Das Paper „From SOC to VSOC: Transferring Key Requirements for Efficient Vehicle Security Operations“ von Jenny Hofbauer, Kevin Gomez Buquerin und Hans-Joachim Hof aus dem CARISSMA Institute of Electric, Connected, and Secure Mobility wurde für die 21. ESCAR Europe akzeptiert. Hier der Abstract:
„The prioritization of passenger safety and comfort in the automotive sector lead to the research and development of technologies such as seat belts, airbags, driving assistants, and autonomous driving. These technologies bring advantages and new, unique dangers in the area of Information Technology (IT) security. Most enterprises have established a Security Operations Center (SOC) to protect their IT systems from security threats. Due to the changing threat landscape, increasing hacker attacks, and unique challenges, introducing a dedicated Vehicle Security Operations Center (VSOC) is critical. This paper defines in which aspects a VSOC that specializes in protecting vehicle fleets has to be adapted to the application area compared to an enterprise IT SOC. The aspects are found by defining all primary SOC capabilities from existing literature on a non-domain-specific SOC. Determined by the definition of a SOC, requirements of current regulations and best practices of IT security in the automotive sector are collected. Based on these minimum requirements, the differences between an enterprise IT SOC and a VSOC can be discerned using coverage, people, technical, governance, and compliance metrics. This approach shows that the methods, procedures, and technical solutions used in an enterprise IT SOC can, for the most part, not be implemented in a VSOC. By defining the minimum legal require- ments of a VSOC and giving an overview of the unique challenges of protecting a vehicle fleet, this paper offers a concrete basis for the design and practical implementation of a VSOC.“