Securing the Future of Vehicular Automation

Maxime Mackieh, Head of Cyber Security, Punch Powertrain

Securing the Future of Vehicular Automation

Maxime Mackieh, Head of Cyber Security, Punch Powertrain

Envision a future where vehicles become potential tools of harm, wielded as lethal machines, instruments of terrorism, or even as means for extortion. This dystopian scenario is not a scene from a captivating movie; rather, it highlights the gravity of the challenges we strive to avert

Maxime Mackieh is an accomplished cybersecurity professional with extensive experience working for several European companies. He has been the functional safety and cyber security manager at Schaeffler Automotive. He is currently the Head of Cyber Security at Punch Powertrain.

In an exclusive conversation with Auto Tech Outlook Europe, Maxime reveals profound insights into the vast potential of cyber risk within the automotive industry.

Please provide a brief overview of your experience in the automotive sector and your current role within the organization you work for.

My journey began with a robust educational foundation in robotics and engineering project management from the prestigious University of Technology in Sydney. Fueled by an insatiable drive, I started my professional voyage at Delphi Customer Technical Centre in Luxembourg, establishing myself as a software and systems engineers specializing in powertrain-critical components such as diesel engine controllers, injection systems, and central powertrain controllers.

Building upon these achievements, my experience led me to Schaeffler Automotive in Bühl, Germany. There, I worked in functional safety as a software engineer, assisting in the development of groundbreaking applications for automated gearboxes, clutches, hybrid solutions.My contributions extended to pioneering and securing e-drive solutions for powertrain applications, contributing to the company's ambitions to secure a robust presence in the rapidly evolving EV market.

Driven by a deep passion for excellence, I also delved into the realm of compliance as a functional safety engineer, where I ensured the development compliance to the ISO26262 standard.

In 2018, my professional journey converged seamlessly with the domain of cybersecurity when I assumed the pivotal role of Cyber Security Manager at Schaeffler Automotive.

I translated and implemented the newly requested regulations of the UN/ECE 155 and 156, designed to regulate cybersecurity within the automotive industry. At the beginning we were simply reviewing the draft version of ISO 21434 and struggling with TISAX and ISO27000 requirements overall. I simply but effectively followed the guidelines of the ISO 21434 standard and its associated intrusive activities, and integrated it into our operational framework, ensuring future meticulous homologation of vehicles in alignment of the regulations for our clients.

Leading Technological Advancements at Punch Powertrain:

When Punch Powertrain approached me, there was a need for someone to guide overall security activities and establish a robust framework aligned with specific regulations. The scope of this endeavor extends of course beyond product development, encompassing diverse areas such as IT security, OT security, and the overall security of the production lines, that subsequently requires to adapt for the proper compliance and future certification.

Overcoming Challenges with Technological Ingenuity:

In an industry marked by formidable challenges, I absolutely recognized that political dynamics fuel restructuring initiatives through regulatory frameworks. Such regulations necessitate a comprehensive reassessment of workflow and structure, demanding the implementation of robust management systems.

“The rapid advancement of technology necessitates a relentless pursuit of knowledge and constant refinement of our systems. True mastery lies in comprehending the intricate mechanisms that underlie these technological marvels, enabling us to assert control and maximize their potential.”

On the other hand, I must navigate these hurdles by embracing the scarcity and associated costs of specialized professionals, acquiring these necessary resources to succeed over challenges, and safeguard the company’s future while securing its present.

Harnessing Technological Ingenuity and Best Practices:

I must strongly emphasize the crucial role of advanced technologies in tackling the complex challenges faced by the automotive industry. One notable example is the seamless integration of artificial intelligence (AI), which enables sophisticated testing methods like fuzz and penetration testing.

These AI-driven approaches are instrumental in identifying vulnerabilities and strengthening security measures. By uncovering potential weak points and addressing hidden vulnerabilities, these methods enhance system defenses and bolster overall resilience, elevating the effectiveness of both offensive and defensive strategies. On the other hand, unfortunately this can also be used by an attacker with malicious intends.

A Glimpse into the Technological Future:

I do envision a future where vehicles embody unwavering reliability, safeguarded against any malicious interference. In this vision, drivers embark on their journeys with a seamless fusion of comfort and security, shielded from the fear of potential failures or malicious attacks. I also acknowledge the advancement of quantum computing and its potential impact on cryptography, foreseeing its transformative capacity to revolutionize security systems. While aware of its potential to make existing encryption methods outdated, I am excited anticipating the possibilities that post-quantum computing brings. These advancements open unprecedented opportunities to reinforce security measures, strengthen defenses, and usher in an era of impregnable protection (at least for a certain period).

Invaluable Guidance for Technological Trailblazers:
The rapid advancement of technology necessitates a relentless pursuit of knowledge and constant refinement of our systems. True mastery lies in comprehending the intricate mechanisms that underlie these technological marvels, enabling us to assert control and maximize their potential.

In an era where the Internet of Things (IoT) burgeons with lightning speed, clinging to obsolete technologies is no longer a viable option. Instead, we must immerse ourselves in the ever-evolving currents of innovation, understanding the inner workings of emerging technologies to fortify our defenses and safeguard not only ourselves but also our environment and loved ones.

We are currently witnessing an ongoing cyber warfare with significant economic and socio-economic consequences. The key defense lies in understanding and investing in cybersecurity resilience, not solely driven by regulations but for professional sustainability and personal well-being.