12/05/2024

For more efficient Intrusion Detection: ETAS drives standardization of Security Events in AUTOSAR

First results now visible in the latest AUTOSAR release

With the increasing digital transformation and the introduction of various regulations such as UN R155, ISO 21434, or the China Security GB Standards, cybersecurity for connected vehicles has become a key focus in vehicle development. Among other requirements, these new regulations mandate the implementation of security monitoring as a continuous measure to oversee vehicle fleets. This requirement is typically fulfilled through the use of an in-vehicle Intrusion Detection System (IDS).

Until now, OEMs and IDS providers have been following their own specifications for Intrusion Detection Systems and Security Events. While these generally address similar monitoring requirements, they are implemented in different ways. This leads to various disadvantages and unnecessary additional efforts, such as the multiple implementation of similar IDS requirements and the increased difficulty of analysis work in the Vehicle Security Operations Center (VSOC).

To overcome these challenges, cybersecurity experts from ETAS have initiated a working group within AUTOSAR. The aim is to consolidate and standardize the requirements for Security Events. Specialists from several OEMs, including Mercedes-Benz, Toyota, and Stellantis, have responded to ETAS’s call and are supporting this initiative.

Since the kickoff in early March 2024, experts have been working together to sustainably improve the Security Events in AUTOSAR. For this year’s release, the focus areas were set on Transport Layer Security (TLS), software updates, and Unified Diagnostics Security (UDS). These are now available in the latest AUTOSAR R24-11 version, which can be accessed on the AUTOSAR website.

The group’s work on this topic will continue into next year. If you are interested in contributing to the working group, feel free to contact us.

Also available in our Newsroom