 So we would like to start, may I ask to come on the stage, the panelist and moderator for session 2, Sub-security, Impact and Outlook for Automotive Systems. Lisa Franklin is missing. Okay, this is a hot mic, so people are filtering in, so we're going to get started here. We have six gentlemen here who are going to share their insights. And I will say in spite of my best efforts to have a woman on every panel. But anyway, we do have more women I think at this event, both on stage and in the audience than we have ever had before. And I didn't know how timely that was. But kind of a kismet. So anyway, I'm going to conduct this in a hybrid fashion. I thought Russ had a nice approach of letting the speakers introduce themselves and share their insights in order and very efficiently. I do have some questions. I'd like to ask these panelists and have it as much of a conversational exchange as possible after they've presented their content. However, we seem to have a fairly lively group of people here with questions and who are very inquisitive, so I will leave the floor open immediately after the presentations to see if there are some questions right away. And as I've told the panel, as soon as someone asks a dumb question, I'm going to start asking my own questions. Okay. So without further ado, Chuck, you want to kick us off here? Chuck will introduce himself and please welcome Chuck Brokish from Green Hills. Thank you. Yes, I am Chuck Brokish, Director of Automotive Business Development at Green Hills Software. Just a quick forenote here on the fact that it is women's day. I have the luxury of having three women in my life with a wonderful wife and two daughters who, I will say fortunately, are actively involved in science and engineering. So nothing within this industry, and in fact this topic of safety and security, I have to say, you know, not being sexist but actually recognizing human nature, this industry for safety and security could certainly use the nurturing and protective thought process of women. Green Hills Software has earned its pedigree in the past within military, aerospace, medical systems in which software failure is not an option. If the software fails, people will die. So software failure is not an option. That said, the software that we do is built on very robust, tested, certified principles and results. I want to talk about what we do within security and safety within vehicles and why is it important. It should not be an important role. It should be the important role within our systems. The software is replicated across millions of cars. When we look at the production of connected cars that are going onto the road, it's a phenomenal amount of software that is being enabled within the vehicles. The convergence of electrification within vehicles and electronics taking over mechanical systems. We have so much software in the system that we need to make sure that it's all robust. As we go to the connected car and work our way toward autonomous vehicles, that connectivity becomes even more critical because one system affects all systems. And so we need to make sure that we're doing everything possible to secure that vehicle and make it safe. A single exploit, as I mentioned, can be replicated across the entire fleet of vehicles. So mass production within automotive enables mass destruction, if done wrong. One of the ways that I like to describe safety and security. People say it's the same thing. People say it's opposite things. They're counter to each other. I like to view safety and security as, frankly, the bookends of a robust system. Safety is all about making sure a system does exactly what it is supposed to do. Functional safety is well known within the vehicle from a mechanical perspective on the electronic side and the software side, not as much. There are ASIL ratings, but we don't have as good a testing capabilities as we have within functional safety for mechanical systems. But safety in general states what the system must do. If there's an operation that must be done 100 times a second, it doesn't mean occasionally 99 times a second. It means it will be done 100 times a second, has to be guaranteed to be done. On the other hand, when we look at security, security is limiting what the system can do and making sure that it does only what it's supposed to. If we look at exploits that are done within vehicles and exposing vulnerabilities, it's typically taking a system and making it do something that it wasn't necessarily designed to do. So safety requires that we define what must be done. Security is the other bookend in stating the limits of what it should do and mandatory access control and making sure that we secure the system. And you'll notice I have that bookend coming back around the other end because any system that is not secured is not safe. If you can't ensure that the software, that the functionality, the capabilities of that system aren't secured, then you can't ensure the safety of that vehicle. Well, that's one of the key differentiators between cars and consumer electronics and phones and things like this. Absolutely. There's such a reliance on the safety and making sure that we lock up those capabilities and those requirements. So what I'd like to propose is a different look as to how we secure the system. Many people like to look at the system from the connected car as we talk about here and look at the portals into a system. We've got Wi-Fi, we've got V2X, we've got cellular, we've got all these connections into the vehicle and making sure that we lock out those peripherals that are coming into the vehicle and those connections. So we look at the entry points into the system. We establish a perimeter, perhaps put defense in depth by putting additional layers behind that to make sure that we ensure the system. But when that gets subverted, and I say when because we certainly know that those portals do get subverted, when it gets subverted, we end up leaving the critical components inside of the system exposed. So instead of looking at a system from the outside end, we propose you need to look at the system from the inside out. What are those critical components that are most essential that need to be protected? If we look at cybersecurity in general and how a cybersecurity works, the cybersecurity world recognizes that in the end, or maybe in the beginning, the most critical components of the system are the keys. You have to keep keys locked up and make sure that they are secured. Then you build on encryption and authentication and so on from there. But you must recognize your most critical components. So within the system of our software here and our electronics within the vehicles, we need to recognize, especially in the case of autonomous vehicles, the sensors, the control actuators, frankly the kernel software itself and what is being operated at the very core of the center. So in order to do that, we have to assume that non-critical components will be compromised. Vehicles today that are shipping, being produced, have between 100 and 150 million lines of code. That is impossible to take every line and ensure the security of every line of code. There's a lot of open source being used in vehicles today. So we need to make sure that we recognize the vulnerabilities that come with that. But we take the critical components at the center. We isolate them, use hardware separation where possible, use a high robustness software separation to make sure that critical and non-critical components are separated and make sure that the critical components even themselves are separated from each other. Minimize the complexity, keep it simple. The smaller the complexity, the easier it is to test and prove robustness of the system. And in that robust system, common criteria has defined different levels of evaluated assurance levels. A high robustness system as defined by common criteria is useful for protecting classified and other high valued information and against sophisticated threat agents. I don't know about you, but I consider the contents of my car to be high valued. Hopefully all of us do and we treat the construction and the building of these cars accordingly. A medium robustness system unfortunately is what's in most of the software that's being shipped in vehicles today. And common criteria defines a medium robustness system as being assumed non-hostile and well-managed user community. And it is requiring protection against inadvertent or casual attempts to breach the system's security. In fact states specifically that is not intended to protect against determined attempts by hostile and well-funded attackers. Now we certainly know that as we get fleets of cars out here with software and we can do mass destruction by attacking one piece of software and attacking entire fleet, there will be hostile attempts to thwart the security. I was thinking about this recently in... Back up, sorry. In an example, anybody out here know what a snapping turtle is? Have you heard of a snapping turtle? As long as you're not talking about a code name for something. I'm an avid outdoorsman. I spend a lot of time in the wild and in nature. Snapping turtles are a breed of turtle, but they're a very interesting turtle in that they are... They have a very hard shell, in fact they can... I've seen them be driven over by a vehicle and not get crushed. They have razor sharp claws and they have a very strong bite with very sharp beak. And they actually have incredibly fast movement, thus the name snapping. If you ever encounter them, I would encourage not trying to pick them up or pet them. One could argue very much that they have defense in depth. They have multiple layers of defense in order to protect themselves. However, they have a severe vulnerability within their design. If something can come and flip it over, they have a very soft belly. You are right at the core of everything that is important to that animal. I would argue, frankly, that a turtle, snapping turtle, is a medium robustness system. It's protected against casual and inadvertent attempts to thwart the security. But anybody who is meaningfully and hostily trying to take it over will do so. We need to recognize the value within our systems. Start from the core of the system. Build security outward. Making sure that at all times we're protecting those critical components inside. Hold on one second. In the context of your snapping turtle analogy, is it possible, do you think, to secure a car? Or is there any way to certify that a car is secure? How would you do that, or how can it be done? You will never be able to certify every line of code, in my view, within that vehicle. What you can do is isolate the critical components. You take those critical components, put them into smaller pieces of software that are independently certifiable, verifiable, just like systems in a lock-brake system is in a vehicle, or an airbag system is in a vehicle, or the various subsystems in a vehicle. If it's small enough that you can certify it by proving, as ASIL ratings, ASIL D rating, for example, make sure that you have to cover multi-conditional decision coverage. Every line of code coming in, and every direction that piece of code can go. If I've got too large of a piece of code, I cannot do that. But if I keep it small enough, contained enough, I can prove the robustness of that individual entity of software. Take another subsystem, do the same thing. The other benefit of doing that separation is that if I need to update one piece of software, they are, in fact, separated. So now any modification to the software does not modify the entire system, and I don't have to test the entire system over again. Okay. Thank you, Chuck. Darren Handley. Please welcome Darren Handley from UNICE and DFT. Please introduce yourself and share your thoughts, Darren. And welcome, Darren. Good afternoon. That was a great opening speech. So hopefully I can follow it up by telling you some of what we've been doing at UNICE. So just a bit of background about myself. I work at the Department for Transport in our cybersecurity team, which looks across all modes of transport, and trying to understand the things we should be worried about and what, from a governmental and policy perspective, we can do to improve the situation and help industry. So one of the things we really find important is working at a global level, working through the UN, the body for vehicles is UNICE, and helping see what could be done for cybersecurity. So just a bit more background. We got given a task, a co-chair task force with Japan, and it started looking in January 2017 about how cybersecurity should be dealt with from a policy perspective, what could be done under regulatory framework. Our task force is not just Japan and the UK. Thankfully we have lots of experts from standards bodies such as ITU, here in our group we also have manufacturers, a lot of manufacturers which is really healthy and provides a lot of support, and also other governments from across the globe. So it's a pretty comprehensive task force and we've been pretty busy as well. So within the mandate it's obviously trying not to reinvent the wheel, considering what's been done elsewhere, and bringing this together into a paper, which then could be, hopefully if it is any good, used within the UN to globalise the approach to cybersecurity for automotive. And the timeline is, it got pushed back a little bit. It was originally last December but now we're now looking for hopefully June. One year is pretty ambitious to get a paper out on cybersecurity. So this flow diagram, I'm not a master at spreadsheets but hopefully you can read this. Basically the process we've identified and almost agreed on is that if you're looking at cybersecurity of a vehicle, the first thing actually you need to do is check that the people producing the vehicle, so the OEM and their suppliers, are actually set up to do cybersecurity. Have they got processes in place, organisationally to do it? How in their design are they looking at risks? How will they monitor it and how are they really doing this to design in cybersecurity? So are they set up to do the task? That's number one. Then once you're happy, they kind of know what they're doing and they can explain how they're doing it, looking at the vehicle. And the process is quite similar to actually what Chuck described. It's kind of tell us about the systems, tell us about what is critical, how they can be attacked, what's your risk assessment for the connectivity parts of each system and how do they talk to each other. And then what have you done to reduce the risks to those things that are most pertinent? It looks like there's a fair amount of ambiguity though there in those final few steps. We want to see that you've done something, but we're not going to tell you exactly what that is. Yeah, and this is the challenge from a regulatory perspective. It looks like self-certification which we have in the US more or less. Very much a self-certification body mechanism because otherwise you're saying you must put this firewall here. We don't want that. Exactly. That's really, really dangerous and probably will limit innovation. So it's more the self-certification model. And then once that's happy that at the point of design production, they get approval. But it doesn't stop there. There's two boxes at the bottom. One is a periodic validation that the OEM's processes are still suitable, that they continue to do what they said they're doing, and actually things have changed that they've adapted. And secondly, that as risks evolve, that they have processes in place to actually respond. And if they need to do something, because say the safety of the vehicle could be impaired because something's changed in the world or bug has been found, that they actually have the ability to do so. The only thing I see missing here is an auto ISAC equivalent for sharing intrusion events and response protocols, etc. So I think from a regulatory point of view, there's only so much regulations in the UN maybe should be doing. And you just name one body which really can help the industry, auto ISAC, and that sort of other organisations, standards bodies, have a role to play with the question, is this good enough? It's like, yeah, we followed this standard here. Look, this is kind of how to do a risk assessment. So when can we see this paper? The paper, the final paper should hopefully be in June. They're all available on the UN ECE website. If you go to WP 29 and then type in the right words, you'll eventually come to the task force and cyber security, and over the air updates, and then you'll be able to find the latest versions. Excellent. Oh, it's, yep. The question is about an enforcement mechanism. Yeah, so there's... Yeah, it's not really the role of UN ECE to enforce regulation, but to influence the policy makers in each country, remember, right? Yes, and there's a... Obviously, for people doing approval, it will be member state signatory parties in technical terms to the conventions on which it comes. So in the UK, this will be my department, and it's various parts making sure we do our bit. Well, and one more thing before we go to the next speaker. The UK has already passed legislation about requirements for security, correct? Um... If you're introducing a vehicle in the UK, you have to show that you've done many of these kinds of things. It looks very similar to what I've seen. Yes or no? I think that's... Wasn't there a UK... We published some principles last summer on what we think good cybersecurity looks like. If you go to UK website.gov.uk and type cybersecurity principles, you'll find our document. So those are just recommendations? Yes, they're recommendations, they're not enforced. But they set out pretty much along the lines of what Chuck has just said, so I don't need to repeat. Yeah, and I think there is this good synergy between standards bodies. What we're proposing is achievable. My belief is actually that OEMs are already doing what we're pushing for. That goes across. I firmly believe that they are looking at the risks. They're participating in the SEISO standard, which is coming out. And systems are being designed more and more with cybersecurity from the outset. And this is tier one's tier twos as well. And most OEMs now have that monitoring and response bit in place. There's probably still room for perfection, but what industry doesn't have room for? I think the G-PAC occurred because they didn't have the response mechanisms in place before that happened and Vlasik and Miller were not satisfied with the response that they got so they went public. And I think everybody got the memo that time, like we need to be able to respond rapidly when this happens. Any more thoughts? No. Let's say quite a brief run-through without going into the weeds of really... If we want to get into the weeds, we'll wait until the other speakers are... I think so. Or people can talk to you after the panel. Please thank Darren for his thoughts. Manfred, please introduce yourself and your thoughts. This is Manfred Kunz from Marvell Automotive Center of Excellence. Hi, my name is Manfred Kunz. I'm coming from Marvell, a semiconductor vendor for now also automotive area. My business unit is mainly shipping the Wi-Fi and the wired Ethernet area. I'm in Ethernet for the last 20 years. Went from consumer over enterprise Ethernet to high-end enterprise 50 gig. And then a couple of years we started automotive Ethernet with the 100 megabit solutions. And when we looked at the 100 megabit solution after all that time in Ethernet and all the complexity over there, we were pretty surprised. The lowest quality level of switches, SOHO switch course was taken over there to move the data in Ethernet. Everyone was talking about, oh, maybe security, but on the gateway side of the ECU, the network component they were looking into was not secured at all. Not the configuration was secured of these devices. So I don't know, if you leave your house door open and you don't secure it and expect that someone in your living room is keeping out the people, that's not really the right strategy from our point of view. So we went a different approach and considered what we need to secure in a car. And this meant a lot of investment, different approach on the hardware side. So we put safety hooks inside of the device. We took a secure ECU, combined it with the switch. And the secure ECU, we run firmware over there. And from the firmware standpoint, we went to an ASPYS level of a firmware. And whoever did ASPYS software with taking the standard and going there, we gave up after one or two months and said, okay, we have to write everything from scratch. It took many years to rewrite all the protocols, all the firmware, all the OS which is in there from scratch for that. That for sure doesn't make your boss happy because that means investment. Over the last couple of years now, we saw that OEMs and tier ones like that, mainly the OEMs like that approach. And so we are in all the current self-driving architectures, prototypes you see out there moving the data in the network and also the new upcoming big gateways. So the areas we considered to secure, and I'll talk a little bit about it, was the software, the configuration of these switches or end-note devices, runtime configuration access, because if you're in your network, as you say, and someone can change the configuration of a switch, what do you care, what your ECU is doing, your ECU won't even get the data anymore to secure and check it if the switch routes them somewhere else in your network. Diagnostic access, OBD port is the typical port coming in into switches, not the most secure interface in the car today, and then over-the-air update, configuration and firmware update, data exchange, and then at the end what we do in most of the cases today is inclusion detection, prevention, denial of service attacks. So the first thing we had to make sure, every software we execute in our device, and I won't go in every detail over here if someone has detailed questions, I'm here after the speech also, we ensure the authenticity and integrity of a software running in the device. And we ended up being the only component vendor who's offering that for the network components. All other components just execute what you give them. The next thing is the complex software update, over-the-air update. If you come in and we talk here about a diagnostic tool, a diagnostic tool in a garage or over-the-air, that port mainly ends up at the ethernet switch at the edge of the network when you come in. ECU, TCU entrance ends up over here. So what we also ensured, that we have a layer running inside of the switch which can run authentication of who wants to do an update, run SSL and VPN if you want to encrypt your update all the way down to the OEM server. And we have fail-safe operations over here for updating and checking authenticity before we flash anything inside of the device. The next thing is runtime access. Whoever comes into the device and communicates with ECU, we can authenticate the incoming entity and we can build a secure connection and then communicate over the secure connection. With that, we can do diagnostic, we can do different changes on the device, but we always ensure that everything is authentic. So let me talk a little bit about the last thing. So switches have a lot of capabilities doing inspection of data runtime. So it means runtime really with TCAM, combination of TCAM, pre-classification engines, hashes, and then inspecting the data traffic. So what we do, we can run algorithms inside. We do a detection of a denial-of-service attack. Even a denial-of-service attack is there. We can change the port stage. We can close the port. We can lock this data either internally or to an entity of an authentication server from a tier one or OEM where then new algorithms are built and detected. Data is locked for the complete fleet of the car and new rules are driven down to the car. So this is not a dream that is today its practice and that is something we ship in devices. And as I said, it was a big challenge to go that route inside of a semiconductor vendor because a lot of people questioned that. Today I'm happy to stay here and say that the car industry really asked for that feature and takes it, so I wasn't looking like a fool in front of my boss when I decided to go that route. So I think that's all I can tell you to that. Just a quick question, Manfred. Wouldn't you agree that one of the great challenges we have with securing vehicles is the fact that there are so many networks, very few of which are secure or even secureable? The networks are secureable, but they aren't secure today. But it's also every time it's a question of the cost, right? Every security layer, if you add an ECU to a network switch or to everything, you add cost, you add complexity, you add firmware, you add software to it, even more lines of code if you do that. But you can secure them, but it's adding cost. I thought CAN was not particularly... No, you can secure the network, not CAN. No, no, no, I'm saying CAN is a somewhat insecure network. That's all I was saying. Please thank Manfred for his insights. Please welcome Tom Leismore with PROMON. Thanks. So I'm Tom Leismore from PROMON. CTO. Sorry, CTO. PROMON is operating a little bit in the... I think a slightly different area, primarily. We have a background in the finance sector. Looking at security of mobile lab, mobile banking, internet banking, and so on. It has been in that segment for several years. And we just wanted to share some of our insights and observations within the space of the automotive sector and hopefully look into what we can possibly do too. I would say what you have to say would be highly relevant. People are looking to turn the car into a mobile wallet at this point. So paying for tolls and gas and parking, et cetera. Yes. So one thing that we see already in the automotive sector, I would say is a switch from having a physical key to the car. For example, into using the mobile phone, the mobile app, to unlocking and do certain things with the car. So it's actually a switch from having something physical to doing something on the mobile phone. And in that switch, I think we have to look into the security aspects. And it's exactly the same switch that we have seen in the payment and finance sector. Maybe you had a physical credit card. Now you do things on the mobile phone. You went to the bank physically. Now you do things on the smartphone. My personal background is from University of Oslo and Sintef, which is a large independent research organization in Norway. PROMON is also a spin-off from those environments. And essentially what we do in PROMON is to develop a security shield for applications, which allow the application to defend itself and act and function securely, even if the device or the environment is infected. We took a short look at the Tesla mobile app and I will show some things related to that. I'll also shortly just discuss the different aspects of app security and try to share some insights from the finance industry. I would say it has been a very, very targeted industry. We have seen a lot of hacking malware activities through several years. So in certain aspects, the finance industry has matured in many ways. But it's also a very innovative area. So it's where the end user and innovation meets a high security demand, which is highly challenging. And in PROMON, as a company, we are around now 100 million end users around the world. So even in this very, very active area of security, it's good to see that we actually still maintain a clean sheet. So there has been no money fraud by circumventing any of our solutions, which does not mean that we provide perfect security, but it means that we, I think, hopefully are doing something right. So let's take a look at what we did and just one notice. Of course, we did responsible disclosure, contacted Tesla very well before. We disclosed anything. The communication were more like a one-way street, though. The security of the Internet-connected devices that we use in our daily lives heavily depends on the apps used to access, monitor, and control the devices. I will show an easy way how you can obtain the username and password that a Tesla owner is using to log into the Tesla app and use that to control his car. The methods we use for this are really simple and they have been known for years and have been also used by cyber criminals for a long time. So I think just an important note here. So it's not an attack against Tesla and we don't want to prove anything in particular. But there's one important aspect here. So what we're trying to show is just that if an ordinary hacker on the street take and use the tools that he has available just in front of him, what can he do? So this is essentially what we see here. What I've done now is I've created a free Wi-Fi hotspot that displays an advertisement that's targeted towards Tesla owners that says that if you install this free app you can get a free burger at the restaurant close by. So I can see now here, Lars has logged into my Wi-Fi hotspot. What happened now is that Lars was tricked to install an app on his phone. The app installed malware on his phone and that malware is manipulating the Tesla app on this device so that when Lars logs into the app it will send this username and password to me. So now here I can see where he actually is and let's just wait and see where he's parking. So the owner of the car installed this free burger app in the hope of getting a free burger. In reality, without him noticing, we took control of his mobile device and in the next step the Tesla app. Due to the different features in the app we were then able to locate the car, which is the next step we'll see now. I was really a criminal. I would have done this not during the day on the big laptop, but I would probably use a small phone or something, but this is just a demonstration, right? See, I think it should be over there. Okay, there you see, that's the car. Let's see what we can do with it. You know, the last thing I have to do I have to be able to drive the car without having the key. That's also possible. The keyless driving is enabled, which means we can just drive off with the car. Let's try. Did you hear that sound? What was that? Anyone know what that was? It was some kind of an alarm and we have some criminal action going on here, so does anyone know? Any suggestions? It could be. It was a seat belt alarm. So I think we can learn some things here. One important thing to learn is that hackers apparently don't wear seat belts. That's one important learning. Of course, the second learning. It's kind of interesting. It tells us something about the security of the car, right? It reacts to not wearing a seat belt, but it doesn't react to the fact that it's a criminal driving off with the car. And that's how easy it was. We have full control of the Tesla and can just drive over it. So they've corrected that? Vulnerability or no? That's an interesting question. Which brings me in a little bit difficult situation, actually. So we found... As you see, we don't really give any technical details, and that's, of course, by purpose. We don't want to help the bad guys. The coffee hour is coming up, though. No, go ahead. So we had some findings, which I would say is very far from best practice. And I believe that some of those findings were taken care of. There are other findings that were not taken care of. I hope John Podesta does not own a Tesla. No. Sorry, it's a US humor. It's an employee. So he's a happy Tesla owner. He's a little bit worried from the security perspective, I would say. So what I'm trying to illustrate here is that maybe the switch from hardware to software in terms of security did not go so well in certain aspects. I cannot really go into the security aspects of the mobile apps. It's very complex. There are many aspects to it. We could have done other things if you're close to the Tesla car with a key-fob. Then you can... I don't know with a key-fob. Then you can also use the app to remote control the app which might also have some security aspects, especially if a criminal is controlling the car and you're close by. There are certain things you have to be very careful about. So the security aspects are of course there. You can steal the car. You can see where the car is. Which is maybe information that criminals can use for other things. It's a good time to rub the house if you can see that the owner is at the other end of the town. There are quite many privacy and security aspects here which is not directly related to the car as such but definitely relevant for the owner of the car. So just to sum it up I would say that what we found here is essentially that I think the key was under the mat and definitely the security in that particular app I would say is definitely not at the standards of what we see in the finance sector and banking sector which I don't really see a reason why it shouldn't be at least given the importance of the topic. What we see in the finance sector just to share a couple of insights is that it's a very fast moving sector innovation. End users has a lot of requirements. They want to do wonderful things which of course we all want to do. So it's a very delicate balance to try to make that secure. Globally we see different requirements from the regulatory authorities in the finance sector. We also have some EU directives now. Just out is the PSD2 which relates to things like strong authentication and essentially one of the pointers is that risks has to be mitigated even if the mobile device is compromised. And it relates to things like not only prevention but also detection and response in case that things are compromised. So I think maybe also in the coffee break it would be interesting to see if we can share some experiences here. And I think the in the finance sector there's a lot of good activities. There's a lot of experience with what the bad guys are up to. There is a lot of monitoring. So part of the security here especially in the finance sector is also monitoring the bad guys. Which means that there are dedicated bodies which are monitoring something. And that is monitoring the malware, the techniques of the bad guys. Very often when new software is brought out it's penetration tested by third parties. That was not done in this case clearly. But there are also some good experience there. So I think the finance sector is an interesting area where you can see high requirements in security quite successfully meeting the drive to innovate. And the desire to do new things for example with the smartphone. It's a critical area. I think we treat the car as this last frontier of freedom and detachment from reality and refuge and we put a password on the phone. We take it for granted that we have a password for obviously making withdrawal even though we're putting a card in. We put a password on the computer. We may not be that far from having to put a password or some kind of multiple element authentication in the car. Because the location is not only that you're not home there was an incident in the DC area because we have casinos over in Maryland that criminals were following Gambler's winnings and robbing them at their home away from the casino. And this business of remote controlling a vehicle from a phone is becoming increasingly popular primarily for parking but if you can do it for parking you can do it for other purposes as well which I think is what you were alluding to. Yes. Exactly. There are so many angles to the security just one anecdote on that Tesla owner that you saw in the picture here one day he was sending some internal emails claiming that the temperature of his Tesla car had risen while he was driving home which of course all of the techies in our lab denied any relation to. So security is very very complex many angles to consider that for sure. Thank you very much. Thank you. Now we have Devere Resnick from Harmon. Are you still doing demos on the show floor or is that all shut down now? What here? Yes. No we're not. Okay. So hi everyone. My name is Devere as I mentioned before. I'm from Harmon Automotive Cybersecurity Business Unit. A word about Harmon for those not familiar we're a leading tier one company working with probably all the OEMs worldwide. We actually were here at Geneva at the other show presenting some of our technologies. Myself I'm coming from Towersack. Towersack was an Israeli cybersecurity company that was acquired by Harmon two years ago. Before that I worked for other startup companies. We've been then acquired by Samsung so it's like a road of acquisitions here but we're keeping the blue that's why I can stand in blue wherever I go. I want to talk about like three trends and then the work that we're doing with the OEMs the panelists that were before me you've heard about all the activities that they're doing and what we're doing in the industry to better protect our vehicles and obviously the safety of our passengers. So the cars are connected. I mean people talk here about connectivity and mobile phones and the fact is that I think last year I saw a data point from AT&T that 2017 was the first year that they actually activated more SIM cards on cars than SIM cards for phones because mobile phones are already saturated with 100 and something percent and cars despite all the big numbers and the graphs that you're seeing here it's only let's say about 100 million connected cars and we have a lot to grow to. So this is definitely the next realm if we're talking about the economy, the industry telco providers, the work that they're seeing. The second trend is autonomous vehicles obviously we heard last month I think that California regulated the use of autonomous vehicles without a driver. So starting in April you can go to the DMV in California say I have a vehicle and I want, it's autonomous vehicle and I want to have it driven on public roads without a driver as a safety which is a first. It's not that easy I mean obviously you have to stand by some best practices as some of my distinguished colleagues you mentioned. You need to have certain aspects in the vehicle, the ability for instance to detect the vehicle to detect security events and the ability to take remote control from it if something happens in the case of an accident and this is actually a very interesting chart that shows last year in 2017 you had 35 or 40 cities worldwide that had autonomous programs running in their city limits so even without taking the driver out you already have cities that have driverless cars driving in their cities and what are the cyber implications of that the third trend is the unconnected world who has a connected car here so everyone else don't have a connected car right? You want to have a connected car? Super. So there are ways to do that I mean the majority of the vehicles on our roads are not connected and they want to be connected there is always this tension between our demand for more connectivity more personalization I want to bring my content, my iPhone my Android into the car and the OEMs needs to preserve safety and obviously regulate the vehicles as they should it's not a laptop if you put a laptop in the sun or if I put my iPhone in the sun it reaches 40 degrees to shut down the car can't operate like that needs to be bulletproof to any safety so connecting the unconnected is another big trend affecting the industry now OEMs and we've been working a lot with them and also other three ones they're familiar with the risks they have big organizations dealing with it GM is one of them Jeff Massimilia is the senior VP for cyber security everything that relates to cyber security and privacy falls within Jeff yesterday we announced a collaboration with PSA we've been working with PSA for two years now on putting solutions developing for automotive cyber security into their next generation vehicle architecture so when you talk when you ask automotive executives what are the biggest concerns and obstacles for the growth of connected car obviously cyber security is there because they're familiar with it so if you ask the second question it's a server from Foley it's available online Google it the same question the biggest obstacle to the growth of autonomous vehicles and I'll let you have a second reflect on the number so we basically come from all the various hacks that we've seen and all the attacks that were that happened also the Tesla and the G-PAC and all the others are ethical hackers who are looking into ways to get into vehicles and now that we're looking into autonomous and we've closed that gap we have gateways, we have firewalls we're using intrusion detection we're using standard bodies the Odo Azak, SAE, Iso but when developing autonomous vehicles and we have autonomous vehicles running in our streets if you were at CES Roger was there I was there we had autonomous vehicles driving in Las Vegas but yet cybersecurity isn't the top priority in the industry and that needs to change so what can we do next as an industry an end-to-end intrusion detection solution cybersecurity to protect everything it needs to start from the in vehicle looking at detection reporting and response the fact that I collect all of the security data and send it upwards to a cloud doesn't stop over there I need to be able to respond to it do I mitigate the risk maybe it's a software bug 100 lines of codes for all humans it's software there are bugs in it maybe I need to do an over-the-air update if I have identified as an OEM or as a fleet manager that there is a problem with one of my vehicles maybe I'll share an incident with Otto Ezek a great organization which Harmon is very involved with so that other car makers around the world will be aware of that threat future-proof vehicles invest in R&D it's not about the current situation we know exactly what is the current attack surface what are the attack vectors for the vehicles V2X sensors mobile apps tire pressure everything is an attack vector but what will happen in three years time when we'll have autonomy and mobility and the third the standards, the guidelines, the information sharing are very important and it needs to be regulated as well as self-regulated because sub-security is a very subjectual topic there isn't one standard but we need to get it started we need to share information Otto the financial Ezek and my colleague here can attest to it more than I do did wonders for the financial industry and really helped in lowering down the risks of fraud in their industry and Otto Ezek will do the same same as will the SAE and the ISO bodies that are working on creating a global standard of what sub-security means also in terms of governmental progress and self-drive act that is currently shaping up in the US thank you just a couple of quick questions number one, there's no silver bullet correct? the attack vectors could actually include dealers and actually could the connected cars could pose a risk to the enterprise itself I've heard that the network of an OEM in the past I wish I had the details but I've heard that it was hacked through their vehicles yes, Ezek, I think the main challenge when you're looking at securing a vehicle versus a traditional IT is the cyber physical threat because it's not I hacked a phone, a laptop as severe as it is it's virtual it's data whereas if you hack a vehicle you have connection to the physical you can change the vehicle what it's doing you have access to the infrastructure to the back end so that is exactly the main differentiation between why you need you can use the same methods but you need to think about it from the ground up don't say in three years time I'll put cyber security as a top priority when you're developing autonomous now and connected cars now and because this is touching so many parts of the organization across all the silos it requires a different kind of a relationship than say Harman for example normally would have with an OEM does it not? in a way, yes I mean we're working with all the OEMs also the tier ones you need to have I think the OEMs are doing a lot of work both in terms of resources evaluations, POCs or let's say start of production in a way well you're working not only across their internal silos but also all the other suppliers and I believe there's also probably a little bit of education involved yes, I think that we're working across all of the industry but with the OEMs and the tier ones it's not a new thing I don't think that anyone here in the industry thinks that cyber security is a rarity that it's not happening it's a fact no one can guarantee 100% protection and as an OEM you have the responsibility to keep the car and the passenger safe so you need to also put in the measures the counter measures both the software, the guidelines the best practices that will guarantee it thank you very much and last but not least Giuseppe Ferranda please introduce yourself well, my name is Giuseppe Ferranda I'm with Caramba Security which is a company that cares about security in vehicles I've been in the industry for many years now it's about 30 years that I work on different on different activities I've been just talking about the recent experience I've been involved in the development of navigation systems and infotainment systems in a tier one I've been involved into a netted vehicle platform for a large OEM in Europe and at a certain point someone thought it was a good idea to say hey, you've been part of the problem now you go and try to fix it so I moved to look at vehicle cybersecurity and I started this job some years ago and now I'm with this company that you can see on the wall the problem of cybersecurity is based on the things that most of you have faced in the automotive industry in the past years is the one that scared me most and the reason is simple considering the relevance and the type of damage that cybersecurity and the risk connected to it can make I feel that it's underestimated I don't see all the energy and all the activities are on cybersecurity that it deserves when we look at the new challenges that we have in front of us as automaker and people that cares about mobility and we're talking about autonomous driving we talk about V2X and many other stuff so we should be really taking a lot of attention to these for many reasons first reason is that as some of the colleagues just said we can run the risk to kill people if we don't care about security and someone can take over the control the other reason is that even if we design interesting things like autonomous driving stuff and at a certain point people start to perceive that as a risk rather than a benefit then we try to kill emerging technology and stuff just because people start to be scared about it and the third thing looking at on the OEM side is a problem of reputation I mean risk cybersecurity attacks and things that may happen as a mass destruction as Chuck was mentioning can destroy the reputation and the business of an OEM definitely what I have learned I want to share with you a couple of things that I have learned working in the industry and working on cybersecurity one is that cybersecurity should be considered by design you cannot add cybersecurity at the end of the development you cannot talk about autonomous vehicle and after a while decide that you want to secure secure the system this cannot be the right strategy and the other things is that security is not something that you can sell to your customer you will never see a feature listed in a in a dealership saying and it is also secure it is not a model you spend a bit more and it is secure this is something that people consider as a given people trust the OEMs and trust they have done all that is needed in order to make the vehicle safe it is something that you have to consider looking at what happened in the connected car and why we end up with the conjunction of two things that have already been mentioned from my colleagues one is the fact that a lot of mechanics control are shifting to electronics braking, steering and such and the other things is that there has been a lot of enthusiasm on connected vehicle car without taking into account that something may go wrong and when you put the two things together it will go wrong because you have cars that can be controlled by electronics by software and can also be reached by someone connected to the internet this is where the entire story starts so the preoccupation the level of worries should be higher than the level of preoccupation that I see today in the industry that is why I am a little bit worried about it and talking about autonomous security so we talk about autonomous cars so why don't we try also to talk about autonomous security which is the concept that I will try to tell you and explain why Caramba security is working on this concept we start from the point of view that you want to secure your home from people to step into it then you want to control it to understand if someone was able to enter so you want to have detection but you want to have also protection and you have to try to identify a way in which you can increase the level of protection of a vehicle protecting all the vulnerable systems and all the different ECUs that are connected to the different network and try to follow the same logic of protecting a house so you build all the protection you have a house you have a hardware doors and everything and you protect the perimeter of your house and then you start to understand what you can bring into the car and protect the available things that you have into your car so just a few slides so you see just a summary of what I have just said so the main things, the most important part that you have in a system the ECUs, all the controllers that controls the different features and then as we say it is something that allows you to turn off your wipers your headlamps your steering and such so this is where you want to be focused as a first step when you want to start to define how you protect and now you seal as we say in Caramba you seal the perimeter of your ECU that is where you want to start and protect the core of it we just was mentioning the fact that every car has a million line of codes you can trust this data or not I this is data that are found in securityweek.com what I can guarantee is that the first line is true because I've been to there but there can be bugs, a lot of bugs that you cannot even control maybe sometimes because there are bugs that can come from the design of your chipset there are bugs that come from the operating system that you use, there can be bugs in the software that you develop and you cannot control every bugs you can do whatever you can and most of the EM or all the EM are spending a lot of time to test a validated vehicle they are there and the attackers are searching for those bugs and try to exploit them and transform these bugs into a vulnerability into something that may allow them to drop a piece of code something that is a malware piece of code into the systems and from that point they have access to the entire subsystems in the network and those bugs can become exploited can become malware and as you were saying from a specific system from infotainment systems but not just the infotainment systems are the systems that you should be worried about you can reach all the different subsystems so you need two level of protection and today we talk about how to protect the ECUs the second level of protection is of course inside the vehicle which is another important step and we were talking about systems to protect networks and such but to stay focused for a second on what you can do on these ECUs the things that you want to do and the starting point for the discussion is with respect to ICT systems systems that is into a vehicle is a system that comes out of a plant with a factory setting with a nominal state with a number of features that cannot be changed by the final user of course those features can be changed over the air but it is under the control of the OEMs so when you have a system in a car you know what he should be doing and what he is supposed to do and what are the kind of operation that you can allow okay so the concept of autonomous security means that you want to first seal the factory setting meaning that when you build an image when you build the software that runs into the ECU you want to sign in a secure way using a digital certificate using SHA256 signature and such you can sign every executable that is into that ECU and at a runtime when you bring up the systems and when a library or a software is bring to the memory for the execution you check the signature and this is the first way in which you can try to understand if the piece of code that is coming up into the memory is a piece of code that is meant to be executed the second part of the story is that you have the ability when you build your system to understand looking at the code what is the return point of a specific function what is the right sequence of invoking APIs and function calls and you want to track that so you can understand if someone is trying to or was able to drop a piece of code into the systems such that he is trying to perform or to call feature that he is not supposed to call or is not being called in the right order so this is the two simple concept that Karamba is working on and is stressing in trying to understand what is the best way to protect the systems and how we can build a system that grows step by steps so you first protect your core part of the systems you protect your ECU you protect everything that is vital to the car and then you grow and build the rest of your security strategy on top of it that's it so let me ask you what do you think the greatest threat is and maybe why consumers are a little unsure about how worried they should be is it identity theft is it vehicle theft is it remote control of the vehicle is it ransomware I know all of the above right I think that all of the above I think that today people are less worried about privacy people are willing to give data to provide information about themselves for a burger someone was mentioning about a burger I'm not a burger guy but maybe if you offer me tiramisu I will give you my username and password but that's another story now I don't think the privacy is carrying the people too much I think that people believes a lot and the attitude that they have towards car is that they believe a lot on what the OEM is doing and that the OEM is doing all the best that he can do in order to protect them but your former employer got quite a shock two years ago wouldn't you agree it cost them $200 million I don't know what you're talking about sometimes I still see scratches on my back I was with FCA in the past Miller and Balasek you had nothing to do with that I'm quite aware right but I was telling you before there was a lot of enthusiasm in building connected vehicles it looks like that everything was possible and you can do almost everything and that the world was made only of good guys which is not the case and not many people was looking at car as a new frontier now that you start to talk about connected car data and everybody wants to collect the data from the customer now that mobile operators are seeing the automotive business as the next frontier to expand their capabilities and such it is becoming a target and those things really the problem of cybersecurity can kill the reputation of new EMS so until nothing happens everybody is happy but as soon as something happens everybody is still to become worried about for at least a week or two so we have time for one question if someone is aching to ask a question of somebody or all of the members of this panel please take this opportunity oh I tried our now no it's okay no it's okay so I'm Stepan Kovach from ITK AVTO BVS in Geneva and I have a question to the speaker from Norway I'm very bad at memorizing names sorry for that so basically you say that there are no secure mobile operating systems I can agree on that but before there was a question on whether there can be secureable networks so now my question is about your opinion on whether there are secureable whether mobile operating systems are secureable in your opinion so I think one important one important aspect is that they're added a lot of security both at the hardware and the software level for the smartphones for example but then essentially what you have is a race between racing the security on those parts and the tools that are in the market for the bad guys those tools are developed as well so it's important that security is added not at one particular place but in all the places and what we found in the Tesla case was that there were essentially no added security at the app level which means that you can walk straight into the app so there is a lot of security that you can add to get ahead of the bad guys and the tools of the bad guys and also about the mobile operating systems inside cars because basically now we have for instance not to make publicity but Android for cars so you'll take on that it really depends on the kind of set that you add to those but there is no doubt that Android itself is no guarantee for security so you have to think multiple layers most likely Android would be running in a hypervisor on Green Hills or QNX or something else actually but just one last comment you talk also about part of securing the car users is to follow the bad guys which obviously exploits some security vulnerabilities that enables that wouldn't it be easier or make more sense to make let's say the smartphones of most people secure than allowing holes which surely enable to follow bad guys but also allow them to hack good guys so I think if you want to make for example the mobile phones highly secure you would have to stop development and then you would start your certification process and you would not add features for 10 years and then maybe in 2025 we would have a pretty secure and highly certified mobile phone that no one would use thank you for your opinion we are looking for what to do short answer we have one more question from Arnaud Tadej so my name is Arnaud Tadej I'm both a direct report to the CTO and I am as well a chairman at DITU study group 17 on security so in fact I really appreciated the panel and the comments the insight and the videos of course security is extremely complex and I think we can all agree that we don't have the time to really go deeper dive if we all of us would have a workshop and would go deeper dive I think the situation would be even much more scary security is searching from hardware to software to anything in the car outside of the car that goes on the platform to the big data to the analytics and so on and we have a densification of problems that are self-complicating the story big data has helped machine learning and AI to come but at the same time these have effects on big data itself and there are more problems on the security of big data as an example to make things even worse there are other standard bodies that have other ideas now on what should be privacy versus security it's not privacy and security it's privacy against security are you going to ask a question I'm going to ask a question in fact my question here is is there a chance we could go deeper especially on a very good point on the end to end security and could we really discuss about what we are missing in terms of protocols to make it working technical foundation to make it working across car makers across operators across OEMs across clouds I know that is a coffee break question but I'm going to ask you a question in your work in group 17 are there learnings from other industries say the airline industry that the automotive industry could learn from yes there are a few things we do in the study group one was the resolution 94 when the unfortunate story on the Malaysia Airlines aircraft crashed we realized that there is a black box issue that actually is not just on the airlines right so that's an area we work on we have started a full question on intelligent transport systems with Hyundai has joined us, Alibaba has joined us and others and we discuss about a number of points here and there is something that we as web started in application security is to work on a technical framework for security as a service because today the problem is not that we are lacking security tools is that it costs a lot nothing works with each other we are deploying security all over the place but nobody talks to the other one say I see a problem can you handle it? is this something coming out of another industry or this is coming out of the automotive conversation no this is coming out of the operators industry the operators themselves it's a point of your prime if you rely on the operators to transport all of what you need to transport can they offer you other means to secure what you need to secure for example between the AOT platform and the car and other constituencies so we have technical controls we can have in the network that could help you guys to actually do a better job when you have to come back with telemetry when you have to get over the air when you have all sorts of things because let's remember the bad guys understood how to hide themselves in all of that they know how to hide themselves in the encryption so we believe we are secured by design we are not next year you'll be on the panel you're stating security as a service which fundamentally sounds frightening security should not be a service it should not even be a feature it should be a built in base functionality and we need to make sure that we're doing that frankly I will state as an industry we in the room here have the ability to do our own due diligence and we have to ask ourselves fundamentally to Giuseppe's point are we part of the problem or are we part of the solution because we are frantically adding features and features and features and there's a reason we've grown from 20 million to 100 million to 150 million lines of code because we're adding features at an unbelievable pace when was the last time that we said you know what we're gonna remove some features so that we can make sure it's safe or secure we don't do that we don't add the features and with I could frankly say reckless abandon at this point because we're not doing enough to make sure that we're protecting the system so as an industry we frankly need to ask ourselves one are we part of the problem or are we part of the solution because if you're not part of the solution by definition you're part of the problem and we simply need to add features because right now we have a system which is balanced away from safety and security as is witnessed by the hacks and the breaches that we've seen Roger can I just comment I think that if you're looking at it from the automotive industry there is the system there is the balances check I mean the ESA the SAE, the AutoISAC our organizations that are already doing progress you have the J3061 you have the J26262 and all of those are best practices that automotive that OEMs are already using daily on how to make their system secure and I think we'll always have that gap in terms of as my colleague here said that we'll always be like a step behind what the consumer wants because they have their needs to add more connectivity and we come from the cybersecurity standpoint and say how do we protect that new attack vector but the work is being done and I think the best testament of it is the self drive act that was just introduced to the senate last year a few months ago that states that when you do develop an autonomous vehicle and you want it deployed one of the things that as a car maker technology company you need to have in that vehicle is an idea solution you need to have a system that's able to detect report and respond to cybersecurity or privacy events so that's the work that's already taking place from the industry I get the final word as moderator we're talking about security because we're getting so much more connectivity and I would add to that that we will not have security without connectivity but the thing to bear in mind as I get told by gentlemen like these and women as well working in the space is security is a process it's not a solution it's ongoing so you don't set it and forget it that's why we need the connectivity associated with that and I'm going to pay a little more attention to what group 17 is working on thank you very much and thank you for your attention please thank the panel as we are running a little bit late we're supposed to keep the after an hour break which we had planned because we are tired and we come back sharp 4.30 for next session which is still very interesting so from a different point of view different angle, more on the services I think you want to listen to the next one so please take your break and come back refreshed 4.30 sharp thank you good all the presentations for the next I'm Ana Maria so you got it there so I will just put them up it's much smaller than everyone else no no it's going to be big but it just looks like yeah yeah I mean oh you mean oh the file size is much smaller oh yeah don't worry it's going to be perfect thanks enjoy the coffee did you meet no the fun is over no no one more one more fun this is the best part of course the best speakers do you usually speak English French what's your Spanish I guess no Albanian I'm from Albania but French as well do you like better English or French because in ITU we usually speak in English and I started in the UK so yeah it's much easier for me at the same time I like to speak French so I can practice it because I never get to so yeah yeah sure sorry I loved the video it was so good it was so good and it was very good we went over time but that's what I was telling when we're in the title I think that I modified this how communication will change as we always do before communication communication change is this title unless you've got a really great job with Google or the media company I'm not interested that's great I'm flying to South Africa tomorrow I'm having fun at work I want to change what are you doing there the event is starting on Tuesday or Wednesday in Johannesburg but of course you're just flying and I'm flying to Cape Town just to hang out and I want to see the coast Cape is very famous I've never seen it I've never been here and then there's really crazy things nobody believes the story I'm a really crazy cyclist so probably I will have a cycle with her husband in Berkeley so everywhere I go I cycle and then if I'm not on Sunday you check an event in Cape Town I find out after I book the flights more or less so then you're going to cycle as well I'm going to race 108 km on the coast wow you're a serious cyclist I'm going to have 180 km yeah right not for me oh that's amazing that's why I was checking to book my change of flights but you're good ladies and gentlemen we are starting so if you can kindly return to your seat and I'd like to invite the panelists to come to the stage we already have the moderator Mr. Michael Sena thank you ok Michael the floor is yours when you want to start please thank you ok we shall get started welcome to the last session my name is Michael Sena I'm very pleased to have been asked to be a moderator as I've said to the event this as far as I've seen and I've seen a lot of events this event because of the format because of the structure is the best there isn't any other event that I've been to and taken part in either as a participant or as an attendee that I find provides the level of information and the possibilities for interacting with people I hope you feel the same way and I'm sure there's going to be something that will be sent around to all of the attendees we'll ask for your opinions your ideas and make it even better in the future our format is going to be a little bit different we've got all of our speakers participants panelists we'll have 12 minutes the amount of time you take to do your presentation will just take away from the amount of time you'll have to talk with us all about what you're really trying to tell us what message you're really trying to get across so there'll be a presentation of around 5 minutes and then we're going to have questions related directly to that presentation if I don't have anybody who's got a question out there I'll ask a question we'll have the panelists questions and then after 12 minutes we'll go to the next one so without any more time Lisa, you're up my name is Lisa Franklin and I am from Best Mile we're a mobility platform focusing on autonomous fleet so I'm going to jump us to autonomous so today we've had the opportunity to hear certainly about connected vehicles and actually the gentleman from Harman he put up the picture of all the various places in the world where there are autonomous mobility and one of them is Switzerland of which we're managing the fleets so you can go if you have time and get in a vehicle on public streets with pedestrians and cars and everything else and it's been running commercially for years so I want to talk a little bit we talk about mobility a lot mobility is certainly a term in the wireless industry but as we're moving towards mobility services and mobility for connected vehicles I want to define who mobility providers are at least in the environment ecosystem that I'm talking about so on one hand we're talking about public transit we're talking about smart cities and transportation operators and on the other hand we're talking about transportation network companies that are going from let's say ride hailing on to robo taxis and then you're starting to see also microtransit so small services working within cities all of these are trying to work together but very disparate and you've got public entities private companies working together both for kind of existing traditional transportation and then starting to invite autonomous vehicles and into that ecosystem so what is the challenge for these mobility providers essentially when we talk about new services we're looking at hybrid fleets so maybe we say human driven the ones that we're talking about connected vehicles today and then introducing autonomous vehicles into that it's going to be that way for quite a long time that's one aspect and then the other is what kind of vehicles are we talking about you know if you go on the show floor you'll see a few electric vehicles you'll see some prototypes for some autonomous vehicles but around in Europe and in the United States and in Asia there's trials going on right now with vehicles autonomous vehicles so in the next many years you've got different brands of vehicles you have shuttles you have cars buses that have to work together and so that's really the challenge today if you're going to try and offer some kind of mobility service how do you manage all of this and this kind of chaotic landscape the other aspect is if you're talking about buses for example fixed route so maybe starting off with something that's very predefined and set and traffic is anticipated versus an on demand door to door for some of these ride hailing companies today what we're expecting and you can call that up so that's really the challenge today if you want to offer mobility service you have to be thinking about all these things the other aspect is what we call multimodal so if you have an existing transportation system you've got the buses and the trains you spent hundreds of millions of dollars invested in that and now you have connected vehicles ride hailing and autonomous shuttles and others there's the challenge of now what we say like integrating these AV fleets into existing transportations and what does that mean from a system perspective an integration perspective payments applications scheduling what does it mean as a fluid service the passenger itself and what's the passenger experience really with this in mind so this is actually an example this is in Sion in Switzerland that's just live you have we heard a little bit earlier about data data intelligence all of the information coming not only from the vehicles or the cars but the passengers themselves if you have applications you've got profiles and information about where you're going interacting with infrastructure and then how are you going to be able from an autonomous perspective to integrate this and then we are looking at shared shared vehicles to make sure that you're not just one person getting in the vehicle and not alleviating any traffic another aspect of this is when you're talking about multimodal with existing transportation how do you integrate what we call first mile, last mile so you maybe have shuttles that are meeting the train and integrated into those schedules and in the previous panel they were speaking about security and one of the data points was people were not as concerned about that versus other things they first started offering these integrated solutions into existing transportation that people have been taking for years and years and years passengers started getting used to that it wasn't all of a sudden changing and the streets were covered with autonomous vehicles the challenge is how to integrate that into existing transportation systems so what the landscape is today is really about mixed fleets we're seeing now and what we'll see for the next many years mixing shared and autonomous shared and autonomous and human driven and then the ability not just for my company Best Mile but for transportation operators they have to manage different types of vehicles it's not it can't be a closed silo situation so you need some kind of agnostic platform that could be able to integrate into transportation systems but also manage different types of vehicles or different brands of vehicles and then being able to manage different types of services fixed and on demand fixed route or dynamic route pooling the individual if we have the robotaxis involved and scheduled for on demand so really what we're looking at here is the ability not for the vehicle the single vehicle itself but how it works collectively in an integrated transportation system and specifically for fleet because that's the benefits that are going to be brought not just with the connected vehicles the human driven vehicles but even for the AV and that's what we're trying to think about as over these next several years to address the mobility service providers and the transportation ecosystem thank you question alright so Lisa the question that we're that our panel is is what is needed for the deployment of automated mobility services so reviewing your presentation of course I had a chance to see it before right now a few times what you're saying is that we need a platform in order to be able to integrate all of these various types of transport modes and different types of organizations public private etc what's the extent of that is that a platform that's going to work in a city is it a platform that's going to work in a region is it a platform that's going to work in a country is it going to work all over the EU what's the extent of this platform there's several things at play certainly regulations are one you know we talked earlier about in California it was just passed for the state DMV that there's level five now going to be allowed we need to test driver really it's not a single solution it's just that it's an open solution so the success at least in the next several years where you're going to have these kind of mixed either multimodal multi service ecosystems are that you're going to have to be able to work with existing transportation systems and so even for the OEMs they have very specific closed controls that may work for their specific vehicles but when you're trying to bring it into a larger ecosystem that doesn't work anymore you need a agnostic platform and you need to be able to integrate into existing transportation systems so there's a very large French transportation the largest provider and they're trying to incorporate into their trains and other transportation AV and how are we going to do that it's integrating into what they have today not creating from scratch but we have a bus system that works in Geneva that same bus system doesn't work in Lausanne it doesn't work in Zurich so if you have a regional or a national bus provider then that's the solution but if you have a single transit agency it depends on the ecosystem that's created and the providers that are there what's the ambition level is the ambition level to have this sort of a platform that will be deployed on a let's say the entire United States or all of North America or in Los Angeles definitely on a larger scale than a single urban area and so again the the idea is to be able to have a solution or a platform or the ability to have other technology integrated in together there's not going to be one silver bullet so to speak that can be deployed globally yeah I think that's unrealistic any questions out there I'm trying to understand if you compare it to the hotel world you can book the same hotel via different channels you can book it directly via booking.com etc could imagine that the same car from a car sharing platform is available via different platforms you certainly can have a global platform for that if it's the same service but if you have in that respect for TNCs you could have a global platform and there are some different rules in different countries but when you're talking about transit agencies if you're going to work with some of those mobility service friars that might be slightly different because they have transportation software systems today but yeah if you're talking about a TNC or a ride hailing company that's going into robotaxis they could easily have a global solution okay thank you Lisa Julien good afternoon so I'm Julien Masson I'm part of orange business services so I promised Mike I'm not going to focus on who is orange but what is orange doing in the field of connected car and autonomous driving so there was I guess you've been looking at this morning sessions I remember a good slide from our friends from Qualcomm who is on one hand PC5 communication on the other UU with a vehicle to network communication and usually a lot of the industry is looking at telcos including orange like the baddies who we're going to make a lot of money with autonomous driving we're going to use the core network and this is the new way to generate a lot of revenues from MNO well guess what at orange for the moment we haven't figured out anything about how to make money with autonomous driving with the network itself so we're looking at we're doing experiences and we have looked at 11P we're looking obviously at cellular V2X and we're looking at it from a technical standpoint a quality standpoint and also a business standpoint obviously and what we need to do now is really to look at both and see how I'm not talking about 11P and cellular V2X but PC5 and UU and how we can really go beyond the first use cases that the whole industry looked at with mostly safety use cases but what can be realized so we have among others but we're involved in multiple initiatives 5G car being one of them orange joined 5GAA 9 months ago where a lot is happening and we have started to collaborate with Ericsson which is a partner of Orange and we deployed an experiential network on the test track in France which involves actually LTE, cellular V2X and pre 5G components network components so the main this slide is writing what would be in an ideal world with MNOs who are deploying in a much better way than the network coverage you've seen in the UK this morning the low latency service reliability with a 5.9 this is not what you find in any telco SLA today and in order to be able to enable some of the use cases that you see here some of them that need to go back into a core network some of them that just need vehicle to vehicle communication and so of course what we're experiencing here is really it's a research network but still we had some good learnings together with Ericsson and some of those learnings we focused on a few use cases so one use case will not be deployed in an industrial way by the car industry is what we call see through and so the see through use case is you are driving your car there is this truck ahead of you you can't see beyond or through the truck so you can query the camera on the truck ahead of you to see what's ahead so when I'm saying OEMs will not deploy that you don't want to be driving your car overtaking somebody by using the camera from that truck ahead of you but from an experiential standpoint it allows us to see how we can keep a very low latency and how that video stream can be made available from a vehicle to another so this is one use case that has been experienced the other one is an emergency vehicle notification with the main purpose of today when you're driving in a city or somewhere you can hear this ambulance or fire brigade nearby your vehicle and you start to worry you're like well where are they shall I go on the side well here the benefit of this use case is really to make sure that this emergency vehicle will only alert the vehicles that need to be alerted which are on the way of that ambulance or fire brigade and there was actually a use case which is not shown here and because I had to be short I will soon stop Mike but the main learnings we got from that experiment is that with 5G and network slicing we have the ability to ensure a low latency obviously but also a quality of experience meaning that we will be capable to say right this video stream is a higher priority for this safety use case than my kids watching Netflix at the back of the car and we are capable of enabling that service for you with such quality of service and experience and low latency now this is on the defined area and in perfect conditions and obviously we will need to deploy that on a larger scale and we have some next steps with that experiment obviously we are involved in 3GPP and LTE v2v release 14 is coming the test and the experience that we did with the organization of the network we did that in the core network now we need to virtualize also the radio access network to see what are the benefits of doing that and what we are going to do is actually what we have done we are going to redeploy that infrastructure together with Ericsson on a test site in Mon Léry in Paris area which is actually a test site operated by UTAC engaging with OEMs with SOC makers because we need to go there and experiment and test both PC5 and UUC how they work together and try there is a lot of hope, a lot of hype with 5G network slicing we want to really experience it and let OEMs try it thank you very much so again I am opening the question I am opening the to the floor for questions to Julian I think everyone who is going to ask questions is left for the day so I am just going to have to ask myself so Julian what I understand you saying is that in order for us to be able to deploy automated mobility services we need to have a test platform to ensure that the use cases that need to be developed can be deployed safely, securely and with full knowledge of where the potential problems might be yes, right now I see a lot of my colleagues being very excited with 5G not in the typical way of we move from 2G to 3G 3G to 4G and most of the MNOs the main focus was consumer while with 5G and I think this is a great step at Telcos, 5G is a great opportunity to focus okay, consumers will benefit from 5G but businesses B2B, corporations, business to business can benefit from 5G and network slicing so on the paper, theoretically there are a lot of benefits but what we are doing is currently on the connected car vertical on industry 4.0 smart cities but we want to test and experience what are the concrete benefits if we can hold our promise does everyone here know what network slicing is is there anyone here who does not know what network slicing is everyone knows what network slicing is no, okay if I try to make it really simple today we are providing enabling a telecom pipe and you will have a number of handsets close to that base station and the ones who are here they take the network and the first come with network slicing we are virtualizing the core network all those switches and all technology from 20 years ago we are virtualizing our networks with servers software and so that's for the core network and the run, the radio access network the base station that you can see computing capability will be attached to the new base stations coming and we will be able to if you have a big telecom pipe we will be able to slice it in pieces and guarantee service availability into that pipe what all my friends from standardization have been working on starting from the core network but we need to experiment I mean of course you have announcements around 5G here and there but the big promise with 5G and the big possibilities with 5G are really that we telcos will be capable of doing much more than talking in a best effort approach there are still challenges with network coverage all of those challenges will remain but we will be able to focus on B2B use cases and come up with talk a language that the car industry is used to question thank you from UNICEF good that we talk about slicing I was wondering always if there is a contradiction between this technology and the neutrality of internet I think I will pass on that question I'm not sure I'm going to be able to take because obviously you can I mean this is a good question I can tell you that what we're looking at right now is much more trivial or much more to the ground and we're just verifying and experiencing and verifying if what is what seems to be possible with 5G if we can really deliver and hold that promise then there is always a risk I mean this is a possibility but yeah I mean I don't see this as a major risk in a short coming term we have time for one more question thank you Julian Marco floor is yours good afternoon ladies and gentlemen I'm going to be here my name is Mark Jantz I work for ASFINAC and ASFINAC is the operator of the high-level road network in Austria so we operate motorways there and I'm also working for the association of our association of the tolling industry I mean the tolled motorway operators in Europe ASACAP and maybe before I go directly in the topic of my presentation about tolling just to sort it out tolling is the mean of the member states the European member states to finance infrastructure to build, plan, finance and maintain infrastructure so in Europe we are living at toll of about 28 billion euros each year so this is the income of the member states for this we are using a specific technology on 5.8 gigahertz and this is it so if there's anybody who can convince me that we should change this technology please propose a nice business plan that we can talk about but coming back to my presentation I was wondering that I'm the only representative of road operators and road authorities in this symposium on the podium I was wondering if there's a need to convince anybody that road operators should play a role in cooperative systems or connected and autonomous driving I hope not but just to give an idea of what we are currently doing we are doing traffic I'm starting from the upper part of this picture so next to the real physical infrastructure we have already a digital infrastructure of course this varies from road operator to road operator but this is what my company is doing namely ASFINAC traffic surveillance, incident management information, road works information wide information we are already in cooperation with common manufacturers we provide connected vehicle information and all the measures we are doing along the network we are most of us operating fiber network next to our physical infrastructure and of course we have a big ASFINAC is the biggest network operating in Austria of a fiber network so why should this this is helpful obviously for our customers and for the automotive industry already today why should this change with the advent of autonomous vehicles I don't know I don't see a reason so now let's switch to our vision what we have today and what we might have in the future on the left picture you see today what we are dealing with today we have a variable message science to convey information to our customers we have navigation systems that will change in the one or the other year and it is obvious that the crucial question here is the communication question as we have already discussed all day long and it is obvious for us that we can only implement tested and verified technology so we will not go for any tests and making experiments when going for large scale implementation so I'm not aware if you know about the CRODS initiative it's a big European initiative heading for the implementation of cooperative ITS in Europe it's funded by the European Commission it has a budget of around 200 million euro and the implementation of CITS is taking place now so I can formulate that Austria will go for a tender for CITS this summer Germany is also preparing we are in good contact with France already clear science from France we have the announcement of Volkswagen so we should not discuss about the technology question for long range I think we are on your side let's go for cellular for short range I think as a matter of fact as we are going for implementation now it will be 8 or 211P we have tested this technology already for 10 years now we have tested with automotive industry we had last 6 test cycles in Austria we fought in OM and TRT1 suppliers and we will go for it I don't know how much you are involved in the European initiatives but as you might know the European Parliament has also a saying on the CITS and the framework for the conditions CITS should work in and recently they have drafted initiative reports which is basically a position of the European Parliament on CITS I have seen the final draft I think this will not change dramatically but what they have put in this policy framework is two terms backwards compatibility so any new technology which comes into the market needs to be backwards compatible and they have implemented the second term interoperability I think those two terms are the framework for the conditions we have to work with and I hope anybody doing technology will follow that so saying that I think we have done a lot of in the last few years now it is time to harvest our efforts to go for real implementation still 25,000 lives are killed on our roads so there is no need to wait for any other new technology which might have a problem but let's go for it now thank you thank you Marco so if I can summarize what you said is in order for from the point of view of the road operators in order to deploy automated mobility services we need to have DSRC implemented as soon as possible so if you have any questions or would like to make any points about that I may have one question are you do you have a business plan where you are going to equip every RSU along the road with 11P there will not be full coverage it is obvious but already today we act as service provider we provide apps we clean our toilets on the rest areas so we are service provider anyhow so if you buy a vignette on our network it is our occasion to give you a nice service and if the services one of the bundle is to provide you with CITS services like defined in the CITS platform of the European Commission then we will do it and the cost when you compare what we are the cost of building roads to compare it of equipping with ITS equipment this is marginal, this is neglectable we have a question back there you honest? one question with regard to the infrastructure you are providing the variable speed signs and so on and so forth do you have a plan to provide this information which is produced by these traffic infrastructure do you have a plan to provide this information on a back end API so that I can receive the same information not on a side link channel directly at the street directly at the road but via a back end server maybe operated by ASFINAC with of course short latency maybe 200, 300 milliseconds but maybe it can gain the same benefit as a side link technology I don't know if you can meet the 200, 300 milliseconds but at least I can say I think we have it since 5 years so already now we have service providers the known one, like here, Nokia, TomTom all the others here we have also in cooperation with some of the OM's they are already testing with our data okay so it's already in the car at least we know that service providers are getting data from us can you say some words about the latency so what is the latency between change at the variable speed limit up to your back end server and down to a car which receives the same information via a network I don't have the information okay we have another question back here the variable message signs are not harmonized in Europe they are not harmonized globally either in Europe they are not at least I'm aware of one country where even within the country the same message sign may mean different things in different departments so there is an issue and for your information the UNEC working party one which is the road safety platform has started to deal with the harmonization of the variable message signs and the idea is should they be eliminated because of the technological changes doesn't matter because at the end of the day they will have to be harmonized so it is a little bit marketing or advertisement that please bear in mind that is happening nonetheless physical road signs are still around they are supposed to be harmonized but they are not fully harmonized and there is UNEC project which we started when I was there and it's about to come to a closure which developed the software and collected all the images of the physical road signs of countries that are contracting parties to the Vienna conventions and I think soon it will have to be available publicly on the ECE website so you can see in which country what kind of sign means what they use. Thank you. I know one country and it's the country that I live in where the road authority has determined conclusively that they are not going to put roadside units on the roads so at some point in time we are going to have to deal with this issue that there may not be a consistent coverage of roadside units all over Europe and they certainly won't they aren't planning to put any in the United States that's another point one last comment on this Marco. Yes but then I want to come back to the two terms interoperability and backwards compatibility so if we manage to have this hybrid approach with different technologies I think then we are on the safe side. But the car companies are sitting there saying do we have to put DSRC and this is the whole issue with CITS do we have to put in DSRC because Austria is going to have roadside units which are based on DSRC something for the next issue. One just quick point more than 10 years testing is completely absurd in the communications world and there's been no technology that's ever gone through more than 10 years testing and I suggest you look at maybe the problem is that the underlying 802.11 P technology is fundamentally flawed and I know your comments and I've heard it already since years now but I want to say that these 10 years of testing is not about technology testing it's about agreeing on cooperating on defining use cases and prioritizing use cases and then implementing it so it's not about technology itself it's as I don't know who said it in one of the sessions there wasn't a cooperation until now between the car manufacturer and the road operator until now apart from the tolling but this is dramatically changing now thank you very much Marco thank you for being very clear about what Austria is going to do okay our next presenter panelist is Nigel Jeffries I once gave a presentation at a conference where everyone there was a dedicated user of road tolling and my presentation was about why road tolls are bad I understand the position okay good afternoon everybody we're glad to be here to talk about some of the research that has been carried out by WWRF Wilders World Research Forum members in the field of connected vehicles the Wilders World Research Forum of which I'm the chair is the global body that brings together academics and industry members to discuss research in mobile communications and try to define a research agenda to take us forward towards the Wilders World of the future I'd like to thank my colleagues Professor David from Castle University in Germany and Professor Mohan from UA Little Rock in the States for their contribution to this work which I'm presenting here Professor Mohan leads the connected vehicles working group in WWRF what I'm talking about is just one of the aspects of connected vehicles that that group is looking at the question I'd like to raise is whether we're doing enough at the moment to consider the requirements of vulnerable road users in our development of the connected vehicle for instance studies have shown that pedestrians comprise over 20% of road fatalities worldwide and that's over a quarter of a million worldwide a year in analyzing these figures we find that 80% of those fatalities are people who are crossing the road rectangularly or that is crossing the road perpendicular to the flow of traffic and in 30% of these cases there's some form of obfuscation involved so that's typically the case where somebody is stepping between parked vehicles at the side of the road and then and this prevents drivers getting a clear view of what's going on so what's to be done in this case the automotive industry is already considering both passive and active approaches to protecting pedestrians for instance in the passive case there are changes in the design of cars and other vehicles that mean collisions with pedestrians are less harmful to the pedestrian vehicles including impact absorbing bonnets and external airbags for instance and there are also more active technologies involving the use of radar and cameras to detect potential problems ahead but the disadvantages of these approaches that they are not 100% reliable I think it's susceptible to weather conditions and so on and they often only work when the pedestrian is on the road and clear of any obfuscating obstructions so here's a sort of typical environment we're talking about where you have a busy street with parked cars between which pedestrian is walking there are numerous other pedestrians walking around as well in the area in different directions all liable to change direction at the short notice if we assume as usually the case that the pedestrians are carrying active smartphones we can use the connecting vehicle technology to detect a problem and alert all the road users including the pedestrians that are affected this could use direct mode communications between pedestrians vehicles or cellular communications with access to a central server implementation of cellular v2x will provide both short range direct communication and long range cellular networking and of course of all these nodes will be based on 3GPP technology so as well as cloud based operations there will also be edge computing which will enable much faster response to emerging situations being 3GPP based this technology will be incorporated into smartphones and devices whereas implementation of competing technologies such as 802.11p in smartphones so to summarize there's an important challenge in the industry in doing more to protect vulnerable road users including pedestrians existing and potential passive active solutions are not sufficient but connected vehicle based solutions could help provide the answer and emerging 5G technologies with low latency, high capacity and facility for direct communications are well placed to support this work here's a question it's not so clear for me how you can distinguish between pedestrian how you can localize the relative position of the pedestrian with the car in order to understand if the pedestrian is really in the path of the car or not you need localization relative localization under the meters something like this relative yes you do need good relative localization and that's the subject of the research that's going on to determine whether that is achievable using these technologies I agree that's very important and it's a challenge I think pedestrians are very unpredictable creatures I think identifying where they are and where they're going and what they think they're doing is a challenge of that 20% of road fatalities how many of those are younger children who may not have a cellular phone and who may need a chip inserted in their backside that's a good question they are particularly vulnerable road users and they are not generally particularly young ones equipped currently with phones people increasingly looking at supplying younger children with some kind of device which is not a phone but maybe a chip that's inserted in them or a tracking device that's on them so they can be located if they're missing that kind of thing so there's potential to use that technology I just have a quick question for the audience how many of you have pets that you have some form on them any of you one two my wife so this is something I've got a question here very quick very quick it's working I wanted to try to help this can happen of course that there are safety systems which are not working in 100% of the cases but each time we can save a life we take the chance maybe some children won't have a cell phone but if we could save some life we would take it I think my question has already been asked obviously it's probably the one with kids it's assuming that people will have how do you make it work for people who don't want the app who don't want to have their phone continuously ringing telling them there's a car somewhere around on the pedestrian side so you're assuming I think with your model at least some sort of are you assuming pedestrians will want to participate in your v2x communications same for cyclists assuming that they would willingly download something and participate are you assuming that there will be just the signal of their phone being used that's yes I assume that many people will want to be involved and if many people are then that's good because as you said it will save some lives the question whether you use information passively without the consent of the user is one we've got to look at carefully I think are you saying you could put it on the watch yeah I thought he was telling me he was going over time yeah exactly I'd say this is one take away from me I don't know how you feel but this idea, this whole concept has really gotten to me so I think this is a really important one I think we're going to need to go to our next session our next speaker thank you very much Nigel so Manuel please so good afternoon to everybody my name is Manuel Marcio and I'm the general manager of Conebi Conebi is the confederation of the European bicycle industry we represent not only bicycles but also pedal assist electric bicycles and parts and accessories industries in Europe please let me say one thing first of all we're not thinking of putting any chip inside cyclists so it's out of our scope I would like first of all to thank very much the UNEC the ITU for for a kind invitation so we're here today to discuss connected mobility we're sure that in the mobility context bicycles and electric bicycles will play a major role they will be connected and they will represent an important element of the internet of things ecosystem but from a practical point of view it is not easy for human drivers to see cyclists on the roads to predict their movements and at the same time bicycles are generally considered either the most difficult detection problem that autonomous vehicle systems are currently facing just to give you some numbers only in 2016 almost 20 million bicycles were sold in the European market out of which over 1.6 millions were pedal assist electric bicycles this is a new trend and the market for this type of means of transportation is growing very much in 2017 more than 2 million units were sold in the EU so numbers are growing but not only the EU as is this becoming a global trend now what are some of the main trends in cities this is really important for us what is the context in which cycling needs growing so we see increased pollution population growth expanding urbanization and increased mobility and pressure unaccessibility but what is the major concern let's be honest without any doubts the main concern for the bicycle industry is safety indeed we need to find solutions to make cycling safer we're basically talking about a multifaceted problem while some cyclists don't know how they're supposed to behave and sometimes unfortunately want to behave in a safe and respectful way some drivers don't know how to properly share the road with cyclists moreover infrastructure in many places doesn't facilitate peaceful coexistence on the same roadways between cars and cyclists therefore the bicycle industry started to work on creating AI-based bicycle to vehicle communication systems to help the drivers get alerts in this slide you will find an example of cooperation between TrekBicycle and Tom a tech company based in the US that has coordinated its work with Ford Automotive from a practical point of view the pillars sustaining the process of their work are heat map danger zones as an AI system to identify the most dangerous situations based on a variety of environmental variables mainly with data coming from bicycle computers two broadcast positions to get the cyclist location from bicycles and accessories three create alerts by looking for cyclists and vehicles that are at high risk based on location, time and environmental conditions and fourth vehicle notifications which means providing OEM API access libraries, reference applications and radio frequency hardware at the beginning of this slide I mentioned the concept of danger zones examples of criteria to create danger zones are for example the road characteristics and relate environmental features but also the cycling community who knows what roads are the most dangerous and previous accident data to cut the story short the bicycle industry aims at providing open standards and software must be accurate and meet existing OEM user experiences and HMI requirements for notifications so the main concept of this presentation is that bicycles will definitely have to communicate with the other vehicles as well as with the road infrastructure this interaction will allow road users and traffic managers to share information and to use it to coordinate their actions the cooperative element enabled by digital connectivity will significantly improve road safety and traffic efficiency helping cyclists and the other road users to take the right decision and adapt to the traffic situations the bicycle industry deems that the proper deployment of harmonized CITS services is key to this objective and agrees that interoperability is must it is unacceptable that road users nowadays could die on roads because vehicles cannot communicate with each other due to non interoperable communication systems so deploying the necessary technologies and boosting user uptake requires an appropriate regulatory environment that is why in conclusion Konebi welcomes the valuable work of the UNEC of the ITU but also of the ISO and of all the institutions working on these topics also at regional level like in Europe and believes it is of extreme importance for all stakeholders to work together within those organizations thank you very much so question my question is about the chip you mentioned at the beginning because it's clear that children probably doesn't have cellular phones but cyclists can have it an easy way to make them more safer why do you exclude something like this use cell phones for cyclist safety yeah so first of all that was without any doubts a provocation we don't know what's going to happen in 20 years if we're all going to have chips in our bodies but to be frank I think it's a matter of safety and we will have to find solutions for everybody's safety so if that means to have I don't know a phone or smartwatch or whatever it is to make everybody safe well let's see but that should be the direction that we have to follow what about the obvious step of equipping every bicycle that's sold with the telematics unit with it's just like we're doing with cars good question so that's only a very short introduction it was a lot longer I can guarantee it lots of good information to stick to my five minutes and actually if any of you would like to have more information on the several projects that the bicycle industry is trying to implement and implementing please send me an email and we'll give you more information now here there's no slide about for example bicycles of the near future they will have sensors they will be equipped accessories that will allow basically cyclists to be detected by car drivers for example so it's not a question of again putting cheap in people's bodies or to force everybody to have a smartwatch the main idea is to have bicycles equipped with the necessary equipment in order to be able to be connected to all the vehicles on the first lecture I wonder how well the mapping industry is doing with mapping the bicycle path is that something that's been taken to hard or is it something that is kind of anyone know anyone want to I speak Google is crap if you take I think you mentioned Google is crap if you take for instance the crowdsourced data of Strava where cyclists applied their data Strava is calculating roots and popularity that's really much better but um private opinion here's a question this is more from a cyclist's point of view very good I can see the benefits of cyclists telling vehicle from usually isn't the cyclist it's the vehicle driver certainly in London they're unable to not drive in cycle lanes or they actually the rules of the road so telling them that there's there's bicycles on the road actually doesn't improve safety that much so it's kind of it also needs to have something in the vehicle to actually kind of make the drivers or the vehicle drive where they should be that's my cyclist so thank you first of all thank you very much for the question I think it's a behavioural problem it goes on both sides like I said it's not just the person driving a car that is not behaving it's not the cyclist not behaving sometimes you see people not behaving by driving their cars out into car drivers even if they're wrong so it's a behavioural problem now if I think of London for example from a cycling point of view London is becoming a great city you have cycling highways to go to Westminster for example I did it less than six months ago and it was amazing so you have segregated paths you can cycle whatever like you know whenever you want you have no problems coming to your path so I think it's a question of changing behaviours it's a matter as well of having more and better infrastructures and we see that when and where we have more better infrastructures we have more sales that's the trend okay we're getting close I think we need to make sure that our last speaker has sufficient amount of time please wait if we can Philip I happen to know that Philip is also a cyclist I would prefer to speak about cycling but okay I have to do my job we can meet and discuss about cycling after the event okay in case you don't know Bix maybe just one sentence Bix we are an international carrier telecom company for the Swiss people in the room if you leave Switzerland it's very likely that you will be on our network to make your phone work abroad for all the non Swiss who are in Switzerland it's very likely that your phone is working thanks to us that's one of the things we are doing now I'm not speaking about that I'm trying to explain today why it makes sense for an OEM car manufacturer to be an MVNO I would explain that and this slide when I prepare it it felt like preaching to the choir right now even more focus on one point that if you take the entire evolution if you look towards the future and it has been presented on this panel by Huawei but also it was mentioned several times today 5G is coming 5G is not one solution it's multiple solutions it will have a dramatic impact on the core network that's important for what I'm going to present afterwards and therefore it's important that car manufacturers OEMs take the right decision today on their communication architecture because it will have a huge impact on their flexibility in the future so now what's the baseline of my story it's about control and convenience but let me start by explaining what I'm talking about MVNO is a real telecom operator the only thing it doesn't have is the radio access network so you can have a core network you can have everything but he leaves the radio access network to the local oranges, dodgy telecoms and so on and he will offer services to customers without radio network so in this case the essence, the heart of a mobile operator is the core network I think the name says itself and one important parameter there is more is the IMSI, the IMSI is the mobile identity that mobile identity will use you to allow you to go abroad to be recognized etc now the good thing is that you can combine different mobile identities in one SIM or in one car so for instance for instance one SIM could have a local mobile identity or a car manufacturer could acquire a global mobile identity an IMSI 901 something like for satellite networks that are attached to one country they could get one from us but it could also get one in some countries where for regulation or for commercial reasons it's better to have a local IMSI so there the basic idea is that with the right combination of IMSI's you can cover the entire world with one SIM card now this is my don't worry this is already my last slide we see six good reasons why a MVNO solution is the better solution for OEMs first of all it gives innovation independence today almost all of the day was about innovation if you want to launch innovative services and you want to do that on a global level it's great to have your own core network that you control yourself and you decide yourself when you upgrade it you do the only ones for the entire world and you can roll out your services there I already gave away my second point is that if you have only one platform instead of having deals with operators in different countries you can roll out more easily obviously you will not roll out your new service in all countries at the same time but you can the effort is less and this is maybe the most important one if you take of your bottom line very often you will see solutions based on eSIMs but bear in mind that every eSIM profile corresponds to the core network of one operator so if you switch the eSIM profile so the physical sim stays the same you switch the profile from one country with the profile of another country the entire core network integration changes so think of 5G everything you did doesn't work anymore you have to do it again and I think it was mentioned several times today, the data ownership I think even General Motors asked the question and also this beautiful presentation with the analytics with Cinepro for instance to be able to show that you need the data if you are a mobile operator yourself you have the data all the data of all your users are on your platform, the location so you have full control you don't have to negotiate with other parties to obtain those data security so this is the logic of the day where I can only add my small piece if you are an MVNO you get all the data unfiltered from the network so you see the signaling you see exactly what's coming out of the device you have full control and also I think there was a beautiful slide about security with red, green and blue you can set policies and obviously for telematics you will be very strict you will only allow certain protocols for the hotspot in the car that you don't care whether they go on Netflix on Facebook or whatever so there, since you are in control you set the policies yourself you have full control and the last point already since you have control you combine different mobile entities or IMZs you can in each country assure that you have the best coverage maybe in some parts of the network sorry, in some parts of the country that operator doesn't have great coverage no problem, you add a third or second or third operator and you achieve the full footprint so just to conclude the main argument to summarize in one sentence the advantage of an MVNO solution is that it gives a OEM full control at the same time the complexity is very low real complexity, technical complexity handled by experts such as us thank you very much and I leave just the last slide so that you know something about it thank you Philipp we have a question at the back and then we have a question right here will not be denied thank you very much for this interesting presentation I have a question for as an MVNO how do you guarantee a quality of service that needs to supply autonomous driving there as a carrier we handle roughly 20% of the roaming traffic worldwide so there we sit directly on the signaling, we are directly connected into the operators we've got an excellent view on the quality that's one, secondly if you want the best quality the best guarantee is to have multiple networks in one country, the best operator all the premium operators here on the table they are never the best in the whole country and they can never guarantee that they have 100% availability so if I were to build a solution I would love to have an access to all networks available just one comment on this last point I mean you are making some interesting points for the car industry that last point you make is not valid anymore I mean pure player traditional MNOs are working on the 901 basis for IoT and machine to machine so there are no white zone we roam with an orange SIM card on the network of competitors in those countries thank you, I fully agree as an engineer I will not contradict but at the same time your argument validates that we use the same technology, we are both roaming so the essence of the solution is roaming this is what the company has been doing since roaming for data was launched so there we can guarantee the best SLA that is available on the market of course this is the subject of a maybe one and a half to two day panel discussion on just this because we are going to get to your question but the main question that I always have when I hear this is why haven't we done it yet I mean I have been working on this but personally working on this in China, North America Europe and Russia and the MNO solution just never came up to being the one that was selected so we haven't done it yet it's a very interesting and difficult question definitely one of the reasons it has been set when you received the question about slicing when I started in mobile it was in 1999 I got a training in Siemens, Siemens left the industry in the meantime and there in the lab they showed you each function HLR was a component of the rack I don't remember the price must have been extremely expensive now all these functions are applications that are in private or public clouds and are very scalable so there is technical solutions available 5, 10, 20 years ago so the we are still talking about an HLR of course for 4G it's an HSS but the technical solution is totally different this allows this global deployment that would have been extremely expensive 10 years ago we have a question please my question is actually was triggered by the remark of the previous speaker about behaviour and the interaction of bicycle riders and car drivers so the question is more for all speakers of today there's a lot of discussions about technology what's happening with technology how can we make technology successful human behaviour has not been touched actually today where we know as good as technology can be human beings can always be better and smarter than not make technology successful by sabotaging it by manipulating it, by not accepting it so there's a lot of companies, organizations, universities, UN agencies working on the technical solutions so who's working on the human part to make the technology successful no it's okay it was a question for the panel that's why I asked very good question not easy to reply to actually I think that there is the need to create more awareness for example in our case in cycling communities about how cycling should behave so it's the local community and I think for example that if we cycle more we are more in the cycling community so we are more in the local community so if we have a critical mass to cycle more we will have less but I'm pretty sure you will have a lot of people saying hey you, what are you doing come on stop, this is not correct so I think it's something we have to develop but it's not going to be easy at all but I think that there is a lot of work to be done not the point of view, yeah just wanted to say happily that we do at UNICD of course we talk about technology we have other working parties at UNICD talking about behaviors, road traffic etc. if we concentrate today on the technologies because we cannot format human being they will do always mistake etc. and that's the reason why we try with the technology to address these situations where the human being is not performing I'm sure that car companies in Sunday also have people looking at that part they cannot imagine that there is only engineers looking at technology I remember roughly 10 years ago the industry wanted to convince us to launch special handsets and build a special network for mobile TV where we searched project in Flanders and as an engineer I found the engineering part very boring because coverage as an operator we know how it works and we learned nothing new but indeed we had sociologists who did that part and really tested usage and acceptance etc. so we can only recommend indeed in such research projects even if 90% is hardcore technology engineering we also have some budget for sociologists who look at the human interface human behavior etc. I think we have a last word from Lisa before we close up our session so those that are providing mobility services are very interested in their current customers, passengers, travelers today and there is perception and then there is reality so there is perception through media about safety and things like that so some examples could be like in Switzerland post bus they were very concerned about the passengers and what it would be let's say for autonomous vehicles are combined and they did research and studies about this and then there was a kind of low level acceptance and issues of safety, privacy things like that and then the service was integrated into the transportation system and they tested again after and it slowly adapted but part of it is who is providing the service and how you integrate that and how you are able to communicate that to the public the other part is media because some of it is just fear and not having had that experience so it's those that are providing the services I think that ultimately have to be working closely with the public thank you Lisa alright thank you very much to the panel I think most people feel that they could go on forever but we know that we have to do come to an end thank you very much for listening thank you thank you the last panel of the day ladies and gentlemen I would like to use this opportunity for closing the day, the day was full of interesting discussions we started with road safety potential of connected and automated vehicles we have seen latest available technology of driver assistance systems like the General Motors Super Cruise system we have been updated on the G5 system which is there or close to be there also the security threat that is still there has been clearly shown in the case and also on the latest update of the work on the task force and cyber security and over the air software update we had interesting presentation the potential of connectivity for the infrastructure and finally vulnerable road users their safety and the safety of bicycle riders I also would like to thank the collaborative efforts of ITU and UNEC I would like to give a hand to Anna Maria Stefano Fred for the communications and Francois from UNEC and many others that are working in the back to make this event happening I would also like to thank the program committee speakers, moderators Pal Expo of course our sponsors who would not have let us survive without them through the days thanks to DECRA, Qualcomm and Green Hills and finally many great thanks to you participants. Thank you very much I would like to thank the team that I'm the director of this TSV I have an honor to close this is our way of working my feeling is we are now talking about this vehicle industry talking about 5G Telcos talking about vehicle or OEMs couple of years ago we are talking about each other we are just looks like image of this elephant but today my feeling is we know each other more hand full more details even we have a new newcomers let me say newcomers partially our new stakeholders like NVNO we have a new vehicle communities I remember myself as I was in the CES this January there is another pedestrian we have to take into account some of the electronic supported pedestrian mobility someone developed one of shoes related support electronic supported shoes 10 miles 10 miles per hour it's another high speed movement now we are in this situation but anyhow today we recognize this is great we are very close now all these discussions will be realized very soon so my feeling is looks like today there is an ITU but as I want to say today just only today my feeling is intelligent telematics union this is my feeling now today so I wish we will continue for your information next tomorrow we will have from 9.30 in the morning if we have ITS communications collaboration works of the standard areas in ITU we will continue this so everyone is invited so if you want to visit ITU 9.30 in the morning tomorrow and the next event of the future network car 2019 as usual we will again have a first public day it's a great opportunity another one this September 6th to 7th ITU plan to organize very similar event with the China Ministry of Transport we have similar workshops in China Nanjing so I also invite you to join with us having said that it's a really great great day next year also thank you very much all your participation thank you