This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation.
Fuel, licensing, and auto sales taxes; traffic enforcement; tolls; public transportation; parking
Rental vehicles; taxi and limo services; private parking garages
Emergency services and hospital costs; legal fees associated with accidents
Wholesale and dealer vehicle sales and service; suppliers; and mechanics
Aftermarket parts and service channel
Stakes are high – with approximately $2 trillion in revenues collected annually by the current extended auto industry
1Total revenue is $1.99T. Source: Deloitte analysis based on IBISWorld Industry Reports, IHS, DOT, US Census, EIA, Auto News, TechCrunch. Current revenue represents 2014 figures (or earlier if 2014 data not available) in the United States.
ICS security environments should be reviewed in terms of a standard security framework and with consideration of the primary domains that exist in the security infrastructure
Industrial control systems (ICS) are highly inter-connected
Security Domains
Access & Privilege
Management
Intrusion Detection & Monitoring
Cyber Intelligence
Network Security
Awareness & Policy Adoption
Configuration & Vulnerability Management
Incident Response &
Recovery
Physical Security
Access & Privilege ManagementReview and management of default, privileged, and user
accounts with access to ICS systems
Intrusion Detection &
MonitoringDeep packet inspection of
network traffic for indicators of compromise or analogous
communications
Cyber IntelligenceIntelligence gathering on
relevant cyber-attack
mechanisms as on-going
input to security safeguards
Network SecurityNetwork architecture designed
and configured to protect
critical assets while allowing
required business communications
Configuration & Vulnerability Management
Proactive management and monitoring of patches and
configuration settings
Incident Response &
Recovery Policies and procedures that
define incident triage, response, containment, remediation, and
recovery
Physical SecuritySafeguards which appropriately
restrict, control, and monitor
physical access to critical assets
Awareness & Policy ManagementPolicies, training, and guidance that mandate and promote secure
Understand the current level of maturity against ISO 27002, measured by ISO domain to help drive IT Security program priorities
Competitive Positioning
Evaluate robustness of IT Security Program with respect to its industry peers and likely competitors
Actionable Recommendations
Develop IT Security Program enhancement recommendations to effectively manage risks to its business data, intellectual property, and information assets
OEMs and suppliers need to establish the relevant set of people, process and technology to align security practices with connected vehicle requirements
Cybersecurity program maturity is an important consideration
Set the toneEngage leadership in the managing cyber risks01Assess risk broadlyInclude enterprise, ICS and connected products02Socialize the risk profileShare the results with leadership and the board03Build in securityHarmonize investments with the cyber risk program04Remember data is an assetConnect business value with data and strategies to protect it05
Assess third-party riskInventory mission critical ecosystem relationships and evaluate related risks
06Be vigilant with monitoringDetermine whether and how quickly a breach in key areas of the company would be detected
07Always be preparedFocus on incident and breach preparedness using wargaming simulations
08Clarify organizational responsibilitiesIdentify clear ownership with a leader to bring it together
09Drive increased awarenessGet employees on board and ensure they know their role in protecting the organization
10
As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed
description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of
Fuel Economy Also known as fuel efficiency, or the maximization of the distance traveled on a unit of fuel
Propulsion
Telematics Global Positioning System technology integrated with computers and mobile communications technology in automotive navigation systems
Navigation
Autonomous Driving
Automobiles that are capable of driving themselves without input from a human passenger
Handling
Driver Assistance Various systems such as auto braking, lane departure warning, and traffic sign recognition that help the driver become aware of and avoid road hazards
Safety & Security
Heads-Up Displays (HUDs)
Systems for displaying data from a smartphone to the windshield of an automobile so a driver can keep his/her eyes on the road
Entertainment
Source: Thomson Innovation & Thomson Reuters Derwent World Patents Index
Common IP Issues for ADAS and Other Integrated Products – NPEs
Common Auto NPEs in Recent Years• American Vehicular Sciences• Beacon Navigation GmbH• Cruise Control Technologies• Signal IP• PJC Logistics• Norman IP• Innovative Display Technologies• Delaware Radio Technologies• Novelpoint Tracking• Affinity Labs of Texas• Advanced Silicon Technologies• Diamond Coating Technologies, LLC• Digital Stream IP
The Connected Car – Supplier Risk AssessmentsExternal Data – Insights and Integration
Neil Steinkamp, Stout Risius Ross
1/11/2017
28
Global Financial Advisory Services
The Connected Car – Supplier Risk AssessmentsExternal Data – Insights and Integration
Suppliers of Advanced Driver Assistance Systems (“ADAS”) and related components are presented with unique opportunities as the adoption of these technologies increases.
Suppliers also face unique risks of recall and excess warranty resulting from defects related to advanced components supplied into these platforms:
Defects related to new designs or manufacturing processes
Integration of components into complex systems
Reliance on software
Lack of history / experience related to components and assemblies
Unique Opportunities and Risks
1/11/2017
29
Adoption of ADAS technology is occurring during a period of enhanced regulatory scrutiny, as well as increased OEM sensitivity to, and customer awareness of automotive safety defects.
Automotive AI and ADAS were of significant interest at CES just last week.
“CES has become an evermore automotive focused trade-show, and this year's Media Day was no exception….[T]here were two main themes: First, AI is becoming an increasing focus of autonomous driving development; Second, there is mounting sentiment that Level 4 ADAS is still a few years out, and that Level 5 ADAS may be much further out.” – SunTrust CES Media Day Recap
Identifying Risks
What does that mean though? A few considerations from CES Media Day:
Mobileye partnering with Intel and BMW “announced plans to have a fleet of approximately 40 autonomous BMW 7 Series vehicles on the roads in the US and Europe by 2H17.”
NVIDIA announced 6 AI based automotive partnerships with:
Audi to put a fully autonomous vehicle on the road by 2020;
VW to develop an AI cockpit;
HERE (Private) to develop AI for HD mapping;
ZF for AI-based self-driving systems;
Zenrin for HD mapping for Japan; and
Bosch for AI driven self-driving computers.
Continental announced it is using its 3D Flash LIDAR to construct a complete 3D model of the vehicle surroundings up to 200 meters away and as close as a few centimeters.
Valeo, Toyota, Hyundai and others made significant announcements regarding AI and ADAS at Media Day as well.
-Source: SunTrust CES Media Day Recap – January 5, 2017
Identifying Risks
1/11/2017
30
Suppliers and OEMs must identify the risk of defect associated with the adoption and integration of ADAS technologies, and consider the potential consequences:
What features give rise to risks?
How to analyze risks with little or no production history?
What is the potential magnitude of a recall or field service action?
How can these risks be mitigated?
–Engineering / Process / Quality Feedback and Improvement?
–Pricing Mitigation?
–Legal / T&C Mitigation?
–Insurance?
Identifying Risks
Certain data limitations inhibit suppliers’ ability to asses the risks related to ADAS components:
Limited production and defect history
Disjointed, unstructured sources of data
Available data requires refinement and analysis
Analysis of the data therefore requires consideration of multiple sources of information with an appreciation of the unique features of each.
Interpretation of the results also requires a comprehensive understanding of the industry, supply chain, regulatory environment, and insight into forthcoming trends.
Challenges to Identifying Risks
1/11/2017
31
Risk assessment methodologies can utilize data from many publically available sources, as well as proprietary datasets, including:
NHTSA Recall Data
Technical Service Bulletins (TSB)
NHTSA Defect Investigations
NHTSA Complaints
Early Warning Reporting (EWR)
Motor Vehicle Defect Petitions
Petitions for Inconsequential Noncompliance
International Recall Data
Vehicle Production and Sales
Component Adoption and Fitment
Suppliers Identified in Recall Notices
Data regarding manufacturing, assembly and design defects
Recall Completion Rate Data
FARS Data
Other indicators or risk such as consumer feedback through blogs and other sites as well as litigation arising from defects.
Identifying Data
A comprehensive risk assessment considers the following:
Historical defect incidence rates;
Relevant vehicle population characteristics, including component fitment and market penetration; and
Analysis of costs associated with recall and excess warranty.
Based upon this analysis, a supplier is better able to estimate:
Defect incidence rate and number of defects per thousand vehicles;
Probability weighted cost of recall or field service action; and
Relative risk profile of individual components.
Such information is valuable to risk management, and can provide insights into other sales, engineering, and legal considerations.
ADAS equipment, including crash imminent braking, has been a topic of increased regulatory focus for NHTSA:
“In 2012, one-third of all police-reported crashes involved a rear-end collision with another vehicle as the first harmful event in the crash, and NHTSA believes that advanced crash avoidance and mitigation technologies like AEB systems could help in this area. NHTSAs extensive research on this technology and on relevant performance measures showed that a number of AEB systems currently available in the marketplace are capable of avoiding or reducing the severity of rear-end crashes in certain situations.” – www.safercar.gov
“Crash Avoidance technology has continued to progress, and NHTSA is aggressively pursuing research related to technologies that, in addition to warning drivers of a collision threat, can take active control of the vehicle to help mitigate or avoid the crash (if warnings are not heeded by the driver, or the driver’s reaction is insufficient to avoid the crash). In particular, NHTSA is focusing its efforts on dynamic brake system (DBS) and collision imminent braking (CIB) technologies being offered by light vehicle OEMs. ” – www.nhtsa.gov
In July 2012, NHTSA published a Request for Comments seeking feedback regarding its observations about dynamic brake systems and collision imminent braking technologies, as well as consideration of test protocols. NHTSA is in the process of evaluating this feedback and continuing research into safety benefits, test procedures, and reliability of these systems.
ADAS equipment, including crash imminent braking, has been a topic of increased regulatory focus for NHTSA:
On October 16, 2015 NHTSA announced that it was granting “the petition for rulemaking submitted by the Truck Safety Coalition, the Center for Auto Safety, Advocates for Highway and Auto Safety, and Road Safe America on February 19, 2015, to establish a safety standard to require automatic forward collision avoidance and mitigation systems on certain heavy vehicles.” The Federal Register notes: “For several years, NHTSA has researched forward collision avoidance and mitigation technology on heavy vehicles, including forward collision warning and automatic emergency braking systems. The agency will continue to conduct research and to evaluate real-world performance of these systems through track testing and field operational testing.”
–“Considering the information before the agency, including the information referenced in the petition, NHTSA grants the February 19, 2015 petition in accordance with 49 CFR part 552 and initiates a rulemaking proceeding with respect to forward collision avoidance and mitigation systems on vehicles with a GVWR greater than 10,000 pounds.”
ADAS equipment, including crash imminent braking, has been a topic of increased regulatory focus for NHTSA:
On January 28, 2015, NHTSA published a notice requesting comments on the agency's intention to recommend various vehicle models that are equipped with automatic emergency braking (AEB) systems that meet the agency's performance criteria to consumers through the agency's New Car Assessment Program (NCAP). On November 11, 2015 NHTSA announced the “agency's decision to update the U.S. New Car Assessment Program (NCAP) to include a recommendation to motor vehicle consumers on vehicle models that have automatic emergency braking (AEB) systems that can substantially enhance the driver's ability to avoid rear-end crashes. NCAP recommends crash avoidance technologies, in addition to providing crashworthiness, rollover, and overall star ratings. Today, 3 crash avoidance technologies—forward collision warning, lane departure warning, and rearview video systems—are recommended by the agency if they meet NHTSA's performance specifications. NHTSA is adding AEB as a recommended technology, which means that we now have tests for AEB. AEB refers to either crash imminent braking (CIB), dynamic brake support (DBS), or both on the same vehicle.”
ADAS equipment, including crash imminent braking, has been a topic of increased regulatory focus for NHTSA:
Twenty-one comments were received. Most of the comments were from the automobile industry—vehicle manufacturers, associations of vehicle manufacturers, suppliers, and associations of suppliers. In addition, comments were received from another Federal government entity, an organization of insurance companies, and an association of motorcycle interests. Those in support included Advocates, Alliance, AGA, ASC, Bosch, CU, Continental, DENSO, Ford, Infineon, IIHS, Malik, MBUSA, MEMA, NADA, NTSB, Tesla, and TRW. Advocates supported using NCAP to encourage vehicle safety technologies, but indicated its preference for requiring AEB systems on new vehicles by regulation. Honda expressed its support for NCAP generally, but did not specifically support the addition of AEB systems to NCAP. Honda stated that it would like these systems to be rated. IIHS said that its research on the effectiveness of Volvo's City Safety system and Subaru's Eyesight system indicates that NHTSA may have “vastly underestimated the benefit of AEB.” Bosch said a 2009 study it conducted indicated DBS “may be effective” in reducing injury-related rear-end crashes by 58 percent and CIB by 74 percent. The ASC, Bosch, IIHS, MEMA, and, TRW addressed the desirability of NHTSA harmonizing its AEB NCAP test procedures and other evaluation criteria with other consumer information/rating programs, particularly Euro NCAP. Other commenters urged harmonization with Euro NCAP with respect to specific details.
Other Risk Indicators – Complaints - Crash Imminent Braking
Risk Indicators – International Recalls - Crash Imminent Braking
Risk Indicators – U.S. Recalls - Crash Imminent Braking
1/11/2017
37
Risk Indicators – U.S. Recalls - Crash Imminent Braking
Risk Indicators – U.S. Recalls - Crash Imminent Braking
1/11/2017
38
Risk Indicators – Crash Imminent Braking
Risk Indicators – TSBs
1/11/2017
39
Forward Collision and Lane Departure categories included in EWR reporting beginning in 2015. As of Q2 2016:
9 incidents involving Forward Collision
– 5 of these involve 2015 and 2016 model year Subaru vehicles; 2 were Volvo vehicles
– Including 1 fatalities
1 incident involving Lane Departure
– 2015 Lincoln MKC
Other Risk Indicators – Early Warning Reporting
Crash Imminent Braking exhibits a relatively low risk of defect based upon the primary indicators described, specifically:
Few instances of relatively small recalls in the U.S. (fewer than 50k units);
Very limited TSB history, with small population of vehicles affected;
A supplier was identified in one recall;
Limited NHTSA investigation history;
Crash imminent braking has been the focus of increased regulatory scrutiny which may indicate additional enforcement action as the technology matures.
Among the other indicators of defect analyzed, Crash Imminent Braking demonstrates:
Few instances of recall from international jurisdictions, consistent with U.S. recall activity;
Increase in number of related customer complaints as consumer adoption increases.
Crash Imminent Braking – Overall Conclusion
1/11/2017
40
It is important to appreciate that Crash Imminent Braking is a relatively new technology, with consumer adoption rates increasing.
This technology is integrated into ADAS systems that are also relatively young in the product cycle.
As the number of vehicles incorporating Crash Imminent Braking and other ADAS technologies increases, so too may the risk of defect related to these components.
However, the risk indications that are observed at this time are primarily integration risks – a theme likely to be evident in many ADAS components
Crash Imminent Braking is a technology that has, and will continue to attract increased attention from NHTSA for a variety of reasons.
Therefore, the risk profile associated with Crash Imminent Braking may continue to evolve as the component matures; additional periodic assessment can identify other trends as they emerge.
Crash Imminent Braking – Overall Conclusion
The review, analysis and consideration of all of these data sets enable suppliers to consider which risks can be quantified. In addition, this data, when combined with internal knowledge and data will enable a process of frequent review and consideration of the latest information, until a more robust risk analysis can be completed.
For new technologies such as AI and autonomous features, the development of mechanisms to enable prompt reaction to the identification of risks and defects presents a clear opportunity to mitigate risks during development, engineering and production.
When longer term data trends can be assessed refinement of the analysis can be completed in order to provide for the quantification and monetization of risk.
Crash Imminent Braking – Overall Conclusion
1/11/2017
41
The approach described herein provides a robust analysis of the external indicators of recall and excess warranty. Suppliers should also leverage internal institution knowledge of their products, customers, and the marketplace to enhance findings and develop a comprehensive risk assessment.
While internal assessment can provide valuable insights into the risk assessment process, an external, independent review of the data is critical to minimizing the influence of potential institutional bias on the results.