The Vehicles Services WG addresses a broad range of different vehicle types ranging from automotive cars, trucks and buses, as well as trains and related mobility infrastructure. The increasing connectivity in vehicles enables integration of additional services as mobility solutions, which also increases the demand for security.
In an automotive context, a Road Vehicle is a system composed of many subsystems or functional domains which are interconnected and communicate with the outside world through one or more wired or wireless gateways. The modern vehicle must support a diverse set of use cases and services so it can be viewed as a composite industrial control system network with one or more external network gateways and human user interfaces. The growing focus on external communication has changed the vehicle security posture and threat model. A vehicle is now connected to other networks and susceptible to similar threats as other connected devices, such as internet of things (IoT) devices, infrastructure, backend systems and mobile phones.
Vehicles are evolving away from a primarily mechanical and electrical architecture to a software defined vehicle (SDV) architecture, where ECUs (electronic control units) from different functional domains are being consolidated into a single ECU using methods such as virtualization. This evolution results in vehicle ECUs becoming more capable and complex. The modern vehicle can have over 100 ECUs that range from 8-bit memory controller unit (MCU) ECUs to central processor unit (CPU) system-on-chip (SoC) ECUs, depending on their role in the vehicle architecture. ECU software can range from a real-time operating system (RTOS) on a sensor ECU to a full embedded Linux stack on an infotainment SoC ECU. Adversaries constantly evolve their attack methods to monetize common weaknesses (see CWE (Common Weakness Enumeration) at https://cwe.mitre.org/) in technology, so that they can target the entire vehicle platform and supply chain, including hardware, software, data, and vehicle users. Vehicle ECUs have a critical need for trustworthy hardware capabilities and secure software execution environments, so these ECUs should be secure by design and resilient when under attack. TCG technologies enable secure by design implementations that include resiliency capabilities since they provide protection, detection, and recovery mechanisms.
The Vehicle Services Working Group (VS-WG) is focused on the adoption and refinement of TCG technologies that provide trustworthy platform primitives, including Roots-of-Trust (RoT), in vehicle architectures. The goal is to support diverse modern vehicle uses cases such as Electric Vehicle charging, Digital Car Key, Autonomous Driving capabilities, and Secure Over-the-Air updates. These trustworthy platform primitives can be enforced by hardware RoTs that provide identity, confidentiality, integrity, availability, and attestation via architectural concepts such as measured boot and secure execution environments.
The VSWG objectives are:
VSWG participants include Automotive OEMs, Tier 1 Suppliers, Research Institutes, Government Agencies, and liaisons from other standards bodies. VSWG welcomes new members who want to support the adoption and refinement of TCG technologies for automotive vehicles.
The following picture shows components of vehicles systems and the related services:
Vehicle Services Trustworthy Platform Stack