Cybersecurity is a growing concern across the auto industry. GM has chosen to lead in this space by forming an organization – Product Cybersecurity - dedicated to the cybersecurity of its vehicles and associated connected services. Within Product Cybersecurity, The Risk Analytics group develops situational awareness on in-vehicle and external threats, coordinates incident response, develops, deploys and refines risk assessment frameworks, defines security controls, and governs the overall vehicle security function. A key element of the ability to monitor the status of in-vehicle threats comes from the ability to monitor performance and compliance of in-vehicle network communications to design parameters.
About the role:
The In-Vehicle Network Intrusion Detection and Prevention System (IDPS) Engineer is a newer role in the automotive industry and as such requires one to operate in a new and rapidly evolving technical area. The person in this role will help develop and maintain cross-functional design and test requirements for an in-vehicle network intrusion detection and prevention system deployed within vehicle electrical architectures. The role is best served by someone who enjoys staying abreast of embedded security trends, technologies, and best practices and is willing to use that knowledge to continue shaping and guiding the in-vehicle network monitoring strategies.
Major Duties and Responsibilities:
The In-Vehicle Network Intrusion Detection and Prevention System Engineer will work with a GM IDPS Domain Architect and other system engineers and subject matter experts (SMEs) to:
- Contribute to the identification and development of vehicle IDS operational and test requirements based on industry experience, best practices, and academic research.
- Work closely with subject matter experts in product cybersecurity, off-vehicle communications, and ECU and network design to develop a secure IDS that identifies and reports anomalous in-vehicle network events.
- Identify cybersecurity design risks that apply to the operation and maintenance of the IDS system and subsystems.
- Ensure the proper execution of IDS requirements within GM vehicle subsystems.
- Partner with the GM Advanced Technical Work organization to mature advanced IDS concepts into production content.
- Bachelors degree in Systems Engineering, Electrical Engineering, Computer Science, Computer Engineering or other related field or equivalent experience.
- A self-starter with a strong technical curiosity and desire to continuously learn.
- Ability to handle ambiguity and make decisions and recommendations with limited data.
- Ability to work independently and as part of cross-functional teams.
- Understanding of major automotive subsystems and the automotive component lifecycle from sourcing through vehicle production and service/warranty processes.
- Understanding of microcontroller operation and operating systems. (Linux-like and embedded)
- Understanding of software and hardware design processes.
- Understanding of failure mode and effects analysis methods.
- Working knowledge of automotive communication protocols including CAN and Ethernet.
- Working knowledge of the ISO 144229 Unified Diagnostic Services standard, parts 1 and 3.
- Experience writing technical requirements/specifications.
- Ability to create system level diagrams (context, logical, physical, deployment) and the necessary documentation when required.
- Ability to coordinate requirements development with other activities within the enterprise.
- Ability to reconcile future IDPS program enhancements with near-term execution to identify design and implementation issues.
- Ability to negotiate design and execution trade-offs among potentially conflicting program features and timelines.
- Strong knowledge of embedded system cybersecurity controls and in-vehicle network protocols.
- Experience with and/or knowledge of technologies and processes used to secure embedded systems and communication protocols.
- Experience documenting vulnerabilities, identifying and prioritizing threats, and defining mitigation action plans.
- Knowledge of the GM implementation of the ISO 14229 Unified Diagnostic Services specifications.
- Knowledge of GM in-vehicle network communication design processes and tools.
- Experience with documenting issues using existing GM documentation tools. (ESIMS/PRTS)
- Experience with embedded microprocessor-based devices and systems.
- Experience with automotive serial data tools. (Vehicle Spy, SocketCAN, etc.)
- Experience with vehicle infotainment, telematics, or navigation systems.
- Experience with ISO 26262 compliance.