04.11.2019

Conference Lead at Automotive Circle Assembly Engineering Insight @ Magna Steyr 2019

From September 24th to 25th, 2019 the Insight Conference of Automotive Circle Assembly took place at Magna Steyr in Graz. Overall topic was 

“Agile and smart: Complete vehicle manufacturing at Magna Steyr”

There were 94 participants from many European and Global OEMs and Suppliers.

The world’s largest multi OEM contract manufacturer produces a wide range of different vehicle models at one location: from the legendary Mercedes-Benz G-Class to the BMW 5 Series and Z4 to the new models Toyota GR Supra and Jaguar E-PACE and I-PACE (Car of the Year 2019).

With the production of vehicles with conventional powertrains to plug-in hybrids and the purely electrically driven I-PACE, Magna Steyr demonstrates that the company masters the agile production of different powertrains on a single line and is thus already successfully mastering a central challenge for tomorrow’s production.

As a highlight of the conference, the Magna Steyr plant in Graz has opened its doors for all participants during the morning of the second day of the conference - an experience providing exclusive insights into the assembly of the Jaguar I-PACE/E-PACE and the Mercedes G-Class production on a guided tour through the plant!

Overall topics of the presentation section were:
- Integration of electric vehicles
- Smart Factory: Nex approaches in digital planning, production and logistics
- OEM-Reports

20.05.2019

Participation and Keynote Speech at: Gate4SPICE Event “Risk Assessment as a practice in Automotive industry and its view across ASPICE, Functional Safety and Cyber Security” on May 17th, 2019

This year’s Gate4Spice Event was hosted by WABCO in Hannover. High-level participation of CQO and CTO revealed clearly the importance level that WABCO has internally assigned to the topic of ASPICE. To emphasize the role of different standards (ASPICE, Functional Safety and Cyber Security) and their application/relevance in truck industry, trends in commercial vehicles and the importance of Risk assessment as a proactive step was presented by Senior Director-Engineering and Project Management Quality.  Amongst more presentations by Quality leadership as well as technical leadership the topic of CyberSecurity in Software development was presented by Dr. Joachim Leder providing an informal insight into concept and challenges imposed by CyberSecurity. In an interactive session around the Cybersecurity and ASPICE collaboration with Dr. Rajesh Ganji from WABCO the introduction to  cyber security in automotive and also the work done by Intacs workgroup setup to reflect (Cyber)Security within ASPICE concept.
In the course of the afternoon, Joachim also led a workshop with about 20 participants out of the Gate4Spice audience. This was set up as a concept discussion – What could be provided as an input to the Cyber security workgroup  by gathering proposals for improvement, changes and supporting informations.

22.01.2019

Presentation at Automotive Circle „Assembly“, February 2019, Bad Nauheim

Conference subject:
“Assembly in the tension field between digitalisation and IT security”

Main topics:
- Process optimization in assembly and logistics
- New technologies from the smart factory
- Cyber Security
- Human resources — the assembly worker

Dr. Joachim Leder presented on Wednesday, February 20th:

Risk analysis and threat analysis - the starting point of an effective security concept

Based on the concept of Security Lifecycle and the Compass Rose of Security the principles of Analysis were presented:

- System Security Analysis as the process of 
   > identifying the boundaries and assets of the system, 
   > understanding system vulnerabilities and 
   > evaluating possible damages
- Threat Analysis as the process of
   > identifying and understanding the threats,
   > their actors,
   > evaluating their capabilities and motivations
- Risk Analysis as
   > a combination of the results of threat and system analyses
   > to create a priority-ordered list of risks and associated controls

Using the hands-on example of V2V (Vehicle - to - Vehicle) communication in an environment of autonomous driving, the process of identifying Impact Levels and combining possible attackers with respective capabilities to yield a Threat Level Matrix has been described by Joachim and an evaluation method including an algorithm patterned on ISO/SAE 21434 proposal was presented.

Finally a scenario of possible risk mitigations was included in order to demonstrate priority adaptations in the process of Planning and Execution implementation.

The presented concept and process relates directly to the given presentation of Emmanuel Ifrah from SEGULA:

OT Cyber Analytics

For the full conference agenda topics please visit: AutCircle Assembly, Bad Nauheim

14.12.2018

Participation on Info-Session for WSFB-consultant training on Dec 14th, 2018

During this afternoon, a representative of “WSFB Beratergruppe Wiesbaden” provided a brief overview of the concultant concept of the company. Main focus was on the general understanding of the underlying “Diamond”-principle which was developed as a 3rd step after

a) the times where there was a sharp distinction between PROCESS-consulting and SUBJECT-SPECIFIC-consulting and
b) the times where this was considered jointly.

The “Diamond”-principle is a systemic and integrating consulting concept which is closely connected to the specific business impact. It fosters organizational development embedded in business needs.

The info-session was meant to be an introduction to the WSFB consultant trainings which take place twice a year. These consist of 9 learning modules - each 3 days in duration:

1. Initial Workshop
2. Analysis
3. Consulting Supervision I
4. Diagnosis
5. Consulting Supervision II
6. Architecture I
7. Architecture II
8. Consulting Supervision III
9. Final Workshop

28.11.2018

Keynote Presentation at Automotive Innovation Summit Conference, Audi Forum, Neckarsulm

The central topics of this Automotive Expert Conference were

a) Autonomous Driving
b) Electrification
c) Big Data
d) Cyber Security

Cultural and Ethical aspects of electrified and autonomous driving were shown as future main considerations in governmental activities as well as for the development of software algorithms. 

The sensoric concepts of autonomous vehicles are currently very much different between the existing prototype applications all over the world and it seems appropriate to consider a maximal diversified approach in order to mimick human sensoric.

Each industrial equipment nowadays provides a huge amount of data during installation and operation. Therefore strategies and tools to use these big data amounts are required and methods for analytics were presented. Nevertheless the more data are generated and apt to communication and distribution the more vulnerabilities arise in the IT and in the general manufacturing arena. 

Risk and threat analysis were discussed in workshops and panel discussion were held to consider Cyber Security aspects. Not only IT-based Security risks in Cloud Applications and Digital Manufacturing Systems are of concern, but in the scope of an obviously required – but not yet established – Security Culture in OEMs and Suppliers a Security Lifecycle needs to consider also Physical Security, Product Security and Process Security. Dr. Joachim Leder presented an overview of Cyber Security in Manufacturing with all relevant topics and the necessary activities among affected parties.

Cyber Security in Manufacturing

1. Goals of Security

 - CIA Triad

2. The Evolving Vulnerable Flanks

 - Possible attack goals

 - From single parts to complete vehicle

3. Security Needs of Manufacturing

 - Security Lifecycle

4. Establishing Security in Manufacturing

- Major tasks

5. Outlook for the Future

 - Next security focus