Car Manufacturer has to address today growing threats, cars have been incrementally becoming more complex with more code and on the other hand they have to maintain its components during extended life spans of several years compared with other industries. This, together with the increasing connectivity thanks to the connected car and 5G, is becoming a major concern for the industry. FISHY offers a prime opportunity to address some of these challenges since it will offer a homogenous way to tackle some of the threats. The focus of this document is to describe how the supply chain for its IOT components, that are part of the ECU, can be secured to maintain security over time, all using surveillance techniques such as continuous vulnerability management or firmware and software updates using out-of-band channels. Finally, we will discuss the importance of security maintainability as a key enabler for long-term crypto-based protection.
