1www.movimentogroup.com

Protecting Autonomous Vehicles and Connected Services withSoftware Defined Perimeter

November 7, 2017

Live Webinar Series

2www.movimentogroup.com

Session Host Guest Speaker

Follow me on

Mahbubul AlamCTO & CMOMovimento Group

Follow me on

Junaid IslamCTO & FounderVidder

Mahbubul Alam is an international entrepreneur, technology and business executive with broad management experience. A frequent author, speaker and multiple patent holder, he currently holds the position of CTO/CMO at Movimento, a Delphi company, reinventing the company’s technology and strategy. He has been honored with the ‘2016 Bay Area CIO of the Year’ award finalist by the Silicon Valley Business Journal and the San Francisco Business Times.

Junaid is a well known cybersecurity expert with 30 years of networking and security experience. He is the CTO of Vidder which is the leading provider of SDP-based secure systems. In addition to his work in the private sector, Junaid also supports a number of US national cybersecurity initiatives.

3www.movimentogroup.com

Agenda

Ø Industry DirectionØ Cyber Attack VectorsØ Automotive Cyber RiskØ Secure Enclave DesignØ Software Defined PerimeterØ Key TakeawaysØ Q&A

4www.movimentogroup.com

The Evolution of the Automotive Industry

2000 20302015Past Future

Ø Thousands of TransistorsØ 100 Thousands Lines of CodeØ Manual Diagnostics

Ø Limited ConnectivityØ Digital Radio Services

Ø Basic HMIØ No Cyber Threats

Ø Billions of TransistorsØ 100 Millions Lines of CodeØ Automated Diagnostics

Ø Moderate ConnectivityØ Apps Integration

Ø Limited Virtual AssistanceØ Basic Cybersecurity

Ø Quantum TransistorsØ Billions Lines of CodeØ Self-Diagnostics

Ø Integral ConnectivityØ Connected Services

Ø CyberneticØ Default Cybersecurity

5www.movimentogroup.com

Industry Direction: Connected Services EcosystemOEM / RETAIL / FLEET

PLATFORMCUSTOMER VEHICLE

Flow of Data Flow of Money

DATA CONSUMERS

• Vehicle information database

• Multi-module OTA update

• Secure content delivery• Big Data capture

• CT-EDGE data methods• Highly configurable

acquisition logic• Data Strategy

alignment with Business Value

• Fleet management

3RD PARTY DATA EXCHANGE

Unlocking The Turnkey Monetization Opportunities

externalinternal

D e l p h i ( A P T I V )

6www.movimentogroup.com

Connected Ecosystem

Telematics

Machine Learning

100+ ECU/Sub-systems connecting to Frontend & Backend Applications.

FrontendApps

BackendPartners

Ecommerce

OEM

7www.movimentogroup.com

Connected Ecosystem

Multiple identities and entitlements inside and outside the

vehicle.

Bi-directional communications

from different processes.

Backend partners

communicating with in-vehicle

systems.

8www.movimentogroup.com

Attack Vectors

Location SpoofingLaterally Moving

MalwareOTA Re-Tasking

Credentials Theft DNS Spoofing Connected Services

Exploitation

9www.movimentogroup.com

Potential Outcomes

Vehicle Theft Hijack/Ransom Terrorism

Data Theft Poor Operation Non-Operation

10www.movimentogroup.com

Cybersecurity Challenges

Autonomous Vehicles are in

a state of constant

upgrades.

New applications

(e.g. car sharing) will add to the complexity.

Global supply chain provides many points of entry for cyber-

attacks.

11www.movimentogroup.com

Secure Enclave Security Model

Secure Enclaves utilize dedicated connectivity to a trusted compute environment

FrontendApps

BackendPartners

Telematics

Machine Learning

Ecommerce

12www.movimentogroup.com

Software Defined Perimeter

Ø Control channel based architectureØ Attribute based access controlØ Attestation & federated identityØ Edge-based forwardingØ Multi-protocol supportØ IPv4/IPv6 addressing

SDP Gateway

SDP Client

SDP Controller

SDP Gateway

SDP Gateway

IdentityAttestation Policy

13www.movimentogroup.com

SDP Enables Secure Enclaves

Ecommerce

SDP Controller

SDP Client SDP

Gateway

Hardware Identity

SoftwareAttestation

ServicePlan

14www.movimentogroup.com

SDP Enables Secure Enclaves

Hardware Identity

SoftwareAttestation

ServicePlan

SDP Controller

SDP Client EcommerceSDP

Gateway

15www.movimentogroup.com

SDP Enables Secure Enclaves

Vehicle Identity

DriverIdentity

ServicePlan

SDP Controller

SDP Data ChannelSDP

Client EcommerceSDP Gateway

16www.movimentogroup.com

SDP Connected Ecosystem

Telematics

Machine Learning

SDP enables us to partition networks, manage connectivity and enforce security policies

FrontendApps

BackendPartners

Ecommerce

SDP Gateway

SDP Gateway

SDP Gateway

SDP Gateway

SDP Gateway

SDP Client

Policy

17www.movimentogroup.com

MovimentoClient

ContentDelivery

InfotainmentService

App Store

SoftwareUpdates

OTASDPClient

OEMs

Tier-1Suppliers

ServiceProviders

ContentProviders

Goal: Secure Closed Loop Architecture

SDP

SecureOver-The-AirDelivery

SecureOver-The-AirData

MovimentoUnifiedOTACloudPlatform

App Delivery

OTASoftwareUpdates

InfotainmentService

Management ContentDelivery

SoftwareManagement

Big Data

CyberSecurity

18www.movimentogroup.com

Key Takeaways

Connected ecosystem foundational to future.

Multiple cyber attack vectors must be mitigated.

Secure enclaves are an ideal security model.

Software Defined Perimeter enables secure enclaves.

Proactive security requires closed-loop architecture.

19www.movimentogroup.com

Q & A

20www.movimentogroup.com

Securing the Software Defined Car™ Using

Artificial Intelligence and OTA UpdatesDate: Tuesday | 14 November, 2017Time: 8 AM PST / 11 AM EST / 5 PM CET / 9:30 PM IST

Saving Lives Using Artificial Intelligence and

Context-based Automotive OTA Software UpdatesDate: Tuesday | 5 December, 2017Time: 8 AM PST / 11 AM EST / 5 PM CET / 9:30 PM IST

Upcoming Webinars

21www.movimentogroup.com

www.movimentogroup.com

www.linkedin.com/company/movimento

@movimentoauto