| Who | Motional |
|---|---|
| Logo |  |
| Where | Boston MA |
| When | 4/2020 – present |
| What | Principal Engineer, Cybersecurity Development Lifecycle Practice Lead |
Overview:
Motional (Hyundai-Aptiv Autonomous Driving Joint Venture) develops world class production-ready autonomous driving systems (SAE Level 4).
Achievements:
- Served as Autonomous Vehicle Cybersecurity Development Lifecycle Practice Lead
- Created and gave a presentation on the application of threat modeling tools to the issue of privacy
- Provided guidance to more junior team members
- Created summaries of cybersecurity-related ISO standards under development
- Work with cybersecurity management and project management to develop group schedule
- Deconstructed NCC’s Microsoft threat modeling tool template for autonomous vehicles
- Worked on the team which provided official SAE feedback to NHTSA’s cybersecurity guidance
- Participated in the efforts toward submission of multiple cybersecurity-related patent applications
- Twice served on joint MDIC / FDA / MITRE threat modeling bootcamp training staff
- Created a vendor Cybersecurity Interface Agreement (CIA) framework and associated guidance document
- Adapted the MDS2 for use in the AV space
- Created an Autonomous Vehicle Product Development Lifecycle (AVPDL) to harmonize ISO 21434 / 26262 / 12207 / 15288 development processes
- Worked with safety, systems, project management and development toward adoption of the AVPDL
- Member of the SAE/ISO 21434 committee
- Created an Autonomous Vehicle Cybersecurity Development Lifecycle (AVCDL) capable of satisfying ISO 21434 and UNECE WP.29, and overlaying an ISO 26262 / 12207 / 15288 development process
- Integrated NCWF and CMMC into AVCDL for roles and maturity respectively
- Authored primary AVCDL document as well as numerous associated process documents
- Developed a visual design language for use in cybersecurity process documentation
- Served as editor and advisor to cybersecurity SMEs providing AVCDL secondary process documents
- Created and gave multiple presentations to educate other teams and management on various aspects of cybersecurity
- Worked with certification body to validate efficacy of AVCDL
- Worked with safety group to ensure a coordinated development process
- Participated in cybersecurity requirements development based on my cybersecurity taxonomy-based gap analysis
- Worked with junior security developers
- Member of the ISO C and C++ committees
- Served as Secure Development Lifecycle Practice Lead for the Boston office
- Designed a taxonomy for cybersecurity requirements allowing for effective gap analysis
- Performed initial gap analysis of cybersecurity requirements
- Designed a high-level cybersecurity requirements organization to allow for more consistent adoption
Papers:
- Security Requirements Taxonomy
- Autonomous Vehicle Cybersecurity Development Lifecycle (AVCDL)
- Autonomous Vehicle Product Development Lifecycle (AVPDL)
Industry Participation:
- SAE/ISO 21434 committee (observer)
- Member of the ISO C committee
- Member of the ISO C++ committee
- Chair of ISO TS 17961 (Safe and Secure C Code)
