Web and automotive
W3C workshop, 14-15 November 2012
Pierre GIRARD, security architect
Gemalto is providing digital security solutions to numerous markets including mobile telecommunication, banking and online authentication. Gemalto has a strong focus on Machine to Machine solutions and is serving the automotive sector in particular. Starting from its experience in the current automotive environment, Gemalto would be happy to share its viewpoint on the introduction of web technologies and the associated security requirements.
As a general trend we see that specialized hardware (like GPS box, eco-driving box, speed camera alert box, multimedia box ...) is now virtualized as an application on a general purpose on-board computer. Car manufacturers expose API to applications that can use it to read vehicle parameters or even trigger actions on it. The next step will most likely be to migrate some native apps to web apps. In this context, we would like to discuss the following points that, in our opinion, should be taken into account when designing a web based environment for cars:
We believe that if these safety, privacy and security requirements are taken into account at the design stage, it will result in a trusted ecosystem that will benefit to manufacturers, service providers and end-users. As such we recommend that the web platform, when evolving to adapt to the automotive market, makes sure that components meeting above stated requirements are developed.