IoT: Securing the automotive supply chain with distributed ledger technology

IoT: Securing the automotive supply chain with distributed ledger technology

On July 7, 2022, software start-ups met in Stuttgart with manufacturers and suppliers in the automotive industry (Original Equipment Manufacturers, or OEMs for short) to exchange ideas and make plans for new technical approaches in mobility. Obviously, the new primacy of software over the old world of hardware presents the OEMs with major challenges, some of which are still unsolved Difficulties and how partners from research, start-ups and industry could overcome them together.

It is no longer up to date to want to do everything from a single source on your own – the coming cars are more like “smartphones on wheels”, according to Ola Källenius (CEO of Mercedes-Benz). According to him, CO2-neutral technologies are a goal to which the initiator of the event, Mercedes-Benz Group AG, is committed. In their search for more efficient technologies that ideally can go into series production, OEMs have been keeping an eye on start-ups and their innovations for a long time. Global crises and upheavals in the industry require additional rethinking, emphasized the keynote speakers Tanja Rückert (CDO Bosch) and Saori Dubourg (Member of the Board at BASF) at the opening.

The end of the growth curve has been reached, according to Dubourg, the current time is “unprecedented” with its upheavals. In her keynote speech, she identified two paradigm shifts, the emergence of new fields of innovation in response to the current upheavals – and a change in the financial industry: Losses caused by climate change (amounting to 311 billion euros due to weather-related damage alone) are currently leading to a turn towards the Capital markets to sustainable investments. The Green Deal is a hope for Europe, and with Ursula von der Leyen she described it as “Europe’s man to the moon moment”.

According to Källenius, a technical breakthrough seems within reach. The Mercedes Vision EQXX research vehicle recently set a new range record in e-mobility: During a test drive from the Alps, it covered 1,200 kilometers with a single battery charge, thanks in part to its aerodynamics and reduced wind resistance. Start-ups like that of the aerodynamicist Dr. Ventus, founded by Andreas Waldmann and his colleagues Rafael Abel and Lutzpegel, is behind such successes: The Ventus team models winds close to the ground, which play a decisive role in the range, predictability and costs of electric mobility.

Comparison of a traditional weather model and Ventus’ more accurate wind model, which offers 30 by 30 meter resolution.

The model used by Ventus (and apparently also Mercedes) with 30 by 30 meter squares and height profiles achieves a precise wind forecast, whereas conventional weather models with 10 by 10 kilometers are poorly suited to predicting the small-scale near-surface wind phenomena due to their low resolution – for the Air resistance on the car, however, are precisely these relevant. The 3D model shown in the photo shows the same landscape on the left and right. The rough model has a certain amount of height information, but this is not sufficient for the intended purpose. In aviation you are further along. As heise Developer learned from the aerodynamics specialist and colleagues from the surrounding stands, e-cars spend a large part of their development time in the wind tunnel (about six months).

Another start-up UBQ from Israel developed a bionic substitute for plastic using an upcycling process from waste. “It’s not science fiction, it’s tangible,” reported Källenius, whose company has entered into a partnership with both start-ups. In a humorous interlude, he described Mercedes as “this little start-up” when it was founded, the founder of which had set itself the goal of getting rid of the horses in the transport sector. Bosch CDO Tanja Rückert also presented innovative proposals to the audience. She was joined by Henning Lategahn, the CEO of atlatec, a startup that specializes in high-resolution maps for autonomous driving and simulations that Bosch acquired.

According to Rückert, digital 3D maps are crucial because Level 4 cannot be reached solely with sensors installed in the vehicle. In order to reach level 4, the vehicles would have to “understand their environment”. Rückert and Lategahn reported on the advantages and disadvantages of their partnership and the takeover of a small, agile start-up by a large corporation. Among other things, the large number of stakeholders is slowing down the coordination and alignment processes. In return, the group offers the smaller partner a stable infrastructure to grow and also to be able to produce in series. Scaling is considered one of the bigger challenges for startups.

The discussion panels in particular offered technical depth. Mirko Ross, the founder and managing director of the start-up for IoT security called asvin, and two other panelists from DXC Technology and Excelfore, together with their moderator from heise Developer, explored how secure IoT lifecycle management for software-defined vehicles (SDV ) is working. Car manufacturers cannot afford weak points in software like Log4j – the origin, versioning and, above all, secure update channels with “Over-The-Air” connectivity (OTA) must be guaranteed. Together, the three partner companies have developed a way to track software components throughout their CI/CD pipeline and to understand which piece of software came from which vendor, what version and with what certification.

Panel discussion “Track and Trace” about secure software supply chains for cars – from left to right: Silke Hahn (heise Developer), Mirko Ross (asvin), Moritz Glandien (DXC) and Volker Haninger (Excelfore).

This applies in particular to the car’s control units (Engine Control Units, or ECUs for short). This is important in order to meet existing requirements (regulatory compliance) and to ensure the safety of such vehicles. Technically, asvin and its partners have developed a blockchain application with distributed ledger architecture in a 100-day project that takes “fingerprints” from the deployed software. The product can be used for documentation and vulnerability testing, but can also be used in conjunction with a Software Bill of Materials (SBOM) and its history. The conclusion of the panel was that networked vehicles need security concepts, and standardization would be the next step for the security concepts.

The outer framework for EXPO2022 was provided by the Wagenhallen near Stuttgart’s Nordbahnhof: the place for art and culture had already served as a location for a number of previous editions, and the Plug and Play subsidiary “Startup Autobahn” once again organized the event there. Indoors and outdoors, the event offered a program on three stages with keynotes, pitches and discussion panels on topics from research, industry and art, while start-ups and OEMs usually also had their own stands in the halls where they presented live demos and informed about their inventions, technology and use cases. The professional speaker and coach Dan Ram led through the day as a moderator in a knowledgeable and energetic manner on changing stages.

The lectures and panels were freely accessible online as a live stream for anyone interested, and the recordings are now also available on YouTube. heise Developer was represented by the editor Silke Hahn on site – among other things, to create a discussion panel on software supply chain security (“Track and Trace”) with DXC Technology, Excelfore and the German IoT security start-up asvin.

Behind the “Startup Autobahn” innovation platform is the Sunnyvale/California-based company Plug and Play, whose founder Saeed Amidi initiated the project together with the Mercedes-Benz Executive Board in 2016. The basic idea: OEMs develop a project with start-ups in 100 days and then decide on further cooperation. Since then, the associated event EXPO Startup Autobahn has taken place eleven times: Mostly, but not always in the Wagenhallen (among other things, the Stuttgart Trade Fair Center has also served as the event location). At present and in the future there will be an EXPO regularly once a year.

According to Amidi and Mercedes-Benz board member Ola Källenius, the goal of the start-up specialist and the long-established coachbuilder was to bring the spirit of Silicon Valley to Stuttgart and combine it with the engineering skills available here. The University of Stuttgart and the ARENA36 research campus are also founding partners in the initiative, in which ADAC, BASF, Bosch, DXC Technology, Porsche, Schaeffler and Linde, among others, are also involved.

Further information on the event, the platform and the network partners can be found on the Startup Autobahn website.

Citrix: Update for Hypervisor and Xenserver against AMD vulnerabilities Previous post Citrix: Update for Hypervisor and Xenserver against AMD vulnerabilities
Amazon AWS Cloud WAN generally available Next post Amazon AWS Cloud WAN generally available