Frontier | The Internet of Vehicles security ecosystem is taking shape

Internet of Vehicles Security Requires a Platform

Recently, the official of the 5th National Cyber ​​Security Publicity Week learned that the Automotive Information Security Industry Alliance will participate in the Chengdu Cyber ​​Security Publicity Week Expo. Two years ago, at the Wuhan Cyber ​​Security Publicity Week, alliance member Neusoft Group and Changan Automobile jointly exhibited, attracting the attention of leaders and participants from the Cyberspace Administration of China and the State Security Bureau. This year, the Automotive Information Security Industry Alliance will participate in the exhibition as the main body, and the content of the exhibition will be richer.

In recent years, Internet of Vehicles security incidents have occurred frequently, and security threats have gradually escalated. Various targeted network attacks have been launched, from breaking through various sensor signals at the perception layer to exploiting vulnerabilities in the vehicle network and vehicle equipment at the intermediate communication layer and computing layer to achieve remote control of vehicles. Recently, the theft of user data and privacy information has also increased. With the advancement of technology, the security issues of the Internet of Vehicles have attracted more and more attention from the world. More and more security vendors are committed to the security protection of the Internet of Vehicles. However, the security of the Internet of Vehicles involves many aspects such as automobile manufacturers, security vendors, and industry departments, and the industry regulations of the automobile industry are extremely strict, requiring all parties concerned to work closely and work together to form a complete ecological environment.

Based on this, in September 2016, Neusoft Group, National Network and Information System Security Product Quality Supervision and Inspection Center, Changan Automobile, China Information Security Certification Center, China Software Evaluation Center, Information Industry Information Security Evaluation Center, Chery Automobile, and NXP (China) jointly initiated the establishment of the China Automotive Information Security Industry Alliance, aiming to create a win-win industry platform for production, learning, research, and engineering, and to help alliance members solve problems encountered in development through resource integration, information sharing, and cooperation promotion, and to enhance the overall competitiveness of China's automotive information security industry in the international market. On September 27, 2016, the alliance members established the "China Automotive Information Security Common Interest Group" in Shenzhen, integrating international and domestic industry standards and technical research, vigorously promoting the improvement of the automotive safety architecture system, and promoting the rapid development of China's driverless cars.

[[240481]]

In September 2016, the In-Vehicle Information Security Industry Alliance was established

After nearly two years of development, the Automotive Information Security Industry Alliance has made a lot of progress, including jointly publishing the "In-Vehicle Information Security Technical Requirements White Paper", applying for the "Information Security Technology Automotive Electronic System Network Security Guide" national standard project, and the alliance member Neusoft Group, as the only domestic invited unit to participate in the United Nations automotive information security standard construction work on behalf of China. The alliance's member units have also expanded from the original eight alliance units to more than 20 upstream and downstream companies in automotive information security, and the Internet of Vehicles security industry ecosystem is being actively built.

Yang Jiwen, Vice President of Neusoft Group and General Manager of the Cybersecurity Division, and Director of the Automotive Information Security Industry Alliance, commented: "From the results, whether it is assisting the country in formulating automotive industry standards, publishing white papers, or implementing substantive cooperation with major automakers, the Automotive Information Security Industry Alliance has made substantial progress, and its effect has far exceeded our initial expectations. He said: "It is difficult to push this matter to a certain level with the strength of one company, and it is also difficult to achieve a certain level and height for this industry."

According to Yang Jiwen, Neusoft has accumulated more than 20 years of experience in automotive electronics and 22-30 years in network security. It is precisely because of Neusoft Group's years of experience in automotive electronics and network security that it has naturally entered the field of Internet of Vehicles security. The start was relatively smooth, and products were launched in seven months. However, after communicating with car manufacturers, we found that there were still big problems in the implementation of some things. In the process of communicating with some national institutions, including some professional manufacturers such as Changan Automobile, we really felt that we needed a platform to unite everyone, not only Neusoft's accumulation in automotive electronics, but also the accumulation of professional automobiles, and the support and guidance of some professional institutions. Although the results greatly exceeded expectations, we found that there is still a lot to do, and our accumulation is not enough. We need more people and more units to participate in and work together to do this well.

Yang Jiwen, Vice President of Neusoft Group and General Manager of Cybersecurity Business Unit, and Director of the Automotive Information Security Industry Alliance

Taking Internet of Vehicles security standards as an important starting point

The above ideas mentioned by Yang Jiwen were highly recognized by the alliance members. He Wen, deputy director of the Intelligent Research Institute of Chongqing Changan Automobile Co., Ltd., said that Internet of Vehicles security is a new field. In this field, it is urgent for everyone to form a consensus and form some standards to guide vehicle manufacturers. Internet of Vehicles security is definitely a very important technical direction in the future. Without Internet of Vehicles security, the realization of smart cars in the future is actually unlikely, because if safety cannot be guaranteed, once your car is connected to the Internet, there will be big problems. It is not just as simple as complaints from employees and customers. Once a problem occurs, it may be closely related to human life. Unlike the Internet industry, which easily subverts the traditional home appliance industry and mobile phone industry, the automotive industry pays more attention to respect for life safety, high reliability, and strict systems and processes.

As the article says, as an emerging industry, the indicators and standards of different institutions in the Internet of Vehicles security are not unified. Everyone is cautiously trying according to their own understanding. For unknown areas, everyone has their own unique understanding and their own way of cognition. "Therefore, formulating standards for Internet of Vehicles security to guide manufacturers to formulate some solutions and overall architecture design is an important aspect and starting point of Internet of Vehicles security.

To this end, the breakthrough since the establishment of the alliance was first manifested in the successful application of the national standard project "Information Security Technology Automotive Electronic System Cybersecurity Guidelines". Neusoft Group, a member of the alliance, was also the only invited unit in China to represent China in the construction of the United Nations automotive information security standards. Lu Na, Secretary-General of the Automotive Information Security Industry Alliance, said that when communicating with the Information Security Standardization Committee about the start of the standard, they said that they had not done so in the past and that they should build the system first and then the standard. In fact, the product has already come out, and when we went to defend it, they were very supportive. Lu Na said that the alliance received strong support from the leaders of the competent departments of the cybersecurity industry and the leaders of the member companies of the alliance at the beginning of its establishment, as well as close attention from domestic and foreign vehicle manufacturers. We feel this very deeply.

Chen Jingxiang, product director of the Cyber ​​Security Division of Neusoft Group, believes that "for the Chinese automotive industry, without accumulation, there is no voice. We hope that this alliance can concentrate the core technological strength of the Chinese automotive industry. Perhaps in the field of traditional automobiles, China's technological development is relatively backward, but in the emerging fields of automotive intelligence and new energy, Chinese companies still have the possibility of overtaking on the curve."

As an international ISO expert, Chen Xiangjing pointed out that in the automotive field, the influence of automobile standards is still relatively large. Of course, the Information Security Standardization Committee has corresponding standards, and there are also corresponding standards in ISO or its standards organizations. At present, in ISO, there is a relatively mature standard ISO26262 in the field of functional safety that is more recognized by car manufacturers. The standards committee led by the automotive industry hopes that this standard will be closely integrated with safety. After about two years, this standard is in the process of construction. The Chinese delegation has actually been participating, but in the field of cars, China's voice is not very strong. Then in the new energy and some intelligent networking levels, we hope to make a breakthrough.

Baidu proposed that 2018 is the first year of self-driving cars. He Wen believes that there is a big difference between smart cars and unmanned driving. Not only are there big problems in technology, but also in some ethics and other aspects of society. This industry is still in its infancy. Similarly, the security of the Internet of Vehicles is a long way to go.

The In-Vehicle Information Security Alliance plans to upgrade the industry ecosystem

Recently, the In-Vehicle Information Security Industry Technology Summit was held in Beijing, hosted by the In-Vehicle Information Security Industry Alliance and organized by Neusoft Group and NXP (China), the initiators of the In-Vehicle Information Security Industry Alliance. Dozens of experts from government departments, evaluation and certification agencies, car manufacturers, and member units such as Neusoft and NXP attended the summit to fully exchange views on the development trends of the in-vehicle information security industry at home and abroad, the formulation of industry standards, key technologies and architecture research, and to discuss technological innovation and cooperation models suitable for the development of China's automobile industry.

Yang Jiwen, Vice President of Neusoft Group and General Manager of the Network Security Division, said that when the In-Vehicle Information Security Alliance was first established, all member units had a common dream, which was to jointly promote the development of the Internet of Vehicles security business through the efforts of all parties and provide more secure, higher-performance and safer automotive products for automotive end users. Two years have passed, and with the support of relevant departments and the efforts of all alliance members, the In-Vehicle Information Security Alliance has achieved satisfactory results. As the chairman unit of the alliance, Neusoft is very willing to build a platform for communication and cooperation for all members of the alliance, share Neusoft's core technologies and practical experience accumulated in the field of automotive electronics and information security, and carry out extensive technical exchanges and commercial cooperation with member units to help domestic and foreign car manufacturers solve information security problems, improve the relevant technologies and standards required for industrial development, and jointly create a healthy, orderly and sustainable industrial environment to contribute to the stable development of China's smart car industry.

At this seminar, He Wen, the founder of the alliance and director of the Intelligent Development Center of Chongqing Changan Automobile Co., Ltd., as the newly elected vice chairman of the alliance, shared the information security incidents of the Internet of Vehicles in recent years and the information security risks faced by vehicle manufacturers, focusing on the analysis of the difficulties, challenges and information security needs faced by vehicle information security, and also introduced Changan's forward-looking layout concept and future business planning and layout in the field of vehicle information security. Chen Jingxiang, product director of the Cyber ​​Security Division of Neusoft Group, as an international ISO distinguished expert, explained in detail the latest cutting-edge technology concepts and development trends of the ISO vehicle information security international standard group in June 2018. Zhou Wei, a senior researcher at the China Automotive (Beijing) Intelligent Connected Vehicle Research Institute, comprehensively explained the latest planning scheme of the vehicle information security platform. Dr. Ge Yuming, chief engineer of the China Academy of Information and Communications Technology, put forward professional and in-depth analysis and thinking on the development and key security issues of C-V2X. Lv Hao, director of automotive electronics product applications in Greater China at NXP (China), comprehensively analyzed the latest international in-depth defense vehicle information security architecture.

At this closed-door meeting, well-known domestic vehicle manufacturers and brands gathered together. Information security technology experts from many car manufacturers such as Changan, Great Wall, Geely, Dongfeng, GAC, FAW Group, FAW Car, BAIC New Energy, and Yutong introduced their respective vehicle manufacturers' in-vehicle information security architectures, the actual problems and challenges they are currently facing, and their future plans and layouts. They also put forward many valuable opinions on industrial development, industry standard formulation, key technologies and architectures. While putting forward their own development needs and challenges, everyone also discussed development strategies together, formed many valuable views and ideas, and had full exchanges.

In addition, the first meeting of all directors of the Automotive Information Security Industry Alliance in 2018 was held at the same time. During the meeting, the secretariat reported the work summary of the Automotive Information Security Industry Alliance in 2017, and all directors elected the chairman unit, vice chairman unit, director, deputy director and secretary general of the alliance. Great Wall Motor Co., Ltd., China First Automobile Group Co., Ltd., Geely Automobile Group, Beijing New Energy Automobile Co., Ltd., Dongfeng Motor Co., Ltd., Zhengzhou Yutong Group Co., Ltd. and many other car companies actively applied to join the alliance. The alliance pointed out that the key work in 2018 will mainly focus on the formulation of domestic and foreign automotive information security standards, the breakthrough of information security technology for smart cars, etc., to further promote the exchange and cooperation of alliance members, absorb more companies with common aspirations to join the alliance, build a complete automotive information security industry chain, and actively promote the development of the automotive information security industry.

[[240482]]