19^th Hybrid escar Europe - The World's Leading Automotive Cyber Security Conference

Workshop 1: What’s next? Automotive security in the post-quantum era (Efstathia Katsigianni)

tba

Outline of the workshop:

Workshop 2: UN R 155 and beyond: Measure, build, and improve your CSMS with the PROOF maturity model (Moritz Minzlaff)

tba

Outline of the workshop:

Workshop 3: Automotive Security Testing (Tobias Brennich)

With ISO/SAE 21434 and UNECE WP.29 on the horizon, the IT security of vehicles will become mandatory for type approval. On the one hand, security engineering processes integrate security considerations into every new development, but on the other hand security testing is of equal importance. Security tests provide an additional verification of the security concept and security measures, they ensure that security requirements are implemented correctly and that there are no open vulnerabilities that have been overlooked before. The overall goal is to identify and fix an many flaws as possible before vehicles hit the road and others may find them. In this workshop we are giving a detailed overview about security testing in the automotive area: What it is, why it differs from classical software testing, how it can be done, which methods/tools exist and will also present some practical examples.

Outline of the workshop:

1. General introduction
   • Definition
   • Importance of security testing
   • Comparison to classical software testing
2. Detailed technical introduction
   • Introduction to the various security testing methods and tools
   • Comparison between manual (expert-based) and automated (tool-based) testing methods
   • Continuous integration testing
   • Automotive specific topics
3. Definition of meaningful security testing strategies
4. Practical examples