The automotive industry is undergoing a significant transformation as Software-Defined Vehicles (SDVs) take center stage. These vehicles are essentially advanced “software on wheels” that combine software and hardware to create a new driving experience.
This shift, driven by advancements in Connected Autonomous Shared and Electrified (CASE) technologies, presents both unprecedented opportunities and challenges. A clear example of this change is the projected surge in software complexity; by 2030, it is anticipated that modern cars will contain approximately 300 million lines of code, far surpassing the 15 million lines of code found in today’s passenger aircraft. This substantial increase emphasises the critical need for robust cybersecurity measures to safeguard these intricate systems from emerging threats.
The changing landscape of automotive cybersecurity
Initially, cybersecurity threats to vehicles were largely experimental, with white-hat hackers probing for vulnerabilities to improve security. However, the landscape has dramatically shifted. The Global Automotive Cyber Security Report from Upstream Security reveals a surge in the severity and frequency of cyberattacks, with nearly 50% of incidents in recent years categorised as having a “High” or “Massive” impact. These attacks are 95% increasingly remote, orchestrated by black-hat hackers seeking widespread disruption.
SDVs present a significantly expanded attack surface due to their heavy reliance on software and connectivity. Software components, particularly those incorporating virtualisation and service-oriented architectures, are prime targets for exploitation. Additionally, communication with remote servers, often lacking robust security measures, creates vulnerabilities for attackers to intercept data or impersonate systems. The intricate network of internal and external APIs within SDVs further amplifies the risk of unauthorised access.
Infotainment systems pose a significant threat vector due to their interconnectedness with the vehicle’s internal network, OEM backends, and user devices. These systems can serve as entry points for attackers aiming to steal personal information or infiltrate OEM servers. Additionally, communication gateways, electronic subsystems like telematics and steering control, and mobile phone applications, including companion apps and third-party software, offer potential avenues for attackers to compromise vehicle systems or backends. The manipulation of smart key fobs presents another avenue for unauthorised vehicle access, as hackers can intercept or jam key fob communications or use devices to mimic the key fob control unit.
The vulnerability extends beyond the vehicle itself. Smart key fobs, susceptible to interception or jamming, provide another entry point for unauthorised access. EV charging stations and their associated applications also present risks, with potential for disrupting charging operations or compromising user data. Furthermore, while OTA updates offer benefits, they introduce vulnerabilities in wireless communication, potentially impacting multiple vehicles simultaneously.
Four-pronged approach to tackling cybersecurity in SDVs
There are four fundamental steps to address cybersecurity concerns in autonomous vehicles. The initial step involves prediction, which focuses on anticipating potential cyber threats by utilising processes such as Threat Analysis and Risk Assessment (TARA). Utiliisng predictive analytics and threat intelligence is crucial to foresee risks and prepare proactive measures. Prevention revolves around implementing robust security measures to minimise the likelihood of cyber-attacks. This encompasses the use of encryption, access control mechanisms, secure coding practices, and network segmentation. It is essential to embed secure design principles and techniques into both software and hardware development processes.
Detection necessitates the deployment of tools to promptly identify any unauthorised activities, anomalies, or security breaches in real-time. This may involve utilising intrusion detection systems (IDS), security monitoring tools, and anomaly detection algorithms to continuously monitor network traffic, system behavior, and user actions. Response and recovery involve establishing effective strategies to mitigate the impact of cyber-attacks and restore security. This includes having incident response protocols in place to contain breaches, investigate root causes, and rectify affected systems. Potential actions could include isolating compromised components, implementing security updates, restoring backups, and collaborating with regulatory bodies and cybersecurity experts.
In conclusion, the rapid evolution of automobiles into software-driven vehicles presents both substantial opportunities and significant cybersecurity challenges. With the increasing intricacy of automotive software driven by advanced technologies, the risk of unprecedented cybersecurity challenges also rises.
To mitigate these risks, a comprehensive cybersecurity strategy is essential. Strategy stakeholders must prioritise robust cybersecurity measures across the vehicle lifecycle. This includes proactive threat prediction, stringent prevention strategies, real-time detection capabilities, effective response and recovery protocols.
These measures should be seamlessly integrated throughout the entire lifespan of a vehicle, from the initial planning phase to production and eventual decommissioning. This guarantees comprehensive and ongoing protection against evolving cyber threats. Collaborative efforts among automakers, regulators, and cybersecurity experts are crucial for building trust in this transformative technology.
Divya M.S. is Senior Technical Architect, Quest Global. Views expressed are her own.