[Series] FESCARO's Automotive Cybersecurity FAQs

​

FESCARO has been operating the ‘FAQs Series’ to address cybersecurity issues for stakeholders in the automotive industry. We have conducted live webinars on four key topics, and the expert panel from FESCARO provided answers to the most commonly asked questions from industry professionals. If you missed a webinar on a topic that interests you, you can access both the recorded video and a text summary (FAQs) at the following link.

 

# FAQs Series

1. Cybersecurity Strategies for Tiers (Emerging-OEMs oriented)

2. Comprehensive Guide on Cybersecurity Solutions & Engineering

3. Cybersecurity Testing method based on VTA Success Stories

4. ECU Cybersecurity guidance : From production to post-mass production

5. How Korea’s Motor Vehicle Management Act Amendment impacts OEMs and Tiers

The webinar, titled <How Korea’s Motor Vehicle Management Act Amendment impacts OEMs and Tiers>, held by FESCARO on Wednesday, April 3, concluded with great interest. The fact that more than 160 people pre-registered for the webinar underscores the significance of the ‘Korea’s Amendment to the Motor Vehicle Management Act’ within the industry.

​

Addressing inquiries about the Motor Vehicle Management Act, FESCARO prioritized the questions industry practitioners are most curious about. Are you interested in response strategies and practical know-how for complying with the Motor Vehicle Management Act? Please check the expert panel's clear answers in the video and text!

​

​

■ Expert Panels

​

ㆍDirector Ku Seong-seo (an iconic figure of the FESCARO’s webinar): 20+ years of experience in embedded system SW development, including automotive controllers and security solutions

ㆍTeam leader Choi Kwang-mook (key player of the FESCARO’s grand slam): 20+ years of experience in automotive certification consulting, including CSMS, SUMS, ISO/SAE 21434, etc.

​

​

■ QUESTION LIST

​

1.     Description of Korea’s amendment to the Motor Vehicle Management Act

2.     How is it different from UN certifications (R155 · R156)?

3.     Is it replaceable by UN certifications (R155 · R156)?

4.     Cybersecurity and software update-related contents in the Motor Vehicle Management Act

5.     What and how to prepare? (OEM/Tier)

6.     Does the Motor Vehicle Management Act necessitate modifications to controller software?

7.     Is it necessary to apply AUTOSAR?

8.     Can an organization implement AUTOSAR independently?

9.     What should be considered when applying AUTOSAR?

■ Video Ver.

■ Text Ver.

 

1. Description of Korea’s amendment to the Motor Vehicle Management Act

Timeline for the Motor Vehicle Management Act Amendment

Let’s begin with an explanation of the ‘Motor Vehicle Management Act’. The Motor Vehicle Management Act is a Korean law that aims to promote public welfare by overseeing vehicles operated in the country, ensuring their performance and safety. It encompasses aspects such as vehicle registration, safety standards, self-certification, and correction of manufacturing defects.  

​

Regarding this Motor Vehicle Management Act, an amendment was promulgated as of February 13, 2024. The amendment addresses the need to supplement related provisions as the focus of existing vehicles shifts from internal combustion engines and mechanical parts to software. The core of the amendment emphasizes the necessity of securing vehicle safety against cyberattacks and threats, as well as establishing a system to manage software updates that may impact vehicle safety.

​

In essence, with amendments to the Motor Vehicle Management Act concerning cybersecurity management systems and software updates being promulgated, it becomes imperative to prepare for them. While the primary subject of certification is the automaker (OEM), Tiers also need to respond to related requirements. The amendment to the Motor Vehicle Management Act is slated to take effect in August 2025 for new vehicles and in August 2027 for existing vehicles. 

Motor Vehicle Management Act Amendment - Cyber security management system

Now, let's delve into the main contents, starting with the cybersecurity management system. According to the Motor Vehicle Management Act, automakers and importers can only sell vehicles in Korea if they possess CSMS certification. Failure to maintain CSMS certification can result in a ban on selling vehicles.

​

CSMS, in this context, refers to a cybersecurity management system. Legally, CSMS is defined as 'a comprehensive management system encompassing administrative, technical, and physical protection measures to safeguard vehicles from cyberattacks and threats.' Here, cyberattacks and threats refer to attacks perpetrated by hackers.

​

Building a CSMS requires not only technical components but also an organizational security management system. It also entails implementing physical protection measures for workplaces and production facilities. Given that automakers are responsible for overseeing the cybersecurity supply chain to ensure the production of safe vehicles, they have no option but to mandate CSMS from their Tiers. Consequently, Tiers must be equipped to address the cybersecurity management and engineering requirements of automakers.

Motor Vehicle Management Act Amendment – Software updates

Next, let's discuss software updates. If an automaker updates software for functions related to safety standards, it must inform the Korean Ministry of Land, Infrastructure, and Transport in advance of such updates. Failure to comply may lead to penalties or fines. Tiers are required to furnish automakers with the results of analyzing the impact of software updates on safety standards in advance. Based on this analysis, automakers will review whether to comply with applicable laws and regulations. We'll delve into more details later.

2. How is it different from UN certifications (R155 · R156)?

We will explain the amendments to the Motor Vehicle Management Act and the guidelines for CSMS (Cyber Security Management System) certification, considering that they were established based on UN R155 and R156. The certification is divided into system certification and vehicle certification.

​

ㆍSystem certification : CSMS certification and SUMS certification. Korean law requires only CSMS certification from automakers and importers.

ㆍVehicle certification : Certification applicable to vehicle types sold in Korea. The certification methods include VTA certification or self-certification, and Korean law stipulates self-certification.

​

One important point to note here is that under the Motor Vehicle Management Act, vehicle certification and system certification are interconnected. The CSMS certification under the Motor Vehicle Management Act serves as a system certification for an automaker’s cybersecurity management system. Unlike existing system certifications for international standards such as ISO 9001 and IATF 16949, this certification pertains specifically to CSMS required under UN regulations and Korean laws. Without the corresponding system certification, related vehicle certification cannot proceed.

Motor Vehicle Management Act vs. UN Certifications

4. Cybersecurity and software update-related contents in the Motor Vehicle Management Act

Motor Vehicle Management Act Amendment - Provisions regarding cyber security management system

Each provision of the amendment to the Motor Vehicle Management Act corresponding to CSMS is summarized as follows.

​

ㆍ Article 30-3: Vehicles cannot be manufactured or sold without CSMS certification (Article 30, Paragraphs 9, 10, 11, and 12 specify laws and regulations regarding CSMS.)

ㆍ Article 30-9: Automakers wishing to self-certify their vehicles must establish a CSMS and obtain certification from the Minister of Land, Infrastructure and Transport.

ㆍ Article 30-10: Automakers must comply with requests from the Korean Ministry of Land, Infrastructure and Transport to submit data on the establishment and operation of CSMS.

ㆍ Article 30-11: Standards for cancellation of vehicle CSMS certification are specified.

ㆍ Article 30-12: If an accident related to a cyberattack or threat occurs in the field, it must be reported to the Minister of Land, Infrastructure and Transport.

ㆍ Article 81: (Penalty) Anyone selling a vehicle without CSMS certification is subject to imprisonment for up to one year or a fine not exceeding 10 million won (approximately $7,300).

Motor Vehicle Management Act Amendment - Provisions regarding Software Updates

The following are provisions related to software updates.

ㆍ Article 34-5: This clause specifies the following six compliance requirements that must be observed when updating. Information on updates related to safe vehicle operation must be notified in advance to the Korean Ministry of Land, Infrastructure and Transport, and the performance test agent for the updates must be confirmed in advance.

o   Update compliance requirements:

①    All functions of the vehicle must operate normally even after the update;

②    The vehicle must prove compliance with vehicle safety standards even after the update.

③    The update implementation process must be safe.

④    Update information must be delivered to vehicle users.

⑤    Update contents and history must be safely preserved.

⑥    Any other matters necessary for safe and smooth updating, as prescribed by the Ordinance of the Korean Ministry of Land, Infrastructure, and Transport.

ㆍ Article 34-6: If the Korean Ministry of Land, Infrastructure and Transport deems it necessary, a performance test agent may investigate the adequacy of the automaker’s updated contents, methods, and management status. (Performance test agent refers to an organization designated as an agent by the Korean Ministry of Land, Infrastructure and Transport, such as KATRI.)

ㆍ Article 35-2: Any modification, installation, addition or deletion of software that may affect the safe operation of the vehicle is prohibited.

ㆍ Article 81: (Penalty) Anyone who violates ①~③ of update compliance requirements will be subject to imprisonment for up to 1 year or a fine not exceeding 10 million won (approximately $7,300).

ㆍ Article 84: (Fines) Anyone who violates the provision for submitting update-related data will be subject to a fine not exceeding 20 million won (approximately $14,500) and anyone who violates ④~⑥ of the update compliance requirements will be subject to a fine not exceeding 10 million won (approximately $7,300).

​

For specific details regarding requirements and evaluations, enforcement ordinances and safety standards will be applied under the guidance of the Korean Ministry of Land, Infrastructure, and Transport, the Korea Transportation Safety Authority, and KATRI. FESCARO is also working on preparing for certification and cybersecurity testing, and we will share related news as it becomes available. 

5. What and how to prepare? (OEM/Tier)

Preparations for OEMs that have not obtained UN certification

Firstly, we explain from the viewpoint of an automaker (OEM) that hasn't obtained UN certification. OEMs are obligated to establish a CSMS (Cyber Security Management System) compliant with ISO/SAE 21434. This system must remain operational not only during the development phase but also throughout production and field maintenance diagnosis. Specifically, OEMs need to implement TARA (Threat Analysis and Risk Assessment) alongside cybersecurity testing and validation procedures, allocating necessary resources accordingly. Additionally, OEMs must establish and maintain procedures for continuous cybersecurity monitoring, incident response, and data reporting. From an OEM perspective, the most important thing is to have a system for cybersecurity supply chain management.

Preparations for Tiers that have not obtained UN certification

The preparations for controller developers (Tiers) who have not obtained UN certification are similar to those of OEMs. First, Tiers must establish a cybersecurity distributed development process that incorporates CIA to address OEMs' CSMS needs. This is mainly managed by the sales and design departments. Additionally, Tiers must establish a CSMS based on ISO/SAE 21434 standards and organize a dedicated department or team for cybersecurity management and incident response. Finally, Tiers should establish TARA procedures and allocate resources in advance to meet OEM’s demands. To implement security measures based on TARA results, it is advisable to apply security technology and prepare procedures and resources for security testing. From a Tier’s perspective, it is crucial to ensure the security technology applied to the controller and establish a security testing system to ensure its quality. 

Preparations for OEMs and Tiers that have obtained UN certification

Lastly, an OEM or Tier that has already obtained UN certification should proceed with internalization work to review and supplement their existing CSMS based on the Motor Vehicle Management Act and CSMS certification standards. And since submissions to the Korean Ministry of Land, Infrastructure and Transport must be written in Korean, it is necessary to translate the output into Korean.

​

 

 

6. Does the Motor Vehicle Management Act necessitate modifications to controller software?

Yes, it does. Also, we can say that it's imperative to select a software configuration and development plan capable of adapting flexibly to evolving cybersecurity technologies in the future.

​

The Motor Vehicle Management Act does not describe a very specific methodology. However, in Article 2 (Definition) 4-4, a cyber security management system is defined as 'a comprehensive management system including managerial, technical and physical protection measures to protect vehicles from cyberattacks and threats.' For clarity, we will show the necessary measures specified in 5.1.1 of UN R 155 that an automaker (OEM) must deploy in its vehicles to be certified. 

Paragraph 5.1.1 of UN R 155

(a) : Include not only automakers but also Tiers.

(b) : Reflect security measures for vehicles.

(c) : Appropriately implement cybersecurity measures in the vehicle design itself.

(d) : Must be able to detect and respond to cybersecurity attacks on vehicles.

(e) : Need log data processing with forensic capabilities to detect and analyze cybersecurity attacks.

Now, let us explain the above regulations from a SW perspective. The software must include features to protect the vehicle from external attacks and manage cybersecurity events that may occur in the vehicle. These security functions must be applied on a per-controller basis. Functions to protect the controller itself include Secure Boot, Secure Storage, Secure Debug, Runtime Tunning Protection, Memory Protection, HSM, OS Hardening, general controller security requirements, secure coding, and open-source vulnerability management.

​

There are also requirements to defend the vehicle from external attacks by protecting communication between the vehicle and the outside and between controllers within the vehicle, such as Secure Access, Secure Unlock, SecOC, TLS, IPSec, MACSec, and Firewall. Additionally, CAN-IDS, Ethernet-IDS, integrated security log, and vSOC (vehicle security operation center) established by OEMs from an operational perspective are features to detect security events that may occur in vehicles and create appropriate countermeasures.

​

Most of these requirements are realized in SW, and the requirements continue to evolve. Therefore, it is important to choose a SW configuration and SW development methodology to better respond to requirements more efficiently. In other words, OEMs and Tiers must be able to effectively manage and develop SW in order to prepare response plans.

​

So what is a suitable methodology for SW development? In fact, in terms of the methodology for effectively developing and managing SW, automotive SW has already begun to increase in importance not only from a cybersecurity perspective, but also from a long time ago. Not only standard organizations and specialized companies such as AUTOSAR, Automotive Grade Linux, Android Automotive, and QNX, but also OEMs themselves are carrying out these activities. In other industries, there's also a long history of efforts to manage and develop software effectively. These efforts often involve standardization to enhance convenience and reusability in software development processes.

​

In the automotive SW field, such activities are particularly led by AUTOSAR, which is also the most widely adopted SW platform. AUTOSAR is an organization formed by major automakers and controller developers in 2003. It stands for Automotive Open System Architecture, an automotive SW standard.

​

Given the ongoing and future necessity of cybersecurity, adopting standard SW platforms can be an effective strategy for addressing cybersecurity concerns, particularly in the automotive industry.

​

 

 

7. Is it necessary to apply AUTOSAR?

Increasing importance of SW

Not required, but we would like to say, ‘Shouldn’t we do it now?’ The increased importance of automotive cybersecurity, leading to legislative action, is primarily driven by the growing connectivity and electronic complexity of vehicles. This has led to an explosive increase in the importance of SW. The vehicles of the future, or rather, modern vehicles, are evolving toward C.A.S.E (Connectivity, Autonomous, Sharing, Electrification), and as a methodology to realize this, a major paradigm shift is occurring toward software-driven vehicles (SDV).

​

The increase in high-performance electric field controllers, changes in E&E architecture, increase in connectivity and electrification, and SW advancement are having a significant impact not only on automakers (OEMs) but also on controller developers (Tiers). As SW takes up an increasing proportion of vehicles, more than half of the defects that occur in vehicles are caused by SW.

​

While it's nearly impossible to entirely prevent software defects, refining the controller system, including the software structure, is essential. Preventive measures should be implemented through rigorous, effective, and repetitive verification testing. Post-mass production, it's crucial to maintain software quality activities for rapid response continuously.

International Regulations and Standards

Furthermore, the scope of international laws and standards applicable to vehicle and controller development is expanding, accompanied by specific requirements. These include UN regulations such as R155 and R156 concerning cybersecurity and software update management, as well as ISO/SAE 21434, the cybersecurity engineering standard, functional safety, SOTIF, and A-SPICE. It's imperative to be well-versed in and consider these standards during the development process. Preparation for Over-The-Air (OTA), which is becoming essential for vehicles, is also needed.

​

As mentioned in response to the previous question, some individuals anticipated the diverse and complex requirements and changes in software, leading to the creation of AUTOSAR. These efforts have contributed to enhancing the efficiency of automotive software development and management. Standardization in software structure provided by AUTOSAR enables greater convenience, reusability, and modularization in development, addressing challenges in adapting to various changes. AUTOSAR serves as a notable methodology for optimizing development time and cost, meeting new requirements, and enhancing quality.

​

So far, we have talked about AUTOSAR as if it is essential, but I would like to say once again that it is not essential. The decision to adopt AUTOSAR depends on various factors such as the controller's characteristics, its role in the vehicle, and the automaker's circumstances. Additionally, implementing AUTOSAR entails a certain level of cost and effort. Therefore, it's advisable to carefully assess these factors and environmental considerations before deciding whether to apply AUTOSAR.

​

FESCARO has professional capabilities not only in cybersecurity but also in AUTOSAR. We not only integrate AUTOSAR into our self-developed and mass-produced controllers but also engage in AUTOSAR-related development projects with various Tiers. With our extensive know-how in AUTOSAR, we stand ready to assist you in making the best choice. Please don't hesitate to contact us if you have any concerns.

 

8. Can an organization implement AUTOSAR independently?

AUTOSAR Requirements Defined

The short answer is yes. However, automakers or controller developers typically do not do it that way. As mentioned earlier, AUTOSAR stands for Automotive Open System Architecture and serves as an automotive software standard. Additionally, AUTOSAR is also an organization.

​

This organization defines standards aimed at achieving an automotive open standard software structure and specifies various requirements to realize this goal. While it's possible for companies to fully understand and implement these standards to create their own AUTOSAR-compliant software, they often weigh various factors such as costs and efficiency. As a result, each company tends to focus on its strengths and finds a role that best suits its capabilities. This approach allows for the development of controllers and even entire vehicles using AUTOSAR.

Roles for each company

For instance, semiconductor manufacturers producing MCUs and microcontrollers for controllers develop MCAL to ensure seamless compatibility with AUTOSAR on their chips. AUTOSAR solution providers develop BSW and RTE adhering to AUTOSAR standards, along with various tools for efficient software management and creation. These AUTOSAR packages enable the creation of software components tailored for the controller, known as application software, with the final integration carried out by the controller developer.

​

When developing a controller, it's prudent to choose an AUTOSAR solution that aligns with the OEM's requirements, supports the selected MCU, offers effective engineering services, and optimizes costs. FESCARO maintains close collaborations with leading AUTOSAR solution providers. If you have any questions regarding which solution to choose, please don't hesitate to contact us. We'll assist you in selecting the optimal solution.

​ 

  

 

9. What should be considered when applying AUTOSAR?

Semiconductor Manufacturers (L)   Platform SW Developers (R)

The primary consideration in applying AUTOSAR is aligning with customer requirements. Additionally, factors such as the MCU selection and associated costs are crucial. Internal development capabilities, project schedules, and proficiency levels should also be taken into account.

​

As you're aware, constructing a vehicle involves the integration of numerous controllers. The automaker (OEM) establishes requirements for controllers tailored to the vehicle's manufacturing needs and distributes them to Tiers. Upon receiving these requirements, Tiers analyze them and make decisions regarding their implementation.

​

In the past, determining the direction of controller development primarily involved reviewing controller functions. However, in today's context, additional but essential factors such as cybersecurity, functional safety, and OTA updates must also be carefully evaluated. This comprehensive review guides the selection of an appropriate MCU and platform SW. When deciding on the platform SW, various factors including the complexity of controller functions, reusability, business scalability, OEM requirements, MCU support, cost, etc. are taken into consideration.

​

In today's landscape, many companies opt for AUTOSAR as their platform software. While OEMs may request it, it's often chosen based on factors like the product's competitiveness, reusability, and scalability. However, developing AUTOSAR-compliant software in-house is not feasible, necessitating the selection of an appropriate solution. When making this decision, it's crucial to consider whether the chosen solution is compatible with the MCU, capable of meeting all customer requirements, supported by quality engineering services, and offered at a reasonable cost.

AUTOSAR Purchasing Process

Typically, AUTOSAR encompasses numerous functions. Even after deciding on the AUTOSAR provider, it's necessary to carefully select the services and components required for your product within the AUTOSAR BSW. When purchasing AUTOSAR, the configuration tool, BSW, and RTE are typically provided by the AUTOSAR solution provider. Additionally, the AUTOSAR MCAL may be obtained directly from the MCU supplier or included in the AUTOSAR package.

​

We've provided a brief overview of AUTOSAR and the considerations involved in controller development. More detailed technical issues will be covered in our next webinar. We appreciate your continued interest and participation.

■ Bonus Q&A

​

During pre-registration for the webinar, we received approximately 100 inquiries. In addition to the questions covered above, we have also addressed four of the most frequently asked questions. If you're curious about the expert panel's answers, please check them out in the video (starting from 37:40).

​

1. What changes from the perspective of Tier 1, which solely provides software, and how will these changes impact Tiers 2 and 3.

2. The actual impact on cybersecurity and A-SPICE.

3. What preparations should a semiconductor supplier make? Additionally, is there an international standard that covers the amendments to the Motor Vehicle Management Act.

4. Do small-scale manufacturers who purchase, manufacture, or sell special vehicles (e.g., agricultural machinery) or unfinished vehicles also need to comply with the amendments to the Motor Vehicle Management Act?

■ Webinar Reviews

​

*​ Gyun Kim “I was confused ahead of the implementation of the Korean law, but I was able to hear a clear explanation of the work between OEMs and Tiers.”

* Haeng Heo “It was beneficial to be able to see the certification items and subjects at once. I will reflect them in establishing a plan to acquire cybersecurity certification.”

* Woo Lee “I wish the webinar had been longer, and I’m curious about how not only Tier 1 companies but also companies undertaking small-scale modification projects will respond.”