当前位置:首页 > 报告详情

塞西普演讲.pdf

上传人: 拾亿 编号:751866 2025-07-29 15页 812.48KB

1、Page 1 GlobalPlatform 2025|Confidential SESIP22ndMay 2025Jorge Wallace Ruiz,GlobalPlatform SESIP Committee Automotive Working GroupFrancesca Forestieri,GlobalPlatform Page 2SESIP Certification:How it works and its use in AutomotiveFrancesca Forestieri,Head of AutomotiveGil Bernabeu,CTOPage 32.Emerge

2、nce of Regulations and Standards on CyberSecurity?Why does security certification matter?SAE/ISO 21434 and 24089UN R155/156 AND ISO/SAE 21434 and 24089CN CS Law GB64 Countrieshttps:/ ForumCybercrime and cyber insecurity are new entrants into the Top 10 rankings of the most severe global risks over t

3、he next decade,according to the World Economic Forum.Now taking the 8th spot,cybercrime now stands side-by-side with threats including climate change and involuntary migration.1.World is a scary place?Page 4Implementations of Cybersecurity Management Systems for UNECE 155/156:Compliance is not Seaml

4、essFrequent Rejection of Reports at Type Approval!Unstructured Reporting&GapsInconsistent Vulnerability ContextAbsence of Integration with Existing StandardsLack of AssumptionsRationale for selection of test casesExamples of Common ReasonsPage 5Use lab evidence of certified hardware protected securi

5、ty environments SAE J3101Demonstrate cyber assurance levels,leveraging ISO“transparent”security levels ISO/IEC 15408 defining AVA_VAN vulnerability assurance levelsSESIP Certification from SESIP Certified LabWhat Can Be Done to Increase Evidence of Best Practice Adoption on Security Products?Page 6S

6、ESIP is a standard methodology European CENELC Standard(EN 17927)Work planned for ISOWhat Product Types?Early focus of SESIP has been SoCs Can be applied to higher level componentsHow does it work?Certification requires methodology plus SESIP profile Either defined for a class of product or Vendor s

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要内容是关于SESIP认证在汽车行业中的应用和重要性。以下是关键点: 1. **SESIP认证介绍**:SESIP是一种标准化的安全评估方法论,提供产品安全认证,与PSA、美国网络信任标记计划等认证框架相一致。 2. **网络安全趋势**:世界经济论坛报告指出,网络犯罪和网络安全问题在未来十年内将成为全球十大严重风险之一,排名第八。 3. **法规与标准**:UNECE 155/156、ISO/SAE 21434和24089等标准在汽车网络安全管理系统的实施中存在合规性问题,报告经常在型式批准时被拒绝。 4. **SESIP的优势**:SESIP注重安全成果的实现,而非仅仅是流程的遵循。它相较于共同准则(Common Criteria)更少强调正式文件,更多关注于要求是否得到满足的证据。 5. **应用范围**:SESIP最初关注于SoCs,但也可应用于更高级别的组件。 6. **认证流程**:包括定义安全目标和评估范围、选择适当的安全功能要求、确定安全目标和选择保护轮廓等。 7. **市场接受度**:目前,SESIP认证在多个市场受到越来越多请求,特别是在汽车行业,通过预认证来理解安全风险。 8. **未来展望**:SESIP正在与主要物联网协会讨论采用事宜,并在亚洲其他国家进行持续讨论。 核心数据引用:“Cybercrime and cyberinsecurity are new entrants into the Top 10 rankings of the most severe global risks over the next decade, according to the World Economic Forum” 和 “Today labs are seeing an increasing request for SESIP certification in many markets”。
"如何提高汽车安全认证?" "SESIP认证在汽车行业有何作用?" "全球风险排名中,网络安全为何飙升?"
客服
商务合作
小程序
服务号
折叠