PAS will exhibit the recently released VERZEUSE for TARA at the Japan Automotive ISAC Booth “Automotive Cyber Security Pavilion” at EdgeTech+ 2025*2 to be held from November 19 to 21, 2025.
<Development background>
In recent years, many vehicle user experiences such as a comfortable cabin UX, advanced safety functions, and continual innovation, have been realized through software. Within this trend is the arrival of the SDV era, in which most of a vehicle’s value is defined by software. The scale of software has expanded in SDV, and as the use of open source software (OSS) progresses, the risk of vulnerabilities*3 also increases. Security measures are becoming more intricate and expansive, making it difficult to rely solely on manual, person-dependent responses. This has heightened the need for automated and efficient security innovations.
Furthermore, in the SDV architecture, multiple ECU functions are virtualized in a cockpit HPC; this means there are security issues emerging that are different to those in ECU with a traditional physical connection. A virtual environment produces particular issues including vulnerabilities of software communications connections, diversification of attack paths, and inadequate partition of memory spaces. Responding to these issues requires vulnerability assessments and threat*4 analysis across the entire vehicle life cycle.
<Evolved elements in this VERZEUSE series>
The VERZEUSE series has evolved from the traditional individual ECU compatibility and expanded to a configuration that is compatible with SDV architecture centering on cockpit HPC. PAS has been able to correctly implement measures to respond to security issues that are particular to an SDV, at each stage of the vehicle life cycle from design and implementation to assessment and operation, even in complex in-vehicle systems that include virtualization technologies and software communications. Also, by enabling threat and weakness analysis based on the connection of a vehicle’s entire configuration and functions rather than by individual ECU, this series functions as security infrastructure that protects vehicles that are continually advancing, as is called for in this SDV era.
1. VERZEUSE for TARA*5, ISO/SAE 21434 compliant threat analysis innovations
Threat analysis of the entire vehicle and vulnerability analysis in the development and design phase are SDV-compatible, achieving a substantial reduction of workload
In this SDV era, vehicles connect to the cloud and mobile applications, expanding the area subject to threats and attacks. Any vulnerabilities or omissions in countermeasures during the development and design phase of systems and software directly impact a vehicle’s safety and security. This is why there needs to be early prevention of any vulnerabilities entering the development and design phases, thus swiftly establishing a robust vehicle software infrastructure that can handle continual updates.
In addition to traditional ECU threat analysis, this innovation is now compatible with threat analysis for the entire vehicle and vulnerability analysis based on a virtual environment for an SDV in the development and design phases. Specifically, by adding new items to the questionnaire on the existence of software-level security measures (access control, encryption, manipulation detection, etc.), PAS’s proprietary threat intelligence automatically generates vulnerability assessments for the applied security measures, ISO/SAE 21434 work products, and a common weakness enumeration (CWE)*6 vulnerabilities check list. This automation supports frequent design changes, reduces dependency on individual analysts, and enables continuous risk mitigation throughout the vehicle lifecycle.
This innovation has been applied to over 120 types of PAS’s in-vehicle products in total. In large-scale products, it has reduced workload required for threat analysis by up to 90%*7 and for vulnerability analysis in the design and development phases by up to 63%*8 compared to traditional manual labor. Car manufacturers have highly appraised this innovation, and PAS has been commissioned to provide multiple consulting projects for risk assessment.
2. VERZEUSE for SIRT*9, vulnerability analysis innovations:
Support cockpit HPC composed of multiple virtual machines, strengthening SDV vulnerability analysis
Cockpit HPC has virtual machine environments and container environments running multiple ECU functions. Traditionally, each ECU communicates via physical connections, including cables and signal lines; while each ECU functions within cockpit HPC, communicates via software channels. Physical connections are literally constrained by physical elements, which results in limited communications pathways and difficulties in changing connections. In contrast, software modifications are easier, and software-based communication allows flexible settings and modifications of connections. This means that completely new communications pathways can be created in cockpit HPC, which also produces new threats of attack paths through these communications pathways. It also produces issues that are unique to cockpit HPC, such as how to deal with vulnerabilities of virtual environments and container environments.
VERZEUSE for SIRT allows for cockpit HPC- vulnerability analysis using both the physical connection information and software communications information of each ECU. This enables analysis that considers virtualization and the complex architecture of an SDV, and achieves even more accurate vulnerability analysis, as well as boosting the efficiency of SIRT activities and speeding up the response to vulnerabilities.
3. VERZEUSE for Runtime Integrity Checker*10, cyber security robustness innovations:
Enhancing the security monitoring of virtual environments
VERZEUSE for Runtime Integrity Checker builds upon traditional integrity monitoring software*11 and extends its capabilities to support in-vehicle systems in the SDV era. For virtual machines—such as instrument clusters and IVI systems—that operate in a virtual environment, this innovation can ensure continuous and elevated security by applying constant monitoring at multiple stages based on the trust chain*12 from integrity monitoring software located in a secure area. Multiple virtual machines operate simultaneously in these virtual environments, and because memory management communication paths become increasingly complex, monitoring using traditional systems has become difficult. This is where PAS has applied its knowledge to implement security monitoring in virtual environments. By transmitting signed heartbeats via virtual environment management functions, individual virtual machines can be restarted, enabling flexible response and recovery during an attack. These are advanced core technologies of the highly reliable and highly secure in-vehicle systems that are required in the SDV era. This unique innovation from PAS has been highly appraised by many car manufacturers and adopted as an in-vehicle product ahead of offerings from other companies.
VERZEUSE integrates security technologies Panasonic Automotive Systems has developed for the automotive industry over the years. Moving forward, we remain committed to this domain as a core technology underpinning safety and security in the SDV era and will continue to drive technological innovation.
Notes:
*1 VERZEUSE is a registered trademark in Japan of Panasonic Automotive Systems Co., Ltd. and its affiliated companies. VERZEUSE was coined by combining the Spanish word “ver” meaning “look” and the god Zeus. The name is meant to inspire the feeling of a protective god of the sky watching over the safety of society.
*2 EdgeTech+ 2025 https://www.jasa.or.jp/expo/english/
*3 Vulnerabilities: Weak points in design, and unforeseen defects in systems and software. These weak points could become targets for cyber attacks.
*4 Threats: External factors and actions that could damage systems and networks. Includes cyber attacks and unauthorized access, etc. Ref: Vulnerabilities,Threats, risk https://automotive.panasonic.com/en/innovation/cyber-security#risk
*5 October 24, 2024, Development of ISO/SAE 21434 compliant threat analysis innovations: VERZEUSE for TARA https://news.panasonic.com/global/press/en241024-4
*6 Common weakness enumeration (CWE): A list of common types of vulnerabilities. A list of systematically classified and organized types of vulnerabilities in software and hardware.
*7 Press release on October 24, 2024. When PAS analyzed its navigation system (220 resources, 1250 threat scenarios, and 3230 countermeasure requirements), the innovation reduced the workload from 30 to 3 person-months. https://news.panasonic.com/global/press/en241024-4
*8 Example of vulnerability analysis during the design of cockpit domain controller systems
*9 September 9, 2024, Development of Vulnerability Analysis Innovations VERZEUSE for SIRT https://news.panasonic.com/global/press/en240909-4
*10 December 11, 2023, Cyber Security Robustness Solution, Developed VERZEUSE for Runtime Integrity Checker, Strengthen In-Vehicle Cyber Security Measures https://news.panasonic.com/global/press/en231211-2
*11 Integrity monitoring software: Technology that continuously monitors for tampering of security functions from within a trusted domain, reinforcing system safety and reliability
*12 Trust chain: Mechanism that ensures the integrity of software at multiple stages, originating in a secure execution environment.
<About VERZEUSE>
Panasonic Automotive Systems Co., Ltd. markets VERZEUSE cybersecurity technology and services globally. Engineers at Panasonic Automotive Systems who worked together in the development of security technologies in various Panasonic Group products, including TVs, recorders, mobile phones, smartphones, payment terminals, and semiconductors, have turned their expertise toward developing cyber security technologies since 2014, drawing on their individual strengths to apply these technologies to automotive products. Panasonic Automotive Systems helps to ensure the safety and security of automated driving functions and network services to benefit society with technologies underpinned by a wealth of knowledge and experience.
About Panasonic Automotive Systems Co., Ltd.
Panasonic Automotive Systems Co., Ltd., (PAS) was launched on April 1, 2022 as an operating company responsible for the automotive systems business in line with the start of the Panasonic Group’s operating company system, and on December 2, 2024 the company moved to a management structure in which 80% of its shares are held by the funds managed by an affiliate of Apollo Global Management, Inc. and 20% by Panasonic Holdings Corporation.
Headquartered in Japan, PAS is a global company with subsidiaries in eight other countries and, as a Tier 1 company, it provides advanced proprietary technologies such as infotainment systems to automakers in Japan and overseas, helping to create comfortable, safe, and secure automobiles. PAS is committed to meeting the expectations of its customers around the world with technologies that stand by people in pursuit of its corporate vision of becoming the “Joy in Motion” design company. To learn more about our company, please visit https://automotive.panasonic.com/en
SOURCE Panasonic Corporation of North America
