Central solutions for IT-security in the automotive industry are mandatory
January 2023 by Christian Bücker, Business Director, macmon secure
With TISAX®, the German Association of the Automotive Industry (VDA) has created a standard for information- and cyber- security that is specifically adapted to the requirements of the automotive industry. The automotive industry is globally networked and increasingly developing into a software-defined product, keywords are driver-assistance (ADAS) and automated driving (AD) solutions. To ensure secure processing and trustworthy exchange of information between suppliers, the German Association of the Automotive Industry (VDA) has developed the TISAX® testing and data exchange process. To obtain certification, companies must meet the requirements set out in the VDA-ISA test catalog. This consists of three modules: information security, data security and prototype security solutions.
Information security is the main module tested in each assessment. The aim is to ensure that IT-security in a company is planned, monitored, audited, and continuously improved.
Overview, compliance, and access control for secure data traffic
By using a reliable Network Access Control solution, a constant overview of all devices connected to the network is provided. Device types can be grouped according to various criteria, such as location, network access and many others, and easily managed on the network. Network Access Control (NAC) thus provides a directory of all assets connected to the network, and offers supplementary information, such as the lifecycle or current location of the devices.
Pillars of IT security
NAC easily and quickly increases network security and protects key corporate assets from cybercriminals:
Separate event processing: information about devices and network devices detected in the network is processed, analyzed and alerts are also generated.
Incident management: Based on network events, various responses can be defined, such as an alert via mail, SMS, trap, syslog. This is followed by concrete measures, such as isolating a device.
Mobile device management: NAC supports the enforcement of security policies for mobile devices.
Network segmentation: Security zones depending on available resources and information are defined and protected from unauthorized use by NAC. The boundaries between segments can be defined by virtual networks (VLANs) or access control lists (ACLs).
Christian Bücker, Business Director, macmon secure, comments: "The requirements for information security in the automotive industry are growing exponentially. This is where our Network Access Control (NAC) can be used as an IT-security solution with its diverse modules. The acquisition by Belden now gives us direct access not only to the automotive industry as such, but also to comprehensive know-how in OT-networks. In the expanding Industry 4.0, security is transforming into a key technology as an indispensable prerequisite for accelerated value growth."