Typically, when purchasing AUTOSAR, the Configuration Tool, BSW, and Runtime Environment (RTE) are delivered, and the AUTOSAR Microcontroller Abstraction Layer (MCAL) is offered by the MCU vendor or included in the AUTOSAR package.   From responding to the Motor Vehicle Management Act to strengthening global competitiveness, for continuous growth The automotive industry is constantly evolving, with the rise of high-performance electronics controllers for SDVs, changes in electrical and electronic (E&E) architectures, and software sophistication. Amidst these changes, Tiers need to maximize the efficiency of software development and management. By applying AUTOSAR, the convenience and reusability of software development increases, enabling Tiers to respond to the Korean Motor Vehicle Management Act amendment and secure competitiveness globally, since it can effectively respond to the requirements of various global OEMs. In other words, AUTOSAR is indispensable for survival in the SDV era.   AUTOSAR can be categorized into Application Software (ASW) and BSW. ASW deals with controller-specific functions for each controller, and BSW deals with the general-purpose functions of the controller. With the current shortage of electronics software developers, working with a company specializing in AUTOSAR can be a good solution. The BSW areas that require more software resources, such as communication, memory, diagnostics, cybersecurity, and OTA, can be outsourced to a specialist like FESCARO, while Tier’s internal software developers can handle the ASW areas related to controller-specific functions. If you need help with limited software development resources, FESCARO can provide you with an optimized BSW solution in the most practical way. [1] Apple announced that it is considering cooperation with Rivian <Source : monthlypeople (In the SDV era, Should Tiers Adopt AUTOSAR?)>

Lee Hyun-jung, CTO of FESCARO Last year, FESCARO achieved a grand slam in the four major international automotive cybersecurity certifications consulting. In the meeting with CTO Lee Hyun-jung, who presented practical technological breakthroughs to address cybersecurity issues in the automotive industry, including the UNECE World Forum for Harmonization of Vehicle Regulations (WP.29) automotive cybersecurity regulation coming into effect in July and securing vehicle safety in the SDV era, she emphasized that automotive security is a complex and multifaceted issue requiring an overall approach.  by Yoon Beom-jin, AEM (bjyun@autoelectronics.co.kr) FESCARO  Despite its brief 8-year history, FESCARO has established itself as a collaborative partner in cybersecurity, an urgent issue for the global automotive industry, with its capabilities and passion. Founded in 2016 by an automotive electronic control unit (ECU) developer and a white hacker, FESCARO began providing customized cybersecurity solutions to both Korean and foreign automakers and controller developers, and achieved a grand slam in consulting for the world’s four major automotive cybersecurity certifications (CSMS, VTA, SUMS, ISO/SAE 21434) in 2023. Additionally, it recently secured 13.65 million dollars in Series B investment. I got the impression that your company is young and dynamic. Could you tell us more about the key members and their abilities? LEE  CEO Hong Seok-min is an automotive electrical system development expert from Hyundai KEFICO and Hyundai AUTRON, and has developed and localized the first automotive cybersecurity module in Korea. I have built my career in IT security, and I met CEO Hong at the Best of the Best (BoB), a next-generation security leader training program, and we co-founded FESCARO. Our CSO, Ku Seong-seo, is a veteran who previously worked in HUMAX with over 20 years of experience in embedded software development, including automotive controllers and security solutions. Our CFO, Lee Young-tak, previously worked for E-Land and BUDDYBUDDY and has a successful track record of listing several Korean companies. Additionally, we have carefully recruited veterans from leading Korean and international companies, each with an average of over 20 years of experience, to build a solid and broad technology leadership team. Currently, 80% of FESCARO's staff are technical personnel. I often hear that FESCARO seems like a ‘young’ company. That is actually right to say since our company has been established for 8 years, but I take it to mean that our company is full of energy and vitality. I think it’s because both junior and senior members have a strong desire for growth and are not afraid to take on challenges. People with these tendencies, in turn, attract like-minded individuals. We are also serious about nurturing our junior staff. We systematically discover and nurture new employees with this kind of DNA, so they are highly proactive and responsive within the organization. At FESCARO, we encourage everyone to become a ‘bar raiser’ who continually elevates their own standards. I believe this organizational culture is the key driving force that enabled us to develop both the software and hardware of a cybersecurity gateway controller (SGW) from scratch in just two years and achieve cumulative orders of 1 million units. Could you please tell us about FESCARO's major achievements and the biggest challenges the company faces?  LEE  When our company was founded, cybersecurity was not a major concern in the automotive industry. Nevertheless, FESCARO steadily developed related solutions and acquired various international certifications, accumulating experience and capabilities along the way. Based on this, we won our first project from an automaker (OEM), KG Mobility (KGM). Despite limited resources, we worked closely with KGM to obtain UN R155 and R156 certifications early. In recognition of our achievements, we were selected as the Best Partner by KG Mobility at 'KGM PARTNER'S DAY 2024'. At the core of these achievements is our IT infrastructure solution. Cybersecurity requires continuous and systematic management. To this end, it is necessary to leverage SGW and security solutions to establish a defense-in-depth system and introduce a security information and event management system based on IT infrastructure. FESCARO's IT infrastructure solution consists of three organically interconnected systems, which are applied throughout the entire vehicle lifecycle, from development to customer delivery and eventually scrapping. KGM has integrated the management of cybersecurity tasks across the entire value chain by utilizing this IT infrastructure, improving work efficiency by linking regulatory compliance tasks with existing operations. Additionally, the company can track and manage the related impacts of software updates across all derivative projects, and proactively respond to security issues through a real-time incident response system linked to SGW, preventing the spread of damage. Since all tasks are computerized, the record of security-related activities can be systematically and comprehensively managed, and can be used as explanatory data in the future, increasing overall satisfaction.  In fact, the current IT infrastructure solution has not yet realized even half of what we have envisioned. Our next goal is to implement these plans gradually and ultimately contribute to strengthening the competitiveness of the Korean automotive industry. Have you noticed any gap in the field regarding cybersecurity awareness and response in the automotive industry? LEE  Before automotive cybersecurity was internationally legislated, its necessity and importance were often unrecognized. However, with the UNECE WP.29 General Assembly's adoption of UN R155 and the Korean National Assembly's passage of the amendment to the Motor Vehicle Management Act, which mandates automakers to implement safety management measures related to cybersecurity and software updates, non-compliant vehicles can no longer be sold. The prevailing perception is now that cybersecurity certification is mandatory, not optional. However, many still believe that simply meeting regulations or obtaining certification is sufficient.   In reality, continuous updates are essential for automotive cybersecurity, just like computer virus vaccines. Since hacking techniques evolve alongside security technologies, applying security solutions does not guarantee 100% safety. This is why related regulations require continuous updates and management. Therefore, I believe that responding to cybersecurity regulations should be integrated into the core operations to build and maintain safe vehicle security beyond one-time regulatory compliance. Currently, responses to cybersecurity regulations are often managed separately from core operations, but minimizing this gap is crucial for long-term success.  Building continuous vehicle security beyond a simple response to regulationsImproving work efficiency by linking regulatory compliance tasks with core operations What are the core technologies that differentiate FESCARO? What value does FESCARO provide to customers?  LEE  Cybersecurity is a complex and multifaceted issue that spans the entire automotive industry value chain as well as the entire vehicle lifecycle. FESCARO takes a holistic approach to cybersecurity from the OEM perspective, rather than simply providing security solutions or implementing requirements from a third-party standpoint. This approach has enabled us to offer a comprehensive all-in-one cybersecurity solution, including regulatory compliance, and effectively play a practical Tier 0.5 role in the industry. Our all-in-one solution not only protects the vehicle’s internal systems and communication channels between the vehicle and infrastructure but also includes a real-time incident response system based on IT infrastructure. In addition, FESCARO aims to provide the most practical solutions optimized for each client's situation and environment. Our IT infrastructure solution designs and implements workflows that consider the interests of both internal departments and external partners. Unlike existing solutions, where duplicate work is inevitable due to a lack of organic integration, FESCARO's solution is highly evaluated because it maximizes work efficiency and synergy. By understanding the entire process and linking multiple systems at once, our solution drastically reduces time and costs. Many customers say that FESCARO’s strength lies in 'making complex things easy.' For example, our IT infrastructure-based security information and event management is linked to SGW to create a real-time incident response system, enabling quick recognition and response to security issues as they arise. After the vehicle is released, the system collects field operation data through SGW, continuously monitors security issues by region, vehicle type, individual vehicle, and production line, and provides visualized data through a user-friendly dashboard for quick and effective response. How do cybersecurity responses vary across companies within the automotive industry ecosystem and value chain? LEE  OEMs must define their own cybersecurity requirements from a vehicle perspective and establish and continuously operate a management system. Meanwhile, Tiers must implement cybersecurity from a controller perspective based on the OEM requirements.  Since cybersecurity is not limited to a specific domain but requires a company-wide approach, OEMs often establish and implement cybersecurity response strategies with the help of professional consulting firms. From the perspective of Tiers, each OEM has different requirements, making it challenging to manage derivative projects while responding to each OEM. Therefore, it is recommended that Tiers establish their own cybersecurity response strategies that satisfy both international standards and regulations, allowing them to respond to various OEMs in a unified manner. Kanavi Automotive (now Kanavi Mobility), with consulting support from FESCARO, became the first in Korea to obtain certification for a cybersecurity management system based on ISO/SAE 21434, the international standard for automotive cybersecurity engineering, in April 2023. Recently, OEMs have increasingly required Tiers to build their own Key Management System (KMS). FESCARO’s KMS solution is differentiated from existing KMS by its ability to manage projects by OEMs and integrate with the Tier’s production line. We are currently working closely with HL Klemove on a KMS project. What should OEMs and Tiers prepare for ahead of the enforcement to Motor Vehicle Management Act Amendment, and how can FESCARO’s services and solutions help? LEE  Since cybersecurity and software updates are a key part of the amendment to the Motor Vehicle Management Act, we have received many inquiries from our clients. In early April, we agilely addressed this topic in our ‘Security Counseling Center’ webinar series, where a panel of experts answered frequently asked questions, receiving an enthusiastic response. The key point is that since the Motor Vehicle Management Act amendment is based on UN R155/156, they align in the overall context. There are two major requirements that the amendment and the UN regulations have in common: First, a cybersecurity management system (CSMS) must be established to protect vehicles from cyber threats and ensure safety. Second, a system must be established to manage software updates that may affect vehicle safety, ensuring no issues arise post-update. There are differences in the required certifications. OEMs wishing to sell vehicles in Korea must obtain CSMS certification. While UN regulations also require software update management system (SUMS) certification, Korean law does not mandate certification for this part. However, essential information on vehicle software updates must be reported both in advance and afterward.  To effectively respond to the diverse requirements of OEMs, it is recommended that Tiers establish a cybersecurity management system that complies with the international standard for automotive cybersecurity engineering, ISO/SAE 21434. This standard is closely aligned with the relevant UN regulations. FESCARO has optimized its existing UN regulatory compliance solution to fit the amendment to the Motor Vehicle Management Act. Since the amendment is based on UN regulatory standards, FESCARO, with hands-on success experience in UN regulations, can effectively assist our customers. What are FESCARO’s current activities and plans for overseas expansion?   LEE  Since cybersecurity is an urgent issue for the global automotive industry, we are exploring and evaluating various markets. In the Chinese market, which presents many variables but also numerous opportunities, we have commenced full-scale sales activities since the beginning of this year. Given that the Chinese market is the fastest in popularizing electric vehicles and is open to new technologies and methodologies, we believe there are numerous collaboration opportunities that require creativity. Besides the automotive market, we are also considering expansion into industries closely related to future mobility, such as EV chargers. With the advent of the SDV era, automotive E/E architecture is evolving from domain architecture to zonal architecture. How should the response approach change in terms of cybersecurity? What role can FESCARO play?  LEE  In the SDV era, the vehicle lifecycle is expected to evolve into a circular structure similar to DevOps, increasing the importance of the post-launch phase. In this situation, as software technology continues to advance and the interconnected influence of software also becomes increasingly complex, the current practice of separating core operations from regulatory responses will soon become too difficult to manage manually.  Like the IT infrastructure that KGM proactively built, the importance of an efficient operation management system across the entire value chain and vehicle lifecycle will likely increase. In addition to managing all software versions, it is necessary to systematically identify and manage the impact and potential side effects on all existing certification items when updating software. Automating these complex work processes through FESCARO’s IT infrastructure solution will enhance the user experience for internal stakeholders, ultimately improving productivity, profit efficiency, and future competitiveness. Furthermore, as the paradigm shifts to SDV, we expect to maximize synergy by transforming not only product development but also our work processes and thinking to be software-centric.  In addition, we expect creativity in finding new breakthroughs when problems cannot be solved with existing methods will emerge as a key competency. FESCARO's new vision is 'Hack the Mobility,' where individuals with software-centric thinking come together to creatively approach the mobility industry and solve its challenges. As part of this vision, we developed a cybersecurity gateway controller (SGW), which serves as the foundation for developing SDV's zonal controller, and built a real-time incident response system by integrating SGW with our IT infrastructure. What message will you deliver at this year’s Automotive Innovation Day conference?  LEE  This aligns with what I have been discussing so far. I would like to emphasize the necessity of a ‘software-centered operation management solution’ that can create synergy with SDV. I expect the cooperation structure to evolve from the existing hardware-centered specialization to a matrix structure spanning the entire value chain. We need an organically linked management system that can continuously and systematically manage cybersecurity throughout the entire vehicle lifecycle, even after mass production. I will illustrate this based on FESCARO’s actual success stories, as I believe this will be a key factor in determining competitiveness in the SDV era. CEO Hong Seok-min will give a keynote speech, where he will discuss broader topics than I do, such as how the competitive landscape will change in the future, what core competencies will be needed for future competitiveness, and what changes in perception are necessary within the industry. <Source: AEM(FESCARO: A Grand Slam Winner for Vehicle Security in the SDV Era)>

Last January, Tesla's entire IVI (In-Vehicle Infotainment) and Gateway systems were hijacked. The culprit(?) was Synacktiv, a French information security company. They found a significant cybersecurity vulnerability in the first 'Pwn2Own Automotive', a vehicle hacking competition, and took first place, winning a prize of approximately $450,000. 출처 = gettyimagesbank As Pwn2Own's main sponsor, Tesla proactively takes the lead in uncovering cybersecurity vulnerabilities by providing its vehicles to white-hat hackers. Even though meticulous preparations for cyberattacks are made in the design phase, security vulnerabilities evolve continuously. Therefore, it is essential to discover new vulnerabilities (zero-day vulnerabilities) for which there are no security patches and respond proactively to prevent the spread of subsequent damage. In particular, more software-controlled functions, such as SDVs(Software-Defined Vehicles), mean a proportional rise in hacking risk. Therefore, preemptive and continuous preparation for vehicle safety is necessary. International regulations also follow the same trajectory. In 2020, the UNECE World Forum for Harmonization of Vehicle Regulations (WP.29) introduced automotive cybersecurity management (UN R155) and software update management (UN R156). Based on international regulations, Korea also established standards optimized for its automotive management laws and regulations, fostering a safer driving environment. That is, the 'Motor Vehicle Management Act Amendment' promulgated last February. The Motor Vehicle Management Act Amendment It is a revision of clauses that needed supplementation as vehicles shifted to become software-oriented. The key issues are the Cyber Security Management System (CSMS) and software updates. CSMS refers to managerial, technical, and physical protection to protect vehicles from cyberattacks and threats. Automakers and importers can only sell vehicles in Korea with a CSMS certification. If in cases where certification gets revoked, vehicle sales become prohibited.   Additionally, when automakers update software for functions related to safety standards, they must submit the relevant information in advance to the Ministry of Land, Infrastructure, and Transport. Automakers can request partner companies to submit the impact analysis results on safety standards that may occur due to software updates, and the results can be used as evidence for regulatory compliance. There is a big difference between the Motor Vehicle Management Act Amendment and the UN regulations. UN regulations require certification for both CSMS and software update management system (SUMS), but the Motor Vehicle Management Act only requires CSMS certification. CSMS certification from UN R155 cannot substituted for the one from the Motor Vehicle Management Act. The Act recognizes certificates issued solely by the Korean Ministry of Land, Infrastructure, and Transport. However, automakers and importers with CSMS certification from UN R155 will not face great difficulties obtaining CSMS certification from the Korean Ministry of Land, Infrastructure and Transport. This is because the Korean Motor Vehicle Management Act and enforcement ordinance are based on UN R155 and R156. Since the CSMS preparation requirements of UN R155 and the Motor Vehicle Management Act Amendment are rarely different, automakers and importers' primary task is adjusting their existing cybersecurity policies and procedures to comply with Korean regulations.     What and How to Prepare The preparatory requirements may vary depending on whether the UN R155 certification is obtained. First, it is essential for automakers that have not obtained UN certification to establish a CSMS that adheres to the ISO/SAE 21434. This must encompass not only the development phase but also the production and post-production phases. Additionally, TARA (Threat Analysis and Risk Assessment), cybersecurity testing, and validation procedures are essential, and the necessary resources to execute them must be secured. Lastly, the establishment and operation of procedures for continuous cybersecurity monitoring, incident response, and incident-related data provision are mandatory. If the CSMS certification for UN R155 is obtained, optimization work, such as reviewing and supplementing the system in accordance with the Korean Motor Vehicle Management Act, is necessary.   The Upcoming Motor Vehicle Management Act Amendment, Taking Effect Next Year, Requires a Practical Breakthrough According to the Motor Vehicle Management Act Amendment, regulations will be implemented for new vehicles in August 2025 and for existing vehicles in August 2027. Accordingly, Korean automakers and importers need to quickly prepare to respond to the Motor Vehicle Management Act Amendment. If you encounter challenges in independently responding to regulations, you may also consider collaborating with a specialized company that leverages its experience with success cases to recommend efficient response strategies.   In 2023, FESCARO contributed to the early acquisition of automotive cybersecurity certifications (CSMS, SUMS, VTA [UN R155·R156], and ISO/SAE 21434) for automakers and controller developers, hitting a grand slam for the four major international automotive cybersecurity certification consulting. This expertise empowers FESCARO to deliver the most practical response solutions, including an optimized guide for the Motor Vehicle Management Act Amendment.<Source: boannews ([Issue Column] Key Focus to the Upcoming Motor Vehicle Management Amendment for OEMs (boannews.com))>

Tier's hardware prowess is well-established, but software will be the key differentiator for future success. Then, what turning point awaits Tiers as software takes center stage? Lee Soon-cheol, Vice President of FESCARO, discusses Tier's development status, hurdles, and future roadmap. Author | Lee Soon-cheol, Vice President, FESCARO Lee Soon-cheol, Vice President He started his career as an application engineer at BOSCH and progressed through project manager and sales roles to an executive. He then led the Korean branch of Elektrobit, a company specialized in automotive middleware, during the Electric Vehicle boom. Now, he leverages his 30 years of international experience to spearhead the expansion of next-gen controller business for SDV at FESCARO. * This article was crafted through a collaborative approach, leveraging 70% raw expertise and 30% AI assistance.   Four Changes in the Automotive Ecosystem Triggered by Electrification Electrification's impact on the automotive industry has reshaped its ecosystem. Below is the four Key changes: First, the Tiering between automakers (OEMs) and controller developers (Tier) has crumbled. Semiconductor manufacturers used to trade with Tiers, but now they’re dealing directly with OEMs. As vehicles began to require high-performance graphics processing, signal processing, and communications, etc., semiconductor manufacturers started to provide integrated solutions such as autonomous driving, connectivity, safety, and entertainment systems. Second, the boundaries in the industry have collapsed. Mobility service providers are emerging separately from traditional OEMs. They are introducing new competitive elements into the automotive industry by offering autonomous taxi services, shared mobility platforms, demand-responsive vehicle-hailing services, and drone delivery services. Third, the distinction between competitors and partners has become ambiguous. As the adoption of electric vehicles expands, OEMs are putting significant effort into establishing and expanding electric vehicle charging infrastructure. In this process, OEMs between themselves or electric vehicle charger companies become partners and share the infrastructure, or competitors depending on the region. Fourth, the automotive industry is witnessing a surge in software adoption. This is driven by several factors: cost-effective software development, its ability to implement functionalities such as autonomous driving, connectivity, safety, and entertainment into software, and ease of update & maintenance. Most OEMs aim to develop Software-Defined Vehicles (SDV). Implementing SDV requires a transition to a zonal vehicle architecture, and high-performance computing (HPC) must be presupposed for autonomous driving, artificial intelligence, and real-time data analysis. The future holds promise for even deeper software integration within zonal or HPC. The hardware development capabilities of Tiers have already reached a significant level. The software implementing these functions will be a key differentiator in future competition. Then, as the importance of software increases, what turning point will Tiers face? Let's discuss about Tier’s development status, hurdles to overcome, and direction to move forward. Figure 1 | SDV concept example (Source=FESCARO) Development Status of Tiers (Classified into four groups) Tiers can be classified into four groups according to their business area. Let's take a look at the development status of global Tier 1 to Tier 2. The first group is global Tier 1. They supply control units to global OEMs and operate domestic and overseas factories. They have sufficient in-house hardware and software development human resources. Software human resources from small and medium Tier 1 companies and IT companies are moving here, and they are partnering with universities to support students with scholarships and connect them with employment. This mirrors the intense competition for talent once seen in the IT and gaming industry. Engineers recruited through scouting often move to OEMs after gaining 1 to 2 years of experience, so there is no absolute assurance regarding workforce issues. The second group consists of Tier 1 companies that have domestic OEMs as their main customers and also supply control units to some overseas OEMs. While they possess a moderate software development workforce, their workforce for concurrent mass production and advanced development is limited. To address this, they strategically deploy their human resource, focusing internal talent on advanced development while collaborating with external specialists for mass production needs. In addition, most companies have their research centers in the capital region, but some with research centers located in rural areas choose to relocate only the software department to the vicinity of the capital to operate an affiliated research center. This decision is seen as a consideration of the concentration of talent in the capital region. This phenomenon is also observed among some foreign companies operating in Korea. The third group consists of Tier 1 companies that mainly serve domestic OEMs while positioning themselves for future overseas expansion. Their operations, including headquarters and research centers, are concentrated outside the capital region. They develop lower-level control units rather than upper-level control units for vehicles. Many of the existing software developers have moved to Tier 1 companies, which have research centers located globally or in the capital, and because it is difficult to recruit experienced and new employees, they collaborate with external specialized companies for mass production and advanced development. The fourth group is Tier 2. The hardware is developed in-house, and the software is provided by Tier 1. Because they primarily develop and produce products that are closer to sensors than control units, there are almost no software engineers in their research centers. However, some companies possess specialized technology for specific components. They see the current shift towards electrification in the automotive ecosystem as an opportunity to expand their control unit development capabilities. We have checked the development status of Tiers by group. Next, let's find out what hurdles the Tier must overcome based on this current situation.   Three Hurdles that Tiers face in The Era of SDV Shortage of Software Human Resources The rapid rise in software demand within the automotive industry outpaces supply, leading to a shortage of software engineers. Engineers are being drawn to global Tier 1 and OEMs. In a capitalist economy, workers can seek companies that offer higher wages and better working conditions depending on their abilities and experience, which contributes to increasing the flexibility of the labor market. As further evidence, a 2022 survey by JOBKOREA, a Korean recruitment platform, revealed that ‘opportunities for learning and growth’ are the biggest motivator for job changes among workers in their 20s and 30s. 1) If companies want to secure talent, the key is to focus on career development, such as whether the company has specialized expertise or can provide diverse or new experiences. Recognition of software value As software influence expands and competition for workforce intensifies, it is evident that software will become a key corporate asset in the future. However, in the automotive industry, the value of software tends not to be reflected in terms of price. So far, software has been included in the price of the control units. However, considering the situation in which SDV will be composed of Zonal and HPC in the future, OEMs may seek to procure software independent of control units developed by the existing Tier 1 companies and embed it in the vehicle. Although developing all functions is an option for OEMs, it is not easy to develop all while avoiding various patents. To truly advance toward SDV, practical solutions for software pricing between OEMs and Tier 1 companies are essential. Developing Innovative Ideas The shortage of software human resources may be partially alleviated through collaboration with AI. While AI can handle coding tasks, engineers will remain crucial for results verification, and the strategic implementation of creative ideas that drive new services. As the value of innovative software solutions increases, the industry should explore ways to incentivize creative thinking among software engineers. Tiers should prioritize developing ideas for survival strategies in the SDV era, while strongly considering implementing actual development through collaboration and partnerships with external specialized companies. This can be an effective tool for boosting productivity by shortening the development period, etc. Furthermore, Software Development Kits (SDKs) should be provided to allow developers to easily integrate the functions required for solutions without implementing separate functions. Just as various applications are used on smartphones, new services will be developed and used in vehicles in the future based on numerous information exchanged through networks inside and outside the vehicle. Tiers should also consider venturing into the development of in-vehicle applications. If you have 70% of the ideas, you now need 30% of creativity. At the beginning, I stated that this article was written with 70% experience and 30% AI support. While daily journaling might not demand extensive thought, crafting an insight column requires a different level of thinking. Then, I felt that I could write more easily with the help of AI. First of all, I quickly wrote down my observations and discoveries within the field. AI then facilitated the completion of the writing, offering support in areas, such as sentence flow, sourcing relevant materials, and identifying appropriate terminology. If you have an innovative software idea for SDV but are at a loss on how to implement it, it is similar to my situation, which had raw ideas in writing this column. I believe that for Tiers, 70% of development has already been completed with just a creative idea. The important thing is to transform the idea into reality. I dare to predict that companies with the “creativity” to execute ideas without a guideline will be the key drivers of innovation. For those possessing 70% of the ideas, the remaining 30% will be provided by software-specialized companies like FESCARO, which will offer the most practical solutions to implement ideas. Reference 1) For workers in their 20s and 30s, job hopping is an opportunity for growth, JOBKOREA, 11.29.2022 ​ Source: AEM (https://www.autoelectronics.co.kr)

Charlie Miller, the legendary hacker famous for hacking into a Jeep Cherokee, said eight years ago that computer hacking became boring and that hackers would turn their focus to devices such as cars, trains, power plants, and traffic signals. We are in the age of IoT (Internet of Things), a market of interconnected devices through the Internet. The V2X (vehicle-to-everything) era is just around the corner. The significance of cybersecurity testing cannot be overstated, as it serves as a foundational safeguard against scenarios like the "zombie car action sequence." Author | Kwon Dong-hoon, Security Vulnerability Analysis Team leader, FESCARO ​Kwon Dong-hoon, Security Vulnerability Analysis Team Leader Began professional journey in security information sector back in 2001. Over the years, he dedicated countless nights as a security threat analysis/response specialist at AhnLab. Throughout various cybersecurity incidents, he's been actively involved in analyzing and addressing security breaches and malware (V3). This was part of his activities in the Threat Response Public-Private Council, collaborating closely with entities such as KISA, the police, and the prosecution. During the IT paradigm shift, he engaging in strategic planning at SK Shielders to improve understanding on cloud security. One day, he chanced upon the powertrain ECU of a Nordic car brand that no longer exists, and the car engine control mechanism captivated him. This interest persisted discreetly, leading him to join FESCARO as the leader of the red team. ​ Figure 1. Still Image from ‘Fast and Furious: The Extreme’ (Source=Naver Movie)​ Downtown New York, overrun By ‘Zombie Cars’ Hundreds of cars equipped with self-driving software were hacked, paralyzing traffic in downtown New York. Fortunately, this is just a famous scene from the 2017 movie 'Fast and Furious: The Extreme'. A movie reviewer, identifying himself as a 'security enthusiast,', likened it to "a zombie car action sequence that visualizes a DDoS (Distributed Denial of Service) attack." As a 'security enthusiast' also, I wholeheartedly concurred with this depiction.1)   ‘Upgrade (2018)’, an Australian film I recently enjoyed on Netflix, is also set in a near future where AI-based fully autonomous driving is the norm. The film showcases the use of autonomous driving technology to move a car to a crime scene, and hacking another to avoid being chased by the police.   Some scenarios from these movies have already become a reality. A famous example is when Charlie Miller and Chris Valasek, well-known pioneers in automotive security research, succeeded in remotely hacking a Jeep Cherokee driving on the highway in 2015. Their successful demonstration highlighted the potential to control various vehicle functions, from steering and braking to temperature and lock regulation. As a consequence, Fiat Chrysler had to recall 1.4 million vehicles impacted by this vulnerability.2) ​   Just over a year ago, David Colombo, a 19-year-old cybersecurity expert from Germany, revealed that he could remotely compromise 25 Tesla vehicles across 13 countries by using automotive software system vulnerabilities. This quickly gained traction on Twitter and became a hot topic in major news globally, underscoring the heightened cyber risks associated with technological advancements.3) ​   The automotive industry is experiencing a transformative shift as traditional hardware-focused technologies merge with software-centric ICT technologies. Spearheaded by Tesla, global automakers are vying to showcase their visions for autonomous and connected vehicles, with electric vehicles (EV) at the forefront. Moreover, major tech giants, both domestic and international, such as Google, Microsoft, and Kakao, are actively participating in this evolution. ​   Governments around the world are not standing idle. As the mobility industry becomes a key determinant of future competitiveness, countries are competing for leadership. They're implementing policies that align with their own interests and goals.4)  For instance, in 2018, the Korean government established 'K-City' (Figure 2) in Hwaseong, Gyeonggi-do. This 5G communication network-based city for autonomous vehicle testing replicates real-world environments. It aims to spearhead and commercialize global autonomous driving technologies. Proactively, K-City has embraced digital twin technology5) and entered into a partnership agreement with 'M-City' at the University of Michigan, USA, which is the world's inaugural experimental city devoted to autonomous driving.6)     Figure 2. Bird's Eye View of K-City (Autonomous Driving Experimental City), (Source=KATRI) As a security enthusiast, I hope that K-City will also feature a ‘cybersecurity demonstration center.’ ​   Technological progress is a double-edged sword. As autonomous driving technologies evolve, so will hacking techniques. Consider the future commercialization of V2X (vehicle-to-everything) technology7). Vehicles will engage in high-density communication with a variety of things, including other vehicles, pedestrians' mobile devices, and transportation infrastructures like roads and traffic lights. Beyond just the potential for vehicular hacking, this opens the door to the possibility of large-scale cyber-terrorism targeting networks and infrastructures. Such attacks could result in societal disruption far exceeding any prior incidents. ​   By proactively implementing technological solutions to address and preempt vehicle-related hacking, which poses significant risks to numerous lives, we can move closer to presenting a more well-rounded autonomous driving technology to the world. ​ R155: The first international automotive cybersecurity regulation  As autonomous driving and connectivity technologies progress, vehicles see a rise in electronic control units (ECUs) and heightened communication intricacies. This inevitably amplifies the potential for cybersecurity vulnerabilities and the risk of hacking. Recognizing this, an international consensus emerged on the importance of automotive cybersecurity, culminating in the establishment of the inaugural global regulations. In June 2020, UNECE WP.29 (World Forum for Harmonization of Vehicle Regulations under the United Nations Economic Commission for Europe) introduced UN Regulation No. 155 ("UN R155") addressing Cybersecurity and Cybersecurity Management System. This regulation officially took effect in January 2021.8) Figure 3. UN R155 (Source=UNECE)   Per this regulation, automakers are mandated to implement a Cybersecurity Management System (CSMS) across the development, production, and post-production phases, and secure the necessary certification. Furthermore, as illustrated in Figure 4, they must achieve Vehicle Type Approval (VTA) by conducting cybersecurity assessments and validations, both at the individual controller and overall vehicle levels. This ensures that the vehicle models they intend to market adhere to CSMS standards.9)   Figure 4. VTA(Vehicle Type Approval) Process in UN R155 (Source=FESCARO​)   All 27 EU member nations have either adopted this automotive cybersecurity regulation or integrated it into their domestic laws.10) As a result, starting from July 2022, every new vehicle model sold in these countries must conform to these stipulations. From July 2024, every new vehicle manufactured and sold will fall under this regulatory umbrella. Consequently, automakers will need to successfully undergo cybersecurity evaluations and validations for any new vehicle models they intend to market in Europe.​   The provisions concerning cybersecurity testing and validation can be found in Section 5 and 7 of UN R155. The key aspects of these articles are outlined below.11) ​   Section 5 Approval 1.2 The Approval Authority or the Technical Service shall verify by testing of a vehicle of the vehicle type that the vehicle manufacturer has implemented the cybersecurity measures they have documented. 1.3 The Approval Authority or Technical Service shall refuse to grant the type approval with regard to cyber security where the vehicle manufacturer has not fulfilled one or more of the requirements referred to in paragraph 7.3., notably. ​   Section 7 Specifications 3 Requirements for vehicle types 3.1 The manufacturer shall have a valid Certificate of Compliance for the Cyber Security Management System relevant to the vehicle type being approved. 3.2 The vehicle manufacturer shall identify and manage, for the vehicle type being approved, supplier-related risks. 3.3 The vehicle manufacturer shall identify the critical elements of the vehicle type and perform an exhaustive risk assessment for the vehicle type and shall treat/manage the identified risks appropriately. While assessing the risks, the vehicle manufacturer shall consider the risks related to all the threats referred to in Annex 5, Part A, as well as any other relevant risk. 3.4  The mitigations implemented shall include all mitigations referred to in Annex 5, Part B and C which are relevant for the risks identified. (A related example is depicted in Figure 5 below.) 3.6 The vehicle manufacturer shall perform, prior to type approval, appropriate and sufficient testing to verify the effectiveness of the security measures implemented. 3.7 The vehicle manufacturer shall implement measures for the vehicle type to a) Detect and prevent cyber-attacks against vehicles of the vehicle type b) Support the monitoring capability of the vehicle manufacturer with regards to detecting threats, vulnerabilities and cyber-attacks relevant to the vehicle type c) Provide data forensic capability to enable analysis of attempted or  successful cyber-attacks.   Figure 5. Schematic Diagram of Automotive Cybersecurity Threats (Source=KATRI) ​ Response to Automotive Cybersecurity Regulations​ As per KATRI, Korea actively engaged in the development discussions and validation tests for cybersecurity standards within the UNECE WP.29 Cybersecurity Expert Technical Group (CS/OTA IWG, Informal Working Group on Cyber Security & OTA). Moreover, through a series of meetings and feedback sessions involving various stakeholders and experts, including prominent domestic and international automakers, it formulated the 2020 Automotive Cybersecurity Guidelines. ​ Korea is currently updating its domestic regulations in alignment with international standards like UN R155. These changes are anticipated to take effect by the end of July 2023 and be enforced from the end of July 2024. Nonetheless, based on the fit with existing structures, it is expected that the current self-certification approach will continue, rather than adopting the type approval (VTA) method as seen in UN R155. ​ Looking at the stances of major countries, the United States is contemplating a self-certification system12)while Japan has adopted UN R155 like the EU13) ​ ​   ISO/SAE 21434: International Standard for Automotive Cybersecurity Engineering ISO/SAE 21434 serves as the international benchmark for automotive cybersecurity engineering. This standard outlines cybersecurity processes spanning the full product lifecycle of a vehicle—from planning and development to production, maintenance, and eventual disposal. It can be used by a diverse group of stakeholders, including automakers, component suppliers, and software companies.14) ​ The UNECE recommends referring to ISO/SAE 21434 when setting up and managing the cybersecurity management system (CSMS) as stipulated by UN R155. Essentially, ISO/SAE 21434 can be employed to implement a CSMS encompassing cybersecurity risk management and governance for automotive electrical/electronic controllers and their associated interfaces. Figure 6 depicts the comprehensive structure of ISO/SAE 21434.15)   ​   ​ Figure 6. Comprehensive Structure of ‘ISO/SAE 21434 Cybersecurity Engineering' (Source=ISO) ​   The ‘cybersecurity testing’ process based on ISO/SAE 21434 is shown in Figure 7. It is similar to the typical regulations/standards response processes of automotive cybersecurity companies. Once a professional consulting team finishes consulting for CSMS certification, white hat hackers from the red team carry out TARA, security tests on ECUs and vehicles(penetration testing, fuzzing testing, and vulnerability scanning), and security function test. This rigorous testing ensures compliance with security standards, leading to the creation of a final validation report. Figure 7. ISO/SAE 21434 Based ‘Cybersecurity Testing’ Process (Source=FESCARO) Section 15 TARA(Threat Analysis, Risk Assessment)To begin with, a range of modeling techniques are utilized to analyze threats and evaluate risks associated with the vehicle's ECU. While the ISO/SAE 21434 standard suggests modeling approaches such as EVITA, TVRA, and STRIDE, STRIDE modeling tends to be the preferred approach. ​   Section 9 Concept After completing TARA, the next step is to identify the cybersecurity requirements of the designated ECU, referencing Section 9. Subsequently, a security control concept should be devised to fulfill those requirements. Common cybersecurity control measures implemented for automotive ECUs include: ​ 1) Access Control: Secure boot, Secure access, Secure flash, Secure debug, Memory protection, etc. 2) Hardware Security: Implementing HSM, eliminating JTAG/UART debug ports, utilizing BGA type chips, bonding, etc. 3) Software Security: Secure coding, encryption, OS security, etc. * Here I’ll focus on cybersecurity testing and will not delve into detailed descriptions of each individual cybersecurity control. ​   Section 10 Product Development Section 10 outlines the product development phase, which implements the cybersecurity requirements specified in Section 9. This section encompasses activities to verify whether the requirements have been properly implemented, and also highlights four verification test methods, as detailed below: ​ 1) Security function test to ensure the implemented security features function correctly 2) Penetration test from a hacker’s perspective 3) Vulnerability Scanning to determine if potential vulnerabilities have been adequately reduced 4) Fuzzing Test, which assesses for irregularities by inputting random values ​   Section 11 Cybersecurity Validation Section 10 details verification activities performed on individual ECUs, while Section 11 is about the cybersecurity validation process applied to actual vehicles. Assessing cybersecurity within the vehicle's operational environment, combined with its mass production setup, is vital. This ensures that the primary cybersecurity objectives are met and that no outstanding undue risks remain.  ​ ‘Non-functional testing’ for proactive security   Automotive cybersecurity validation testing primarily encompasses both functional and non-functional testing. 'Security function testing' involves confirming that the functions for automotive cybersecurity control measures (or security solutions) are correctly implemented. 'Non-functional testing' consists of the three methods outlined in the ISO/SAE 21434 standard. ​   1) Penetration Test The test aims to assess the implemented cybersecurity measures, identify gaps, and take complementary measures by attacking target vehicle systems from a hacker's perspective (ethical hacking). The primary focus is on uncovering unnoticed vulnerabilities using a range of hacking methods.   2) Fuzzing Test The test evaluates the software's robustness by repeatedly sending random or adaptive inputs, often at escalating frequencies.   3) Vulnerability Scanning The test aims to identify recognized security vulnerabilities in embedded operating systems like Android/Linux and open sources utilized in application development, subsequently implementing supplementary actions such as patches or hardening.​​ Cybersecurity testing methodology to increase reliability (feat. five know-hows)    It has now been a year since the first international cybersecurity regulations came into force. Global governments are advancing legislative efforts, including enacting and amending laws, while affiliated organizations strive to define more explicit institutional benchmarks for specific regulatory prerequisites. The materials presently available offer a general roadmap, but specifics concerning security test design and execution often hinge on the discretionary interpretation and strategy of cybersecurity-specialized companies. ​ I am leading the Red Team at FESCARO, a company dedicated to automotive cybersecurity, and have a track record of successfully navigating security tests to secure CSMS and VTA certification for global automakers. FESCARO stands out as the sole automotive cybersecurity company in Korea that has achieved a grand slam16) in cybersecurity-related certification consulting, including CSMS, ISO/SAE 21434, SUMS, and VTA. Moreover, we've garnered commendable reviews from global technical service assessors who handle hundreds of cases. Now, let’s delve into the strategies to enhance cybersecurity test reliability, spotlighting the “Five Know-Hows Learned by the FESCARO Red Team” that facilitated this success. ​   1) Exploration in preparation for attack Security testing commences by pinpointing attack surfaces visible from the car's exterior and discerning attack vectors. Typically, attack classification frameworks encompass the Cyber Kill-Chain and the MITER ATT&CK Matrix, emphasizing the attacker's actions, as well as Threat Hunting, which categorizes attacks from the defender's perspective. The initial phases of security testing correspond to Reconnaissance and Initial Access methods in the COMPROMISE category in the MITER ATT&CK Matrix (Figure 8). Figure 8. MITRE ATT&CK Matrix (Source=MITRE ATT&CK) ​   Figure 9 shows an example of attack surfaces accessible from outside the car. “Attack surfaces” refer to various contact points in a vehicle system or software where an unauthorized user or attacker can exploit potential vulnerabilities to gain unauthorized access or control of the system. These contact points are categorized into Network, Adjacent, Local, and Physical based on their points of access. For instance, cellular networks for OTA (Over The Air) updates, Wi-Fi for Car-to-Home or Home-to-Car interactions, and GPS are categorized under “Network,” LF/RF for keyless entry and Bluetooth for media connections, and NFC for payment are classified as “Adjacent.” Meanwhile, the CAN and Automotive Ethernet, which facilitate internal connections between car electronic ECUs, are placed under “Local.”   Figure 9. Example of Attack Surfaces, (Source=FESCARO) ​   Once the attack surfaces are identified, the next step is to pinpoint the attack vectors. An 'attack vector' refers to the means or method by which an attacker attacks a target vehicle. Figure 10 summarizes attack vectors by attack surface.​   While attackers perceive these as their means and methods of assault, defenders view them as security threats. ISO/SAE 21434 recommends using STRIDE explained above, for threat modeling.​​ ​ Figure 10. Major Attack Vectors (Source=FESCARO) Figure 11. STRIDE-Based Identification of Security Threats (Source=Institute of Energy Efficient Mobility) ​   2) ‘Continuous management,’ the valid standard of security testing Before delving into the detailed design of test cases for launching an attack, it is necessary to derive cybersecurity test items that serve as a higher standard. Over the years, FESCARO's Red Team has set robust benchmarks for cybersecurity testing by conducting tests under a variety of conditions. By consistently crafting and executing hundreds of test cases, we've continually enhanced and fortified these benchmarks while refining our test cases. This has endowed us with a stereoscopic and dense cybersecurity testing framework. In scenarios where explicit guidelines are lacking, the effective benchmarks we've established to date offer a significant competitive edge.​   Cybersecurity is closely related with instability, making it challenging to lay down clear and specific guidelines. As a result, it's vital to maintain a continuous cycle of learning and deriving insights through research and development such as data collection, and analysis, and subsequently incorporating those insights into the workflow for enhancement. In other words, it's crucial to apply the CD (Continuous Development) cycle, often referred to as CI (Continuous Integration), CT (Continuous Testing), and CX (Continuous Exploration), to security testing.​   3) Integrated environment testing (different results with the same test case) What we believe is most important in security testing to obtain UN R155 certification is “conducting verification within an integrated environment, including the actual vehicle-based driving environment.” I stress the importance of this, having personally witnessed its impact on outcomes. Even if the same test case is used, different results appear depending on the test environment, such as individual ECUs and actual vehicle-based stationary and driving environment. While each test environment holds its own value, a synergy emerges when testing is performed in an integrated environment, expanding the scope and depth of the verification process. Let's delve into two illustrative examples to see how cybersecurity test results affect in driving environments such as driving, steering, and braking. ​   First, Figure 12 shows the results of an actual vehicle-based driving test in a graph. The solid green line represents the engine speed (RPM) measured without any attack, while the orange dashed line indicates the engine speed recorded during an attack. For testing, fuzz data was input to Powertrain CAN while the vehicle was in motion. As a result, an abnormal shift timing led to a deviation from the standard engine speed. Yet, when the fuzz data was input in a stationary setting after the IGN was turned ‘ON’, there were no disruptions in CAN communication or any other effects. Despite all other test conditions remaining consistent, the outcomes varied with the driving environment. Figure 12. Driving Test Results (Source=FESCARO) ​   Recently, in preparation for a global automaker's demonstration of VTA evaluation for electric vehicles slated for mass production, FESCARO conducted mock evaluations under various conditions to identify and address security vulnerabilities. However, during testing in a driving environment, an issue arose: when an abnormal message was input to the E-PT (electric vehicle powertrain), driving halted and the accelerator pedal became unresponsive. Under the same conditions but in a stationary environment, the only observed effect was a minor communication delay. This information was immediately relayed to the ECU developer company and after thorough technical discussions with the relevant stakeholders, it was agreed that mass production would commence after applying a software patch. By conducting a comprehensive test in an integrated environment and ensured the effectiveness of security measures before the final evaluation, we proactively identified and rectified potential vulnerabilities, and ultimately successfully completed the VTA certification demonstration. ​   4) Design and implementation of customized test cases　 After establishing the criteria such as direction for security testing and cybersecurity test items, it's time to draft a test case for the attack. ​ Over the past few years, FESCARO has designed and implemented more than a hundred custom test cases. The test case template example shown in Figure 13 encompasses factors commonly acknowledged in the industry, along with the "essential elements" I've identified based on our success stories. With a well-tailored test case that considers the unique features of both the automakers and vehicle models, we anticipate positive feedback when undergoing CSMS and VTA certification processes. For reference, details of the test case design may be reflected in the validation report when the test is completed. Figure 13. Example of Testcase Template (Source=FESCARO) ​   5) Internal Penetration (INFILTRSTION) and complete control By performing non-functional penetration tests based on various attack vectors targeting the attack surfaces, white hat hackers can successfully gain access and execute both local and remote code. This phase corresponds to the Execution and Persistence steps in the COMPROMISE category of the MITER ATT&CK Matrix (Figure 8). ​ The ultimate objective is lateral movement for infiltration and dissemination. Once internal control is secured, the desired outcome is realized through data gathering, command and control mechanisms. During this phase, techniques like Privilege Escalation, Defense Evasion, Credential Access, and Discovery from the INFILTRATION category of the MITER ATT&CK Matrix are employed. ​ Outlook of virtualization technology for security testing   Cybersecurity testing in a real vehicle driving environment also has drawbacks. Given considerations such as weather conditions, safety, testing duration, and costs, integrating virtualization technology into cybersecurity testing can be a viable approach.   Virtual simulation systems called HIL17) and SIL18) are already being used for software development and testing of vehicle electronic ECUs. With recent advancements in digital twin and virtualization technologies, the introduction of the Vehicle-in-the-Loop (VIL) simulation concept, which allows for the virtual simulation of vehicles, is gaining traction. It is able to create an integrated vehicle simulation system by virtualizing the vehicle's sensor and actuator system, vehicle dynamics system (driving-steering-braking), and even the driving environment.19) ​   To add cybersecurity testing here, it’s essential to further develop security testing tool linkage interfaces and test case integration etc. Depending on the stakeholders, consideration of cost, usability, and versatility will clearly be necessary. Nevertheless, cybersecurity testing in a VIL environment emerges as a compelling alternative that could partially supplant some aspects of vehicle testing in an actual driving environment. ​ Test automation to improve efficiency   Test automation is also receiving as much attention as virtualization technology.​   Even if minor functions are changed in the vehicle, it is essential to re-verify the cybersecurity effectiveness through security testing to ensure there are no side effects or newly discovered vulnerabilities. Since no one knows what kind of butterfly effect it could have. Given that automated testing is more efficient than manual checks by engineers or white hat hackers for every minor alteration, this technology is undoubtedly valuable for companies aiming to optimize the use of their skilled workforce. ​ Block Harbor in the United States is often referenced as a good example of cybersecurity test automation. They provide cybersecurity design and operation services such as TARA and Vehicle Security Operation Centers(VSOC), as well as the 'UNR155 Mitigation Test Suite System' tailored for UN R155-related testing of vehicles and individual ECUs.20) Additionally, they are collaborating with the American Center for Mobility (ACM) to develop cybersecurity solutions for future vehicles.21) ​ Block Harbor collaborates with FESCARO, the cybersecurity company I work for in Korea. Together, we are engaged in multiple national cybersecurity projects promoted by the Korea Transportation Safety Authority under the Ministry of Land, Infrastructure and Transport. As we approach the enforcement of the Automobile Management Act in July 2024, projects like 'Establishment of Cybersecurity Support and Response System' and 'Test Automation for Cybersecurity Verification and Evaluation' are underway concurrently, all intricately connected to optimize operational synergy. ​ Conclusion   As the shift towards Software Defined Vehicle (SDV) gains momentum, issues of recalls stemming from software defects often make the news. In San Francisco, having recently earned the title of the ‘world’s first 24-hour robotaxi city’, is witnessing various challenges. ​ According to automotive cybersecurity trends reported by UPSTREAM, an international security specialist, the incidence of automotive breaches has surged over the past three years. Additionally, new vulnerabilities are emerging at a rate two to three times higher annually.22)23) Cybersecurity is a vital field. To address the escalating and increasingly sophisticated hacking threats, white hat hackers persistently and, at times, sporadically evaluate the robustness of cybersecurity measures, continually refining and bolstering existing countermeasures.   Charlie Miller, the legendary hacker famous for hacking into a Jeep Cherokee, said eight years ago that computer hacking became boring and that hackers would turn their focus to devices such as cars, trains, power plants, and traffic signals. 24) ​ We live in the Internet of Things (IoT) era where all devices are connected to the Internet, and the era of Vehicle-to-everything (V2X) communication is on the horizon. Cybersecurity testing holds immense value and impact, serving as a bare minimum to prevent the “zombie car action sequence” from becoming a reality. ​ Global automakers tend to internalize technologies, including cybersecurity, but continue to partner with specialized companies for cybersecurity testing. I hope that automotive technology will continue to advance within a stable environment, based on reliable cybersecurity testing.     References ​ 1) “Cars in movies turned into 'zombies' by hacking. Is this possible?”,< OhmyNews>, 28.11.2017 2) ““Automotive information technology security, if breached, it’s over”... Jeep Cherokee ‘recalled’ due to hacked driving, <Sports Kyunghyang>, 26.07.2015 3) “19-year-old claims he hacked into over 25 Teslas in 13 countries”, 12.01.2022 4) Take the lead in the future mobility competition based on ‘electrification and autonomous driving, <New Daily Economy>, 22.06.2023 5) Digital Twin: A technology to create objects (twins) identical to the real things in virtual space and verify them through various simulations 6) [Analysis] “Tesla had 424 self-driving accidents last year alone”...K-City drawing attention to virtual space integration’, <Daily Korea>, 12.06.2023 7) Vehicle-to-everything (V2X) communication : The act or technology of a vehicle exchanging information by communicating with various objects such as other vehicles, pedestrians, and infrastructure 8) Automotive cybersecurity is becoming important with the increase in advanced vehicles, Press release from the National Assembly Research Service, 28.12.2022 9) UN Regulation No. 155 (E/ECE/TRANS/505/Rev.3/Add.154), UNECE, 04.03.2021 10) Automotive cybersecurity is becoming important with the increase in advanced vehicles, Press release from the National Assembly Research Service, 28.12.2022 11) UN Regulation No. 155 (E/ECE/TRANS/505/Rev.3/Add.154), UNECE, 04.03.2021 12) Automotive cybersecurity guidelines, Korea Transportation Safety Authority & KATRI, 12.2020 13) Automotive cybersecurity is becoming important with the increase in advanced vehicles, Press release from the National Assembly Research Service, 28.12.2022 14) Hankyung Economic Terms Dictionary: ISO/SAE 214347, Naver Knowledge Encyclopedia, 02.2023 15) ISO, 2021.08, ISO/SAE 21434:2021 Road vehicles - Cybersecurity engineering 16) Grand slam in cybersecurity certification: Originally, it refers to sweeping all major competitions in sports, but here, it refers to having success stories for all four cybersecurity certifications (CSMS, ISO/SAE 21434, SUMS, VTA). 17) Hardware in the Loop: Software is included in the ECU, but the environment surrounding the ECU is virtualized (in a simulation environment). 18) Software in the Loop: Testing software in a simulation environment without real hardware 19) Virtual verification technology for vehicle SW quality innovation [Video], Hyundai Motor Group Developer Conference, 2022 20) Breakwater, UNR 155 Mitigation Test Suite for Common Interfaces in Vehicle Systems, Blockharbor, 09.2022 21) American Center for Mobility and Block Harbor Collaborate to Develop Cybersecurity Offerings at ACM's Global Development Center, 01.08.2023 22) Upstream's 2023 Automotive Cyber Trend Report, Upstream, 2023 23) AutoThreat® Intelligence Cyber Incident Repository, Upstream, 08.2023 24) [Special interview for the inaugural special issue] Charlie Miller, a car hacker, “We must recognize the risks and deal with them”, <Electronic Newspaper>, 21.09.2015 ​ Source: AEM (https://www.autoelectronics.co.kr)  

Until five years ago, carmakers were hesitant to introduce cybersecurity measures in vehicles despite being aware of their necessity due to cost issues. However, when the European Union introduced cybersecurity regulations in 2022, it became virtually impossible to enter the European market without meeting the new standards. The change has made cybersecurity an essential element to ensure the survival of carmakers. The advancements in vehicle software, diversification of vehicles’ functions and increase in communication have made software-defined vehicles a hot topic for the car industry, and cybersecurity is the final element in building SDVs. The fact that United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulations adopted UN Regulation No. 155, No. 156 in June 2020 to lay the foundations for the cybersecurity ecosystem is widely known. This final article in our series on automotive cybersecurity focuses on the last stage of the strategic approach to cybersecurity regulations. It specifically addresses the concept of Software Update Management System, exploring associated challenges and the strategies to effectively manage them. 1. Software updates and SUMS As the automotive industry shifts toward SDVs, demand is on the rise for post-production software updates. These updates are key to improving vehicle features and extending customer service. Polestar Korea's response to a dashboard speed display issue last year is a case in point. The company promptly addressed the discrepancy of 1 to 3 kilometers per hour through a voluntary recall and free over-the-air updates, enhancing customer convenience and trust. The significance of software updates further aligns with the global regulatory focus. In June 2020, the aforementioned global forum on motor vehicle regulations adopted UN Regulation No. 156 to ensure safe software update policies and procedures. Compliance with this regulation requires automakers to obtain Software Update Management System certification and Vehicle Type Approval. Encompassing a wide range of products from passenger vehicles to agricultural machinery, Regulation No. 156 places particular emphasis on Article 7 ("general specifications") for automakers, detailing requirements for SUMS and vehicle types. 2. Requirements for SUMS The establishment of SUMS requires adherence to Article 7, Section 1 subparagraph 1, focusing on the initial assessment process. This involves secure documentation of all software versions and the management of Regulation X Software Identification Number, which is crucial for identifying and managing software versions for regulatory compliance. A vehicle with a RXSWIN must meet several criteria: consistency with type approved software, interdependency with other System, identification of vehicles requiring updates, compatibility between new software and vehicle configuration and the ability to record and assess the update’s impact on type-approved System. 3. Requirements for vehicle type For vehicle types, the focus is on software and over-the-air updates. Under Article 7, Section 2, subparagraph 1 of Regulation No. 156, manufacturers must ensure the authenticity and integrity of updates, while preventing compromised or invalid ones. They must also guarantee that each vehicle type’s RXSWIN is uniquely identifiable. When updating RXSWIN to modify type approved software, automakers must either extend the existing type approval or seek a new one based on the impact of the changes. Additionally, they need to ensure that RXSWIN is accessible through standardized System like the on-board diagnostics interface and protected from unauthorized modifications For vehicles with over-the-air updates, manufacturers must adhere to guidelines stated in Article 7, Section 2, subparagraph 2. These include the ability of the vehicle to restore its system post-update and maintain sufficient power to ensure proper execution of the update. Automakers are required to inform users before initiating an update, prohibit driving if the update cannot be safely launched, and disable any features that may compromise vehicle safety or interrupt the update process. Upon completion of the update, users should be clearly informed about the outcomes and any changes made. 4. Strategies for SUMS certification preparation In preparing for SUMS certification, automakers must first evaluate the impact of software updates on each type approval by establishing an effective evaluation process and procedure. Depending on the update's impact, a normal software update may suffice, but thorough validation may be essential in cases of significant changes. This can be a time-consuming and complex process, given the interconnected nature of various vehicle System and domains. Fescaro, a leading cybersecurity specialist, has developed an automated vehicle software update management system to facilitate this process. Fescaro’s system enables automakers to verify the integrity of each update and evaluate its implications on vehicle type approval, contributing to their path to successful SUMS certification. The next step involves applying a feature within the cybersecurity-specialized electronic control unit. This system manages software configuration and certification information linking vehicle domains and electronic control units. It plays a crucial role in fulfilling SUMS certification and type approval requirements by enabling vehicle validation, managing software updates, and ensuring safe over-the-air execution. The cybersecurity-specialized electronic control unit also performs essential security functions, enabling effective compliance with Regulation No. 155’s cybersecurity management system requirements. These functions include protecting the in-vehicle network, detecting abnormal messages in real time and monitoring security information and event management – all of which are instrumental in addressing potential cyberthreats. 5. Key insights of SUMS certification Achieving SUMS certification requires a comprehensive assessment of the software update’s impact and software configuration management. However, tracking each type approval, vehicle and electronic control unit poses a real challenge. The key to successful SUMS certification lies in "orchestration" – an integrated approach enhancing workflow productivity. The diagram below illustrates an example of orchestration in the certification process, which involves a seamless integration of vehicle software management System with a cybersecurity-specialized electronic control unit: An example of orchestration in the SUMS certification process (Fescaro) Understanding the automotive industry’s complex value chain and the vehicle’s production cycle is equally crucial. This understanding forms the basis for a system that responds effectively to customer needs and regulatory requirements. Close coordination with tier companies, through workshops and seminars, may also facilitate the certification process and ensure regulation compliance. This article concludes our series on the automotive cybersecurity certification process under UN regulations. A leader in vehicle cybersecurity certification consulting with expertise in all four major certification processes, Fescaro remains committed to providing well-organized, high-level assistance to automakers and tier companies in the field. (Ku Seong-seo is Fescaro's head of global business sales) Fescaro is a vehicle cybersecurity specialist that has gone through all major certification processes (CSMS, ISO/SAE 21434, VTA, SUMS). It is the only company in Korea to have obtained what is referred to in the field as the "grand slam of vehicle cybersecurity certification consulting.” - Ed. <Source : Korea Herald (https://www.koreaherald.com/view.php?ud=20231127000319&ACE_SEARCH=1)>

In this second installment of our series on automotive cybersecurity, we delve deeper into the strategic approach to regulatory compliance, focusing on Vehicle Type Approval (VTA) and its challenges. Until five years ago, carmakers were hesitant to introduce cybersecurity measures in vehicles despite being aware of their necessity due to cost issues. However, when the European Union introduced cybersecurity regulations in 2022, it became virtually impossible to enter the European market without meeting the new standards. The change has made cybersecurity an essential element to ensure the survival of carmakers. The advancements in vehicle software, diversification of vehicles’ functions and increase in communication have made software-defined vehicles (SDVs) a hot topic for the car industry, and cybersecurity is the final element in building SDVs. The fact that UNECE WP.29 adopted UN Regulation No. 155 (UN R155) in June 2020 to lay the foundations for the cybersecurity ecosystem is widely known. 1. CSMS and ISO/SAE 21434 The core of UN R155 is that carmakers need to obtain a cybersecurity management system (CSMS) and vehicle type approval. CSMS refers to the process and management system for protecting vehicles from cyberattacks and managing cybersecurity risks. ISO/SAE 21434 is the international engineering standard for vehicle cybersecurity that defines the cybersecurity policies and processes throughout all phases of a vehicle’s development, production and postproduction, and sets the standards for CSMS. The UN R155 outlines its aims, while the ISO/SAE 21434 provides the requirements and details about assessment standards. In other words, ISO/SAE 21434 is essential to properly implement CSMS. 2. Understanding VTA's purpose and requirements As previously explained, the Cyber Security Management System is integral to protecting road vehicles against cyberthreats. The VTA process begins with the technical service (TS) evaluating the automaker's technical documentation and conducting initial vehicle tests. Following TS approval, the approval authority (AA) issues a final CSMS certificate following its own review. VTA ensures each vehicle adheres to the prescribed cybersecurity standards, with both TS and AA validating the implementation. UN R155's cybersecurity certification process (FESCARO) VTA necessitates comprehensive risk assessment, effective cybersecurity measures, and thorough validation testing. This includes identifying risks to road vehicles and determining the adequacy of the risk management strategy, which could involve removal, improvement, avoidance, or acceptance of risks. The specifics of these cybersecurity measures are detailed in UN Regulation No. 155 (UN R155) Articles 5 ("approval") and 7 ("specifications"), with the specific testing protocols outlined in ISO/SAE 21434. 3. Conducting cybersecurity testing for VTA The ISO/SAE 21434 outlines a four-step validation process for road vehicles: functional testing, vulnerability scanning, fuzzing testing and penetration testing. Each step has a specific focus, from verifying the operation of cybersecurity elements to actively simulating attacks to identify potential vulnerabilities. The type of testing required for each Electronic Control Unit (ECU) is determined by its Cybersecurity Assurance Level as specified in Annex E of ISO/SAE 21434, shown in the table below: Cybersecurity Assurance Level assigned to each Electronic Control Unit (ISO/SAE 21434, Annex E) 4. Key insights of VTA and FESCARO's expertise Ensuring the correct setup and application of cybersecurity measures is crucial for the safety of ECUs and vehicles. FESCARO emphasizes a comprehensive approach, integrating threat analysis and risk assessment (TARA), robust cybersecurity solutions, rigorous testing, and effective cybersecurity control management. FESCARO’s success story with an internationally renowned automaker highlights the importance of choosing a competent cybersecurity partner. During a recent penetration test for a world-renowned automaker, we identified a critical issue in an electric vehicle's powertrain system -- when tested in motion, the drivetrain failed and the gas pedal became unresponsive. Our team of experts swiftly reported this issue to the automaker, and after a thorough review, we successfully applied a cybersecurity patch to resolve the problem. 5. Essential takeaway from VTA experience The essence of VTA lies in thorough verification and validation of cybersecurity measures. This process must be both rigorous and continuous in order to prevent unforeseen cybersecurity events. FESCARO's three-year journey underscores the importance of exhaustive testing and consistent technology application. Real-vehicle testing is critical for comprehensive validation as stipulated in UN R155. Our strategy for successful VTA includes meticulous TARA documentation, extensive ECU testing, real-life vehicle trials, comprehensive VTA evaluation checklists, and seamless integration of cybersecurity testing with IT infrastructure. In our next article, we will explore the final step of automotive cybersecurity certification: SUMS certification, and discuss the prerequisites for achieving it. [Ku Seong-seo, Fescaro head of global business sales at fescaro.com ] Fescaro is a vehicle cybersecurity specialist that has gone through all major certification processes (CSMS, ISO/SAE 21434, VTA, SUMS). It is the only company in Korea to have obtained what is referred to in the field as the "grand slam of vehicle cybersecurity certification consulting.” - Ed <Source : Korea Herald (https://m.koreaherald.com/view.php?ud=20231116000844)>

Excerpt from article 7 of UN Regulation No. 155 Until five years ago, carmakers were hesitant to introduce cybersecurity measures in vehicles despite being aware of their necessity due to cost issues. However, when the European Union introduced cybersecurity regulations in 2022, it became virtually impossible to enter the European market without meeting the new standards. The change has made cybersecurity an essential element to ensure the survival of carmakers. The advancements in vehicle software, diversification of vehicles’ functions and increase in communication have made software-defined vehicles (SDVs) a hot topic for the car industry, and cybersecurity is the final element in building SDVs. The fact that UNECE WP.29 adopted UN Regulation No. 155 (UN R155) in June 2020 to lay the foundations for the cybersecurity ecosystem is widely known. 1. CSMS and ISO/SAE 21434 The core of UN R155 is that carmakers need to obtain a cybersecurity management system (CSMS) and vehicle type approval (VTA). CSMS refers to the process and management system for protecting vehicles from cyberattacks and managing cybersecurity risks. ISO/SAE 21434 is the international engineering standard for vehicle cybersecurity that defines the cybersecurity policies and processes throughout all phases of a vehicle’s development, production and postproduction, and sets the standards for CSMS. The UN R155 outlines its aims, while the ISO/SAE 21434 provides the requirements and details about assessment standards. In other words, ISO/SAE 21434 is essential to properly implement CSMS. 2. Requirements and Points of Note in CSMS certification How is CSMS approval obtained? To receive approval, Article 7 Clause 2 sub paragraph 2 of UN R155 must be followed. An automaker must apply the cybersecurity management system to all phases of a vehicle’s lifespan – development, production and postproduction – and demonstrate that security is adequately considered in processes such as cybersecurity management within its organization, threat identification, risk assessment and cybersecurity testing. An automaker also must ensure that threats and vulnerabilities requiring a response from the vehicle manufacturer shall be mitigated within a reasonable timeframe, and that field monitoring for detecting and responding to threats is being carried out continuously. The automaker must also demonstrate how the CSMS will manage dependencies that may exist with contracted suppliers, service providers or manufacturer’s suborganizations. The above requirements must be validated by a technical service provider, and the final approval is given after an assessment by an approval authority. An automaker that has yet to establish a CSMS must be aware of the following two elements. The first is to follow Europe and related countries’ time frames for implementing the regulations, and the second is to utilize existing elements as much as possible in order to find ways to meet the requirements in the shortest time span possible. Building a CSMS requires identifying and analyzing a vehicle’s security vulnerabilities. To do this, a threat analysis and risk assessment should be carried out, and the ECUs need to be categorized into security levels according to their importance. The trend is to use hardware security module-fitted semiconductors that meet international standards in ECUs categorized into high security levels, as concerned organizations usually provide cyber security solutions compatible to HSMs, and carmakers using different chips need to replace the chips. This process can lead to significant costs, but there is a case where the issue was solved by analyzing the situation faced by carmakers and ECU developers. In that case, cybersecurity specialist Fescaro developed a software solution that meets HSM security requirements. By doing so, Fescaro assisted in a Korean carmaker meeting all European cybersecurity requirements without replacing over 50 types of chips used in the company’s vehicles. Fescaro’s solution contributed to reducing the development costs and production time. The security solution has since been implemented in producing 150 types of ECUs in seven vehicle types produced by domestic and foreign carmakers. The most important element in CSMS approval is keeping the timetable. Since July 2022, a new vehicle type can only be introduced in Europe after meeting all cybersecurity requirements. From July 2024, the measure will be applied to all new vehicles produced and sold in relevant markets. A misstep in obtaining the approval can lead to setbacks in launching new models, or have a detrimental impact on a carmaker’s quality competitiveness. The time required in all processes from suppliers’ sourcing to quality verification must be taken into consideration. A carmaker has the option of working with a company that provides all-in-one services in meeting CSMS requirements. But the carmaker must assess whether the company has the technological capability to provide the necessary solutions throughout the lifecycle of a vehicle. Such a partner must be capable of dealing with all related areas, from certification consultation services and Threat Analysis and Risk Assessment (TARA) to cyber security solutions, cyber security tests, cyber security gateway ECU to security management system. 3. Differences between OEM and tier companies’ approval Do carmakers and tier companies have to respond to the regulations? UN R155 states CSMS approval should be obtained by the carmaker. However, as a carmaker should be able to manage the cybersecurity activities of tier companies, an ECU developer needs to establish a CSMS if required by the carmaker. If an ECU developer has established a CSMS in accordance with Article 7, "Distributed cybersecurity activities," of ISO/SAE 21434, the ECU developer can obtain ISO/SAE 21434 certification through a technical service provider. As the ISO/SAE 21434 certification proves an ECU developer’s cybersecurity capabilities, it can aid the company in strengthening its competitiveness in the global market. In short, CSMS approval is essential for carmakers under UN R155, while ECU developers can obtain ISO/SAE 21434 certification as necessary. Carmakers and ECU developers across the world are moving quickly to respond to related regulations. Mercedes-Benz was the first carmaker to obtain cybersecurity certification, followed by Volkswagen. In Korea, Hyundai Motor Group obtained CSMS certification in December 2021, followed by KG Mobility in December 2022. As for ISO/SAE 21434 certification, Kanavi Mobility obtained it in February 2023 and Hyundai Motor Group’s global software center 42dot was certified in August 2023. 4. Core of CSMS certification As a cybersecurity expert who has experienced carmakers obtaining CSMS certification and ECU developers receiving ISO/SAE 21434 certification, the vehicle life-cycle is at the core of CSMS. If in the past, developing a vehicle was the most important phase, in today’s world, the postproduction phase must be considered as software vulnerabilities keep evolving. In other words, all processes across the life cycle of a vehicle must be optimized and a cybersecurity system that is linked to all phases of the life cycle must be built and operated. To this end, numerous discussions and negotiations among the concerned departments and outside partners must be carried out. Only then can a company obtain CSMS certification. [Ku Seong-seo, Fescaro head of global business sales@fescaro.com ] Fescaro is a vehicle cybersecurity specialist that has gone through all major certification processes (CSMS, ISO/SAE 21434, VTA, SUMS). It is the only company in Korea to have obtained what is referred to in the field as the "grand slam of vehicle cybersecurity certification consulting.” - Ed <Source : Korea Herald (https://www.koreaherald.com/view.php?ud=20231114000120&ACE_SEARCH=1)>