TÜV Informationstechnik GmbH Case Studies FiA - On-Board Telematics Platform Security
TÜV Informationstechnik GmbH Logo

FiA - On-Board Telematics Platform Security

TÜV Informationstechnik GmbH
FiA - On-Board Telematics Platform Security - TÜV Informationstechnik GmbH Industrial IoT Case Study
Cybersecurity & Privacy - Security Compliance
Automotive
Business Operation
Product Research & Development
Security Claims Evaluation
Cybersecurity Services

The International Automobile Federation (FIA) has asked TUVIT (the digital innovation member of the TÜV NORD company group) to conduct a study on how a cybersecurity architecture as part of the On-board Telematics Platform (OTP) can ensure data protection as well as IT security of a connected vehicle and the interconnected traffic as a precondition for future fully automated driving.

 

The report linked below

  1. describes a model design of security functionalities modularized in different security layers,
  2. suggests the grouping of different automotive stakeholders to suitable access roles
  3. so that an Automotive Gateway (A-GW) inside the vehicle could control any remote access in a secure way and
  4. during the whole lifetime.

 

Rapidly developing information technology will also allow innovation for independent service providers (ISP). Local diagnostics and direct access to in-vehicle data, functions and resources in case of a car breakdown may in many cases be replaced with remote diagnostic support that allows a remote diagnostician to communicate with the driver over the air and resolve the cause of the breakdown. IT systems for prognostics by ISPs could also support the driver as he will be informed about problems inside the car before a breakdown is going to happen. Therefore, remote access must be feasible for an authorized ISP. Besides, implemented security functionalities must prevent unauthorized access attempts during the whole lifetime and need to recognize misuse.

In all cases the European General Data Protection Regulation (GDPR) has to be fulfilled: If a vehicle is assigned to an owner and whenever persons are in the car, personal data will arise automatically. In order to ensure their consent to any data being transmitted to and from the vehicle, those persons should in most cases have the possibility to opt in or opt out.

The International Automobile Federation (FIA) has asked TUVIT (the digital innovation member of the TÜV NORD company group) to conduct a study on how a cybersecurity architecture as part of the On-board Telematics Platform (OTP) can ensure data protection as well as IT security of a connected vehicle and the interconnected traffic as a precondition for future fully automated driving.

Read More

International Automobile Federation (FIA)

Read More

Vehicle Security Report

Protection Profile

In addition to this report a protection profile of the key component Automotive Gateway (A-GW) acc. to the Common Criteria has been specified that could be used as a formal specification for any vendor. The latest studies and governmental activities on secure connected driving and interconnected traffic were taken into account and the resulting approach of the OTP covers state-of-the art technologies of the IT security industry.

https://www.tuvit.de/en/news/downloads/fia-study/ 

Read More
Download PDF Version
test test