Standardised Solutions

Proposal Workshop: Authentication and Authorization

Day: tbd 
Venue: USA (exact location: tbd)

Notice: The meetings have been postponed due to participant's schedule conflicts. ASAM will survey the participants for the best appropriate date. Participants will receive a two-month notice of the next scheduled dates. We apologize for any inconvenience.

On August 22, the ASAM Office will host a Proposal Workshop to discuss, to agree upon, and to finalize a proposal for a potential standard.

On August 23, Cummins will host a project kick-off on the exact technical requirements with those who wish to actively participate in the ASAM Process.

A team consisting of representatives of Cummins, Geotab, RA Consulting, and Robert Bosch Engineering and Business Solutions have documented an initial concept (a draft proposal) for a standard. The ASAM community now invites you to build upon this framework.

Come, present your technical requests and requirements, and discuss the issues and potential solutions encountered when authenticating and authorizing communication between a vehicle ECU and a telematics device. Your presented solutions and comments on the work to date will strengthen a future standard to be useful for all. We can make a presentation slot available for you at the meeting (first come, first serve) to present your requirements. Please indicate on the registration form if you would like to make a presentation.

Upon registering, the ASAM Office will send you the initial documentation developed for review. Feedback on this document is welcome before or during the workshop.

Which problem(s) will be addressed?

The main goal of this workshop is to meet, to discuss, and to agree upon the requirements for a future standardized protocol for identification of devices on the vehicle bus, for authentication of those devices, and for authorizing actions upon those devices to enable secure end-to-end communication according to the access level assigned by the manufacturer.

Protocols

Protocol 1: The goal of this project will focus on standardizing a protocol for secure end-to-end communication between a manufacturer ECU and the manufacturer server solution (Cloud). The actual communication path is from the ECU through a Telematics Device to either a Telematics Cloud or to the Manufacturer Cloud directly.

Protocol 2: It is assumed that the Telematics Service Provider is already following security best practices, so the protocol between the Telematics Device and the Telematics Service Provider server solution (Cloud) is out of scope for the proposed standard.



Interfaces

Interface 1: The proposed standard will standardize the interface between the ECU and the Telematics Device.  The first proposed basis for the Service Interface between the ECU and Telematics unit will be the UDS protocol.

NOTE: Interface 1 may have an optional additional security protocol which is manufacturer specific.

Interface 2: The proposed standard will cover the protocol between the server solution of the Telematics Service Provider and the manufacturer. Only the protocol required to authenticate, authorize, and transfer information securely will be covered by this standard.

NOTE: Interface 2 may have an optional additional security protocol which is manufacturer specific.


The participants of the workshop will consider requirements for secure data communication from a manufacturer’s ECU to the manufacturer’s server solution. This standard will document what events and parameters are needed to authenticate and to authorize transmission of data according to proper access levels. In addition to specific security protocol requirements, this proposed standard embodies the concept of “least privilege”. “Least privilege” means that each stakeholder can only access data which is relevant to them and only the information which they have approval and authorization to access.

Today, only manufacturer specific solutions exist and correspond to individual corporate standards.  This proposed standard will begin development towards manufacturer agnostic solutions to meet all identified use-case requirements.

What is the expected outcome of the workshop?

During the proposal workshop, the participants are given the opportunity to exchange their practical experiences, problems, requirements and potential solutions for this standardized API. The goal of the workshop is to come to a broad agreement on the technical approach, requirements and expected content of the upcoming standard. After the workshop, the project proposal will be written with the input of all workshop participants. This final proposal can be circulated for final agreement before the submission to the ASAM Technical Steering Committee for approval.

Furthermore, based on the results of the Proposal Workshop, Cummins will host the first meeting of the project group. This day will focus on project planning / administrative tasks and technical discussions related to the foundation of the standard. For this meeting, ASAM membership is not required. Subsequent meetings will require all participants to be ASAM members.

Who should participate?

Technical experts and their immediate managers in the areas of telematics communication, security, cloud / server infrastructure, vehicle networking, ECU software development, and diagnostics software development are welcome to participate at the workshop and to actively contribute. You are encouraged to additionally forward the invitation to the interested, experienced parties.

Goals for Standardization

  • An API for the OEM vehicle or Tier 1 component to establish a secure connection with the Telematics Server
  • A separate encryption key is used for communications and controls
  • A sequence diagram be defined by which a level of authorization is determined that follows the concept of Least Privilege as defined in NIST 800-53, section AC-6
  • Methods or features for data protection
  • Data format definitions

Open Discussion Points

The initial team has proposed that in the first version of this standard, the messaging interface between the telematics device and the manufacturer's ECU shall follow the existing Unified Diagnostic Services (UDS) format. Is this the consensus of the market? If so, the standard shall define a UDS broadcast request that will allow the Telematics unit to make a broadcast request to get a list of all the compatible ECUs in the vehicle network that adhere to this standard. There shall be a corresponding response to the compatibility request from each compatible ECU.

Do you have an opinion? Voice it at this workshop!     REGISTER HERE

ASAM International Conference

EVENT

ASAM International Conference

AUTONOMOUS DRIVING - Big Testing and Big Data as the Next Challenge (06.-07. Dec. 2017, Dresden, Germany)
Learn more
ASAM Solutions Guide 2017

Media

ASAM Solutions Guide 2017

A comprehensive guide to ASAM standards, solutions, members and ASAM compliant products.
Download now
Best Practice

About ASAM

Best Practice

Find out how companies are using ASAM standards.
Learn more