Cyber security in a complex world
– an event by Swedsoft and Scania
The conference aimed to address the increased demand on cybersecurity in today’s vehicles, bringing together industrial, academic and public sector organizations to talk about experiences and insights on how to handle this complex area.
So, what was said about cybersecurity and vehicles?
OEMs today have to live with the fact that vehicles, as well as any other connected device, can and will be attacked, and in some cases breached in ways that might damage safety, and privacy of users, or company’s business in a negative way. Therefore, it is of outmost importance to continue working on intrusion prevention, detection and handing of breaches offensively.
Heavy vehicles are to a larger extent than cars modular as they need to be adapted to different types of customers. Christian Levin from TRATON Group even went so far as to say that they are useless until fitted to the customers’ needs. This means that security needs to be handled in the equally modular way to account for attack surfaces introduced in different modules.
Experts from both Scania (Staffan Vildelin, Fredrik Tomasson and Jörgen Wallin) and TRATON Group (Christian Levin) stated that including the entire ecosystem that at one time or another digitally communicates with the heavy vehicles is important in order to make the traffic system resilient to attacks. This ecosystem includes among other workshops, bodybuilders, factories and dealers, but also the traffic infrastructure and the load transported by the vehicle.
Apart from the technical aspects of cybersecurity also processes, methods and organization culture were brought up as important for the future. Security cannot be seen as an isolated issue. It has to be made a priority in all parts of the organization by development of talent as well as organizational culture that promotes security. Part of that culture was said to be collaboration with external partners, including other OEMs, research organizations and suppliers.
But there are also challenges in designing for high level of security. Current and upcoming regulations need to be coped with, which is especially challenging in cases when they are conflicting with each other depending on for example regional laws.
In addition to Scania, RISE Research Institutes of Sweden, Swedish Cyber Defense and Combitech were invited to give their view on how we can improve cybersecurity in the society at large. Shahid Raza presented RISE upcoming Cyber Range facility where digital twins of different types of systems and be built and tested in a controlled manner by ethical hackers working at RISE. David Olgart from Swedish Cyber Defense highlighted the need of offensive cyber defense and collaboration in the total national defense. Pernilla Rönn from Combitech talked about the future landscape of cybersecurity.
Written by Ana Magazinius
The way ransomware used to work was that the attackers would block access to the victim’s data by encrypting it and thereby making it unavailable. The attackers would then request a ransom for a decryption key so that the locked data could be made available...
Hacking EVs could threaten the power grid In mid-June last summer, cybersecurity researchers warned that the growing popularity of electric vehicles could introduce new hacking vulnerabilities in the power grid. Even though this might be a not-so-recent piece of...
Mattia Dal Ben, a community member of hackady.io, recently shared details of his interesting modification for accessing his Tesla car. The modification allows him to access his Tesla Model 3 car with his classic, old-school retro Casio watch. However, the road to...