Auto-ISAC Summit 2023: A Summary

Robert Vamosi
November 2, 2023
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

The Auto-ISAC held its 2023 Summit on October 17-18 in Torrance, CA. Read on to learn the main topics discussed at the summit.


The morning sessions were introduced by Stephen Roberts, CISO of Honda and Auto-ISAC Board of Directors Secretary. 

The opening talk was from Ann Carlson, Acting Administrator of the NHTSA (National Highway Traffic Safety Administration), on her organization's approach to vehicle cybersecurity safety risks. 


A panel discussion then followed with representatives from Nissan, Cruise, and Aptiv joining Deloitte to consider how AI might influence things for the automotive industry. Dr. Alfred Chen, Assistant Professor of Computer Science at UC Irvine, amplified that automakers will need to consider various threats already presented by AI when creating learning models in the future. 


There was also a panel discussion on implementing R155, the UN resolution that seeks to combine various country-or-region specific regulations. 

The afternoon sessions continued the discussion of AI's impact, including a discussion of threats that may be possible. 

The afternoon sessions were introduced by Kevin Tierney, VP Cyber Security/Chief Cybersecurity Officer of GM and Auto-ISAC Board of Directors Vice Chair.

There was then a champagne reception and an opportunity to visit the two dozen vendor tables outside the main conference area on Tuesday night.

Electric Vehicles

Wednesday morning, the sessions continued, with a shift toward electric vehicles. Jay Joseph, Vice President of Sustainability & Business Development at Honda, gave a presentation on his company's first electric vehicle, which will be coming to market in 2024, and the plan to have their fleet become fully electric. 


The morning sessions included presentations from Auto-ISAC-Europe and J-Auto-ISAC. Oliver Creighton, Vehicle Cybersecurity Specialist of BMW of North America and Auto-ISAC SBOM Working Group Vice Chair, presented on the progress of the SBOM working group. 

The morning's sessions were introduced by Josh Davis, Vice President and Chief Cybersecurity Officer of Toyota and Auto-ISAC Board of Directors Chair.

Oliver Creighton presents results of the SBOM working group at Auto-ISAC Summit 2023

The afternoon sessions continued the SBOM discussion with a panel. This shifted into an EV discussion panel and then a technical discussion of security for electric vehicle battery plants. 

Battery Enabled Vehicles

One surprising presentation was on the disruptive future presented by Battery Enabled Vehicles. The scenario suggested is that a vehicle could charge at work using solar or wind and then drive home and either sell that energy back to the grid or power the home at night. This would significantly alter the power utilities, as they would both sell electricity and buy energy. 

This electrical redistribution has been talked about before; however the sheer scale of this disruption had been unclear. Nakia Grayson, IT Security Specialist and Project Manager of the National Institute of Standards and Technology (NIST) then presented the newly adopted NIST IR 8473: Cybersecurity Framework Profile for Electric Vehicle Extreme Fast Charging Infrastructure.

Automotive Software Supply Chain

The afternoon wrapped with a discussion on the automotive software supply chain and then closing remarks.


Share this post

Add a Little Mayhem to Your Inbox

Subscribe to our weekly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

By subscribing, you're agreeing to our website terms and privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Add Mayhem to Your DevSecOps for Free.

Get a full-featured 30 day free trial.

Complete API Security in 5 Minutes

Get started with Mayhem today for fast, comprehensive, API security. 

Get Mayhem

Maximize Code Coverage in Minutes

Mayhem is an award-winning AI that autonomously finds new exploitable bugs and improves your test suites.

Get Mayhem