Cyber security has become critically important for road vehicles in the era of connected and autonomous vehicles (CAVs). Soon, most new cars will have safety-critical components connected directly to the Internet and autonomy will further increase the significance of these connections. Real-life attacks remain rare, for now, but a future attacker could cause catastrophic damage.

Despite increasing reliance on connectivity on the road, there’s still a lot that we don’t know. Research & development is essential and must happen fast. R&D must also look beyond the technology of cybersecurity and challenge established methods, principles and ways of doing business.

This webinar explores what type of security the automotive industry needs and why they need it. Our presenters will contrast the way that the industry does security today with what we research tells us is needed (and what we still need to find out). They will discuss the how industry can prove they’ve done security right – and the impacts if they don’t achieve this – and explore non-classical security mechanisms that might help in the future.

The importance of R&D for automotive cybersecurity
Prof Siraj Ahmed Shaikh is a Professor of Systems Security and currently Director of Research at the Institute of Future Transport and Cities (FTC) at Coventry University, where he leads the Systems Security Group.

From March 2015 till March 2016, he was seconded to HORIBA MIRA, as part of the Royal Academy of Engineering’s industrial secondment scheme to investigate in-cabin security testing for automotive platforms. From 2011 to 2013, he was involved with the development of an intelligent control and guidance system for unmanned logistics vehicles for unmanned distribution capability, which was funded by the Ministry of Defence (MoD) of UK over two phased projects.

He is a member of the Automotive Security Workstream of the Automotive Electronic Systems Innovation Network (AESIN) in the UK. Siraj has been involved in research, development and evaluation of large-scale distributed secure systems for nearly twenty years.

This talk explores the role and impact of research and development in automotive cybersecurity. Prof. Shaikh will take a critical look at the methods and principles adopted by the automotive industry and discuss whether the accepted wisdom should be challenged. He will share insights that draw on experience from his academic leadership roles and 20 years’ involvement in research, development and evaluation of large-scale distributed secure systems.

What Does Security Prove? How the Security You Choose Influences Evidence
Peter Davies, Technical Director Security Concepts, Thales UK and Chair, Security Workstream, Automotive Electronic Systems Innovation Network (AESIN)

Peter Davies is a Security Expert operating at the convergence of Safety and Security. An honorary Fellow with Imperial College’s Institute for Security Science & Technology and chair of the AESIN Security Workstream.
He is a leading expert on Countering Cyber Attacks targeted Supply Chain Infiltration and Cyber Physical Attacks. He has led the Cyber Security aspects of three C-CAV research activities and has 30+ years of verifying security systems in hardware and software.

Peter likes to say that he does security where it can’t afford to fail. Peter is sought after by organisations for his advice on their legal position with respect to Cyber-attacks.

Security is seldom an ‘end in itself’, but it is often vital to demonstrating other objectives and producing the necessary evidence for regulators, legal obligations and operational effectiveness. This talk will consider how the type of ‘security mechanisms’ that are chosen contribute to, or in many cases destroy, the golden threads of evidence that organisations rely on. It will demonstrate that contradictory objectives between different elements of the supply ecosystem or within systems lead to security mechanisms that are costly to implement and run. They not only fail to deliver the expected evidence to all the parties, but also potentially form a major source of system failure, both in the presence and absence of malevolent intent. Finally, we will consider how the economically advantageous emergence of certain non-classical security mechanisms over the coming decades may offer opportunities in producing more robust threads of evidence better targeted at the needs of all parties.

For full details and registration, please visit the IET website – https://communities.theiet.org/communities/events/item/55/10/26590