The automotive industry is waking up to the significance of cybersecurity, as the vehicle transforms toward a software-defined architecture. This point has been highlighted well by the recent NHTSA Briefing and release of a new version of its voluntary industry guidance document, “Cybersecurity Best Practices for the Safety of Modern Vehicles (2022)“. The document highlights a new section on over-the-air software updates and expands on other topics such as wireless interfaces, aftermarket devices, and serviceability.

Additionally, the new UNECE WP.29/R155 looks to the harmonization of the vehicle regulations around cyber security, while /R156 focuses on software updates. Both focus on the management policies and processes for handling cyber risks related to the vehicle’s entire lifecycle. 

The Alliance is delighted that two of our most recent member additions (Aswin and GuardKnox) are cybersecurity-tech firms, who are eager to engage with our technical and compliance work groups (TWG and CWG). Although eSync, which is secure by design, has been ahead of this topic from its inception, the elements of assured compliance verification are a fresh new focus of the CWG.

If you’re looking for more detail, you can check the specific sections in the eSync specification v2.0: that deal with cybersecurity – these are all within Part 9, Cybersecurity Compliance Recommendations. The relevant sections are 9.1 UNECE WP.29, 9.2 NIST, 9.3 NHTSA, and 9.4 ITU X1373.

We look forward to sharing more on the topic of cybersecurity at our upcoming eSync Alliance All Member Meeting on November 17th. Please come join the Alliance if you have not already done so, and share in this growing topic.

Mike Gardner

Executive Director

Email: mike.gardner@eSyncAlliance.org

MEMBER PROFILE

Stuttgart/Germany-based asvin GmbH offers comprehensive solutions for software supply chain security. This ensures the security and correct origin of software in IoT environments throughout its entire lifecycle. Along data supply chains, modules of our SaaS-platform BeeHive create an end-to-end trust layer that increases resilience in the Internet of Things (IoT) against cyber-attacks. CEO Mirko Ross warns against underestimating the vulnerability of supply chains: “Our supply chains are fragile – and so are software supply chains, where attackers can pick the weakest link and hack it to insert malicious code and backdoors into software that can be hijacked unnoticed by companies within the supply chain.“ Please learn more about us here and about our solution for automotive here.

NEWS

We’ve welcomed two new members to the alliance:

In September, GuardKnox has joined the eSync Alliance. The company enables the software-defined vehicle with scalable and flexible technologies necessary for full connectivity and empowers consumers with the ability to customize their vehicle’s performance, as well as their in-vehicle experience.

In October, CityQ has joined the eSync alliance. CityQ is an electric bicycle with doors and full weather protection, and with a cargo bed for luggage and rear seats for 2 children. CityQ is the new ebike with car capabilities, making the shift from car to bicycling easier.

eSync Alliance
39650 Liberty St, Suite 255, Fremont California 94538 United States
eSync, and the eSync symbol are
trademarks of eSync Alliance, Inc. Copyright
© 2022 eSync Alliance, Inc. | All Rights Reserved
From the Director’s Corner, Issue 7