Panasonic: Expanding automotive cyber security innovations with VERZEUSE™ series


Accelerating SDV development throughout the vehicle lifecycle (design, implementation, evaluation, production, and operation)

Panasonic Automotive Systems Co., Ltd. has further expanded its series of VERZEUSE™, automotive cyber security innovations, to accommodate the security needs in each phase (design, implementation, evaluation, production, and operation) of the entire vehicle lifecycle, from the development to operation (after vehicle shipment).

This expansion offers efficiency and high quality standardization for security measures throughout the entire vehicle lifecycle by introducing tools to automate cyber security work which has been often performed manually, and to link input and output information in each phase.
VERZEUSE™ for Virtualization Extensions Type-3, a containerized virtualization security innovation to combat cyber attacks on in-vehicle software, has been evaluated highly by car manufacturers as a unique innovation, and has been newly adopted for in-vehicle deployment.

This newly announced system in the VERZEUSE™ series will be exhibited at EdgeTech+ 2024*1 to be held from November 20 to 22, 2024.

<Development background>

In recent years, the risk of security threats, including cyber attacks targeting cars, has constantly been on the rise alongside the evolution of software-defined vehicles (SDVs) whose functions are enhanced with software and the increase in the number of vehicles connected to networks, known as connected cars. In January 2021, UN Regulation UN-R155 has come into effect, and it has been applied to new vehicles*2 in Japan and Europe since July 2022. In order to comply with UN-R155, there is an urgent need to establish a cyber security system in accordance with ISO/SAE 21434.

In this environment, the company foresees future demand for implementation of even more comprehensive security measures in each phase of vehicle lifecycle from development to shipment (design, implementation, evaluation, production, and operation) and streamlining of the enormous amount of work needed for vulnerability countermeasures.

<VERZEUSE™ series features>

1. Provides solutions for each phase of the vehicle lifecycle from development to shipment (design, implementation, evaluation, production, and operation).
Supports further streamlining and high quality standardization for security measures by linking input/output information in each phase.
2. VERZEUSE™ for TARA(Threat Analysis and Risk Assessment): ISO/SAE 21434 compliant threat analysis innovations contributing to substantial reduction of workload by automating threat analysis in the development and design phase.
3. VERZEUSE™ for Virtualization Extensions Type-3: Attack detection and protection solution adapting to container technology for in-vehicle software, adopted by car manufactures.

<VERZEUSE™ series features in detail>

1. Provides solutions for each phase of the vehicle lifecycle from development to shipment (design, implementation, evaluation, production, and operation).

Supports further streamlining and high quality standardization for security measures by linking input/output information in each phase.

The VERZEUSE™ series provides innovative systems for each phase of the entire vehicle lifecycle (design, implementation, evaluation, production, and operation) from development to shipment. The input and output information of each phase can be linked through the Panasonic Group’s database of Threat Intelligence which collects threat information from various industries such as factory automation, home appliances, and IoT devices.

For example, the analysis result information output from the design phase (1) VERZEUSE™ for TARA is referenced as input information in the evaluation phase (4) VERZEUSE™ for Threat Evaluation and Security Test Assistance toolkit and the post-shipment phase (6) VERZEUSE™ for SIRT. Likewise, the vulnerability assessment results output from the evaluation phase (4) VERZEUSE™ for Threat Evaluation and Security Test Assistance toolkit is referenced as input information in the post-shipment phase (5) VERZEUSE™ for SIRT.

This linkage between phases not only further streamlines security measures, but also helps to consistently manage security information throughout the entire vehicle lifecycle and to maintain security risk management to a high standard.

2. VERZEUSE™ for TARA: ISO/SAE 21434 compliant threat analysis innovations contributing to substantial reduction of workload by automating threat analysis in the development and design phase.

image: Benefit of using VERZEUSE(TM) for TARA. [Our Example]

During the early stages of vehicle development, even developers who are not security experts can simply answer a few questionnaires to determine countermeasure requirements based on the characteristics of in-vehicle devices from Panasonic Automotive Systems’ Threat Intelligence, which collates threats, vulnerabilities, and security controls.

This innovative system has been applied to more than 80 of the company’s in-vehicle products. For example, compared to the conventional manual process of threat analysis, this system has been proven to reduce workload by up to 90%*3 for large-scale products such as navigation systems. Car manufacturers that have used the system have highly evaluated its usefulness, and we have been commissioned to provide multiple consulting projects for risk assessment. For details, please refer to the press release*4.

3. VERZEUSE™ for Virtualization Extensions Type-3: Attack detection and protection solution adapting to container technology for in-vehicle software, adopted by car manufactures.

image: VERZEUSE(TM) for Virtualization Extensions Type-3

This in-vehicle software innovation meets the security requirements*5 of next-generation cockpit systems that utilize a virtualization environment and monitors the communication between the software area which has a high risk of being targeted by attackers via the external network connection (e.g. externally connected virtual machine) and the software area which implements essential functions of the vehicle controls and software update functions (e.g., cluster containers). The monitoring function placed in an isolated container can check communications from the secure area to block abnormal communications, protecting critical functions of the vehicle from attacks and improving vehicle safety.

It is also possible to import optional monitoring function as a plug-in via the security interface. The plug-in management function enables to select the appropriate monitoring function according to the characteristics of the communication. Since there is no need to change the application side when importing, this in-vehicle software can be introduced at low cost, and car manufacturers have decided to adopt it for in-vehicle deployment.

SOURCE: Panasonic



Source link

About The Author

Scroll to Top