Secure manufacturing
The first set of technical cybersecurity controls deals with securing the manufacturing process both at the component and vehicle levels. This includes applying security controls for the process of installing firmware and software, provisioning critical security parameters (CSPs), and transitioning the component or vehicle into a secure production state. The goal of such controls is to ensure that the vehicle’s assets are protected from the start of production until the vehicle rolls off the production line. The usage of a secure key management infrastructure is fundamental to achieving these goals. This is enabled by hardware security modules (HSMs) deployed within the factory environment to generate secret keys that need to be provisioned into each vehicle. The HSM can also be used to sign software images and calibration sets before flashing vehicle ECUs. Wherever possible, the HSM should be leveraged to generate private/public key pairs and shared symmetric...
