Vehicle Services

The Vehicles Services WG address a broad range of different vehicle types ranging from automotives, trucks, buses as well as trains and the related mobility infrastructure. The increasing connectivity in vehicles enable an integration of additional services as mobility solutions, which also increase the demand for security.

A vehicle is a system composed of many subsystems or functional domains, which are interconnected and communicate with the outside world through one or more wired or wireless gateways. The modern vehicle must support a diverse set of use cases and services, so it can be viewed as a composite industrial control system network with one or more external network gateways and human user interfaces. This growing external communication focus has changed the vehicle security posture and threat model. The vehicle is now connected to other networks and susceptible to similar threats as other connected devices such as internet of things (IoT) devices, infrastructure, backend systems and mobile phones.

Vehicles as platforms are evolving to a software defined vehicle (SDV) architecture where ECUs (electronic control units) from different functional domains are being consolidated into a single ECU using methods such as virtualization. This also has an impact on security because these ECUs have an increasing demand for scalable and flexible protection mechanisms. The modern vehicle can have over 100 ECUs, which contain a variety of controllers that range from single 8-bit memory controller unit (MCU) to multiple central processor unit (CPU) system-on-chip (SoC). TCG provides a broad range of standards and technologies to enable a seamless protection for this variety of controllers and processors.

This security demand is also relevant for software in the ECUs. The increasing demand for connectivity and high-performance computing of vehicles also leads to a significant extension of the ECU software complexity. This complexity enables a broader range of threats and attack vectors, which can be exploited such as the attack vectors of generic Linux systems, which are often included in telemetric or infotainment ECUs of vehicles.  TCG standards provide flexible and scalable technologies for the protection of assets such as keys and credentials in vehicles and they enable enhanced security with platform resilience, communication security, virtualization integration, software stacks, user authentication and lifecycle-management.

The Vehicle Services Working Group (VS-WG) is focused on the adoption and refinement of TCG technologies that provide trustworthy platform primitives, including Roots-of-Trust (RoT), in vehicle architectures. The goal is to support diverse modern vehicle uses cases such as Electric Vehicle charging, Digital Car Key, Autonomous Driving capabilities, and Secure Over-the-Air updates. These trustworthy platform primitives can be enforced by hardware RoTs that provide identity, confidentiality, integrity, availability, and attestation via architectural concepts such as measured boot and secure execution environments.

The VSWG objectives are:

    • Evaluation and adoption of TCG technologies into Vehicle Services such as TPM, DICE, MARS, TSS, CyRES, etc.
    • Creating specifications and reference documents on the use of TCG technologies in Vehicle Service systems.
    • Provide whitepapers and reference documents for the design, development, production, provisioning, runtime use and testing of vehicle system cybersecurity.
    • Maintain existing TCG vehicle services specifications.
    • Collaborate with other standards bodies to bring TCG technologies into the vehicle ecosystem

VSWG participants include Vehicle OEMs, Tier 1 Suppliers, Semiconductor manufacturers, Research Institutes, Government Agencies, and liaisons from other standards bodies. VSWG welcomes new members who want to support the adoption and refinement of TCG technologies for vehicles.

The following picture shows components of vehicles systems and the related services:

Vehicle Services Platform


Hisashi Oguma
Group Manager
Toyota Motor Corporation
Hisashi Oguma received the B.E., M.E., and Ph.D. degrees in computer science from the University of Electro-Communications, Tokyo, Japan in 1997, 1999, and 2002 respectively. In 2002 he joined NTT DoCoMo, Inc., Japan. In 2007 he joined Toyota Motor Corporation, Japan. He is currently Group manager, Cybersecurity Group, InfoTech, Connected Advanced Development Division. His current research interests include cybersecurity technologies relevant to vehicular system.
Eoin Carroll
Principal Product Cybersecurity Engineer
Principal Product Cybersecurity Engineer Eoin Carroll received a MSc in Networking and Security from Cork Institute of Technology, and a Higher Diploma in Applied Physics from the National University of Ireland Maynooth, in 2011 and 2000 respectively. He has been a member of – and represents - Toyota Motor North America at the TCG MARS, IoT and TPM Work Groups since February 2022. Eoin has 10 years' experience as an Electronic Engineer on FPGAs, Chipsets and medical devices which focus on new product features, verification and risk evaluation. He has an additional 11 years' experience in Cybersecurity where he currently serves as a Principal Product Cybersecurity Engineer in Toyota Motor North America’s Vehicle Product Cybersecurity Group. Prior to working at Toyota Motor North America, he served a Principal Engineer at McAfee focused on Advanced Threat Research and Platform security. Eoin has experience within a number of areas including vehicle systems cybersecurity, operating system internals, network protocols, embedded systems, product engineering, threat modeling, vulnerability analysis, reverse engineering, penetration testing and platform security mitigations.