- Research Analyst Digitization - IT Research and Innovation - PhD Candidate University of Michigan Dearborn - Machine Learning in Automotive Security - Vice Chair - IEEE SEM
01 02 03 04 05 Intro Ford and Smart Mobility, IoT Opportunity IoT Security Smart Things, IoT Framework, IoT Vulnerabilities IoT Foundation Security Device, Network, Application, Privacy, People Data and Privacy Access and control Smart Living Implications, Art of the possible, IoT Security Puzzle Reference: pixabay.com
SYNC Connect Apple Car Play, Android Auto AppLink Expansion SmartDeviceLink partners Ford Credit Link GoDrive, GoRide, GoPark Multi-modal mobility solutions Techstarts Mobility challenge Bike sharing, City solutions Tripling Autonomous fleet Added testing (M-City, CA) Velodyne collaboration Snow testing Investment in Argo.AI, SAIPS, Nirenberg Neuroscience FordPass Amazon Echo Lincoln Miles GDI&A IBM partnership Pivotal partnership Ford products are shifting toward an expanding view of customer experiences
Consolidating brands while expanding product diversity Reference: media.ford.com
100,000 parts 67 manufacturing sites 24.9M meters 3 water/year 201,000 employees 12,000 dealers worldwide manufactured 14.6B Kilowatt hours/year 15M vehicles with SYNC 6.6M vehicles sold/year $110B spend on operations New and existing customers, employees, and supplies are part of our sustainability ecosystem Reference: 2016 Annual Report, 2015-2016 Sustainability at Ford Report
Fusing processes Security and devices Smart water management Employee Security productivity Customer Experience Supply Security Chain Integration Smart resource Security management Connected Security consumer New revenue streams Efficient Security operations IoT is a common opportunity across all of our domains
Connected Intelligent Insightful Actionable Smart: Improving people s quality of life and capabilities Reference: pixabay.com
People Analytics Application Security Network Smart Things (Device)
People Malicious Intent Internal Threat Introduction Easy, unobtrusive identity management Analytics I5 Privacy Concerns I6 Insecure Cloud Interface Application Network I1 Insecure Web Interface I2 Insufficient Authentication/Authorization I7 Insecure Mobile Interface I3 Insecure Network Services I4 Lack of Transport Encryption OWASP Top 10 Things (Device) I8 Insufficient Security Configurability I9 Insecure Software/Firmware I10 Poor Physical Security Reference: www.owasp.org Open Web Application Security Project Copyright 2017 Ford Motor Company, All Rights Reserved
Encryption Authentication Computing Power Secure Booting Root of Trust Power Limitation Interoperability Hardware Acceleration for cryptographic operations Key management Things Network Application Analytics People Reference: pixabay.com Copyright 2017 Ford Motor Company, All Rights Reserved
Lots of devices (46B by 2021) Bandwidth Firewall Bring your own smart thing Updates Control Access Authentication Intrusion Detection Density of the network traffic Things Network Application Analytics People Reference: shapingtomorrow.com, pixabay.com Copyright 2017 Ford Motor Company, All Rights Reserved
Management Cryptographic Storage Restriction and access Information Leakage Injection Malicious File Execution Things Network Application Analytics People Reference: pixabay.com Copyright 2017 Ford Motor Company, All Rights Reserved
Control Privacy Legal requirements Profiling Information Linkage Lifecycle transitions Legislation Evolving Technologies Interoperability Tracking Inventory Attack Network Interrogation Identification Things Network Application Analytics People Reference: pixabay.com Copyright 2017 Ford Motor Company, All Rights Reserved
Profiling Intent identification Privacy-violating interactions Privacy compliance Anonymization Detect hacker behavior Identification Instruction detection Prevention Intuitive and robust Things Network Application Analytics People Reference: pixabay.com Copyright 2017 Ford Motor Company, All Rights Reserved
Smart Thing Not scalable for expected IoT growth Reference: EmpowerID white paper
Smart Things IoT Security Solutions might be a hybrid between RBAC and ABAC Reference: EmpowerID white paper
Data Ownership Digital Activity Control Privacy Identify Management Secure In control Empowered Efficient Productive Connected Experienced Access Security Smart: Improving people s quality of life and capabilities
Contextual Security Data Governance Embedded Security People s Intent Network Segmentation Physical Security Threat Detection Privacy Access Ubiquitous Identity Management
Examples Intelligent Interactions Analytics Devices I see, I know I act meaningfully and proactively I see I know I understand I see I know Applications Personal Home Vehicles Enterprise Industrial Internet Platform and Enablement Building Blocks Hardware Software Connectivity Partners Reference: http://mattturck.com Leading companies are investing in capabilities to deliver IoT intelligent interactions and personalized experiences while offering robust security solutions
Smart Living requires IoT Security IoT Security is a contextual and inherited problem amplified by IoT OEM s are contending for presence in the 46B connected things by 2021 Cyber attacks could cost businesses and individual up to $90 Trillion Public perception of privacy and security failures has an impact on business vitality Security needs to became subtle in the background but with more robust capabilities without being intrusive Industry is looking for solutions to address challenges described in this presentation Reference: shapingtomorrow.com