Auto-ISAC Summit 2023: A Summary

The Auto-ISAC held its 2023 Summit on October 17-18 in Torrance, CA. Read on to learn the main topics discussed at the summit.

Safety

The morning sessions were introduced by Stephen Roberts, CISO of Honda and Auto-ISAC Board of Directors Secretary. 

The opening talk was from Ann Carlson, Acting Administrator of the NHTSA (National Highway Traffic Safety Administration), on her organization's approach to vehicle cybersecurity safety risks. 

‍

AI

A panel discussion then followed with representatives from Nissan, Cruise, and Aptiv joining Deloitte to consider how AI might influence things for the automotive industry. Dr. Alfred Chen, Assistant Professor of Computer Science at UC Irvine, amplified that automakers will need to consider various threats already presented by AI when creating learning models in the future. 

‍

R155

There was also a panel discussion on implementing R155, the UN resolution that seeks to combine various country-or-region specific regulations. 

The afternoon sessions continued the discussion of AI's impact, including a discussion of threats that may be possible. 

The afternoon sessions were introduced by Kevin Tierney, VP Cyber Security/Chief Cybersecurity Officer of GM and Auto-ISAC Board of Directors Vice Chair.

There was then a champagne reception and an opportunity to visit the two dozen vendor tables outside the main conference area on Tuesday night.

‍

Electric Vehicles

Wednesday morning, the sessions continued, with a shift toward electric vehicles. Jay Joseph, Vice President of Sustainability & Business Development at Honda, gave a presentation on his company's first electric vehicle, which will be coming to market in 2024, and the plan to have their fleet become fully electric. 

‍

SBOM

The morning sessions included presentations from Auto-ISAC-Europe and J-Auto-ISAC. Oliver Creighton, Vehicle Cybersecurity Specialist of BMW of North America and Auto-ISAC SBOM Working Group Vice Chair, presented on the progress of the SBOM working group. 

The morning's sessions were introduced by Josh Davis, Vice President and Chief Cybersecurity Officer of Toyota and Auto-ISAC Board of Directors Chair.

‍

‍

‍

The afternoon sessions continued the SBOM discussion with a panel. This shifted into an EV discussion panel and then a technical discussion of security for electric vehicle battery plants. 

‍

Battery Enabled Vehicles

One surprising presentation was on the disruptive future presented by Battery Enabled Vehicles. The scenario suggested is that a vehicle could charge at work using solar or wind and then drive home and either sell that energy back to the grid or power the home at night. This would significantly alter the power utilities, as they would both sell electricity and buy energy. 

This electrical redistribution has been talked about before; however the sheer scale of this disruption had been unclear. Nakia Grayson, IT Security Specialist and Project Manager of the National Institute of Standards and Technology (NIST) then presented the newly adopted NIST IR 8473: Cybersecurity Framework Profile for Electric Vehicle Extreme Fast Charging Infrastructure.

‍

Automotive Software Supply Chain

The afternoon wrapped with a discussion on the automotive software supply chain and then closing remarks.

‍

{code-cta}