Panasonic Automotive Systems Co., Ltd. is broadening its VERZEUSE™ lineup, which focuses on automotive cybersecurity innovations. This expansion addresses security requirements throughout every stage of a vehicle’s lifecycle—from design and implementation to evaluation, production, and operational phases following vehicle shipment.
This enhancement introduces tools to automate cyber security processes that were previously carried out manually, boosting efficiency and ensuring high-quality standardization in security measures across the vehicle lifecycle. Among the highlights is VERZEUSE™ for Virtualization Extensions Type-3, a novel containerized virtualization security solution aimed at countering cyber threats targeting in-vehicle software. This innovation has received strong positive feedback from automotive manufacturers and has been newly adopted for in-vehicle applications.
The latest addition to the VERZEUSE™ series will be showcased at EdgeTech+ 2024*1, taking place from November 20 to 22, 2024.
<Development Background>
Recently, the frequency of security threats, including cyber attacks on vehicles, has escalated. This is particularly true with the rise of software-defined vehicles (SDVs), which have enhanced functionalities through software, and the ubiquity of connected cars. The UN Regulation UN-R155 took effect in January 2021, impacting new vehicles*2 in Japan and Europe as of July 2022. To meet the requirements of UN-R155, there is an urgent need for establishing a cybersecurity framework aligned with ISO/SAE 21434.
In response to this landscape, Panasonic anticipates increasing demand for comprehensive security measures across all phases of the vehicle lifecycle, from development to shipment, in addition to the need for streamlining the considerable workload associated with dealing with vulnerabilities.
<Features of the VERZEUSE™ Series>
1. Delivers tailored solutions for every phase of the vehicle lifecycle from development to shipment (design, implementation, evaluation, production, and operation).
Enhances standardization and streamlining of security measures by connecting input/output data in each phase.
2. VERZEUSE™ for TARA (Threat Analysis and Risk Assessment): Innovations compliant with ISO/SAE 21434 that significantly lessen the workload by automating threat analysis during the development and design stages.
3. VERZEUSE™ for Virtualization Extensions Type-3: A solution for attack detection and protection that adapts container technology to safeguard in-vehicle software, now adopted by automotive manufacturers.
<Detailed Features of the VERZEUSE™ Series>
1. Provides solutions for each phase of the vehicle lifecycle from development to shipment (design, implementation, evaluation, production, and operation).
This series enables enhanced standardization and streamlining of security measures by linking input/output information across each phase.
The VERZEUSE™ series offers cutting-edge systems for each stage of the vehicle lifecycle, from development to shipment. Information related to inputs and outputs of each phase can be interconnected through Panasonic’s Threat Intelligence database, which gathers threat data from various sectors, including factory automation, home appliances, and IoT devices.
For instance, the results generated in the design phase (1) with VERZEUSE™ for TARA serve as input for evaluating tools in the evaluation phase (4) and the post-shipment phase (6) with VERZEUSE™ for SIRT. Similarly, vulnerability assessment outputs from the evaluation phase (4) inform the post-shipment phase (5) with VERZEUSE™ for SIRT.
This inter-phase connectivity not only streamlines security procedures but also facilitates consistent management of security data throughout the vehicle lifecycle, upholding high standards in security risk management.
2. VERZEUSE™ for TARA: ISO/SAE 21434 compliant threat analysis tools that automate assessments, significantly reducing workload during the development and design phases.
![image: Benefit of using VERZEUSE(TM) for TARA. [Our Example]](https://news.panasonic.com/uploads/tmg_block_page_image/file/27633/en241024-2-2.jpg)
In the initial stages of vehicle development, even non-expert developers can simply fill out questionnaires to identify necessary countermeasures based on the characteristics of in-vehicle devices, thanks to Panasonic Automotive Systems’ Threat Intelligence which gathers data on threats, vulnerabilities, and security controls.
This innovative solution has been implemented across more than 80 of the company’s in-vehicle products. For example, it has been shown to reduce workload by up to 90%*3 for extensive products like navigation systems compared to traditional manual threat analysis methods. Automotive manufacturers employing this system have praised its effectiveness, leading to multiple consulting projects for risk assessment. More details can be found in the press release*4.
3. VERZEUSE™ for Virtualization Extensions Type-3: An attack detection and protection solution that employs container technology for in-vehicle software, now utilized by car manufacturers.
This innovation for in-vehicle software aligns with the security requirements*5 of next-generation cockpit systems that utilize a virtual environment. It monitors communication between software areas with high susceptibility to external attacks (like those associated with external virtual machines) and the vehicle’s core functional software areas (such as cluster containers). The monitoring function, situated in a secure container, ensures communication between secure and non-secure areas is conducted safely, blocking abnormal transactions and thus safeguarding critical vehicle functions from threats and enhancing overall vehicle safety.
Additionally, users can install optional monitoring functionalities through a plug-in via the security interface. This plug-in management capability allows for tailored monitoring based on specific communication characteristics without requiring changes to the application, making integration cost-effective for car manufacturers.
SOURCE: Panasonic
.
