Webinar: Security and The Automotive Development LifeCycle
Nov 19, 2015
Cybersecurity, rather than being the aim of application development, often exists in opposition to delivery of software and software-enabled automotive systems. Even with multi-year product roadmaps, developers of automotive applications face the same pressures as their enterprise and consumer electronics counterparts. There are constant pressures to prototype, create and deliver software on-time and at budget, and to meet ever more aggressive lifecycles and shorter market windows. Consequently, software is often deployed with the “paint-still-wet” core functionality mostly in place, but without additional investment needed to harden applications and systems against cyberattack.
This webinar, presented by the GENIVI Alliance, will review the evolving automotive product lifecycle and examine ways and means to integrate cybersecurity as an integral part of software development. In particular, it will lay out best practices for “appsec”, including, security tools (e.g., for code quality), vulnerability tracking, supply chain security, pen testing, development vs. deployment configuration management, and security in both traditional (waterfall) development and agile environments.
Moderator: Bill Weinberg, Senior Director, Open Source Strategy at Black Duck Software read more
Panelist #1: Anuja Sonalker, Ph.D, VP Engineering & Operations, North America at TowerSec Automotive Cyber Security
Panelist #2: Mike Ridge, Founding Partner, Silent Cyber read more
Bio: Bill helps Fortune 1000 clients create sound approaches to enable, build, and securely deploy open source software across the enterprise, in the cloud, and on intelligent devices. With a career spanning over thirty years, Bill’s expertise bridges open source business and technology, development tools, application and system security, mobile/embedded software, and the Internet of Things.
Prior to Black Duck, Bill ran his own open source consultancy, Linux Pundit. Earlier, as General Manager of the Linux Phone Standards Forum, he worked to establish standards for mobile telephony middleware. As a founding team-member at MontaVista Software, he pioneered Linux as leading platform for intelligent and mobile devices, and as Senior Analyst at OSDL (today, the Linux Foundation), he ran Carrier Grade and Mobile Linux initiatives and worked closely with foundation members and open source community participants.
Bio: Mike Ridge is a Security Systems Engineer and Crypto Engineer with National Security experience. At Battelle’s CAVE team, Mike led the Government facing procurement work, led the evaluation of products developed and provided deep research support to the Battelle Red Team. At MITRE, Mike supported design, testing and deployment of Crypto solutions and secure networks. Mike led PKI security developments and mitigations on behalf of US Cybercom prior to moving into the commercial cybersecurity arena at Battelle. Leads training in Secure Design and Cryptography through the Information Systems Security Association. Has experience leading teams for Fortune 50 companies and the United States Navy. Mike has a BSEE from Rennselaer Polytechnic Institute and a MSEE from the George Washington University.