-
-
-
-
URL copied!
According to Deloitte, there will be 470 million connected vehicles on highways worldwide by 2025. These connected vehicles provide opportunities and have a higher cybersecurity risk than any other connected devices; even the FBI had to make a statement about it.
A typical new model car runs over 100 million lines of code and has up to 100 electrical control units (ECUs) and millions of endpoints. The stakes are high, too, considering the safety implications some of these security issues may cause. Supporting satellite, Bluetooth, telematics and other types of connectivity while protecting drivers and public safety is essential, and completely reliant on vehicle design and manufacturing.
Vehicle Cybersecurity Regulations for Manufacturers to Know
Considering this, the UNECE released new vehicle cybersecurity regulations in the middle of 2021 (UN R155 and UN R156), and ISO came up with ISO/SAE 21434. These standards laid the foundation of cybersecurity in connected vehicles. While they are complex, these security considerations can be classified in three main categories:
- In-vehicle cybersecurity: Cybersecurity aspects within the vehicle, such as OBD-II hacking, key fob hacking, theft of personal data, remote takeover, malware, etc.
- Network cybersecurity: Cybersecurity aspects of vehicle network connectivity. This covers most general network threats such as DoS, Syn-flood, etc.
- Backend cybersecurity: Cybersecurity aspects of backend systems, which are typically the same as any cloud security aspects. Connected vehicles exchange information and data with the backend systems generally hosted on the cloud. These backend systems perform various tasks such as vehicle software updates, navigation, alerts, etc.
Recommended reading: How Smart Cars Will Change Cityscapes
Examples of Cybersecurity for Automotives Across Threat Categories
Each threat category requires different solutions and skills of the vehicle manufacturer. For example, these are some of the solutions required for each of the above categories.
In-vehicle cybersecurity
- Hardware-based crypto-accelerators and secure key storage
- JTAG memory and register access restriction
- Firmware signing
- Electronic Control Unit (ECU) authentication
- Anti-tampering and side channel attack protections
- SSH or secured access
- Secure key storage
Network cybersecurity
- Encrypted and secure communication
- IDS/IPS to track potential packet floods
- Network segmentation
- Virtual private network (VPN)
- Firewall
Backend cybersecurity
- Data loss prevention and data integrity strategy
- OTA package encryption and signature
- Secure images
- Activity and log monitoring
Our team works with leading connected vehicle manufacturers and OEMs to build secure connected vehicles across all three categories. We help our clients with the cross-industry best practices required to develop solutions such as in-vehicle infotainment systems, ECUs, and advanced driver assistance systems without compromise on security or reliability.
Learn more:
Top Insights
Manchester City Scores Big with GlobalLogic
AI and MLBig Data & AnalyticsCloudDigital TransformationExperience DesignMobilitySecurityMediaTwitter users urged to trigger SARs against energy...
Big Data & AnalyticsDigital TransformationInnovationRetail After COVID-19: How Innovation is Powering the...
Digital TransformationInsightsConsumer and RetailTop Insights Categories
Let’s Work Together
Related Content
5 Trends & Takeaways from Google Cloud Next
Executives, decision-makers, technical experts, and Google Cloud partners converged at Google Cloud Next to explore cutting-edge innovations and industry trends. GlobalLogic was there, speaking about modernization strategy and delivering a Cube talk on Intelligently Engineering the Next Gen AI Platform we are building for Hitachi. Among the buzz at GCN 2024, using GenAI for customer … Continue reading Connected Vehicle Cybersecurity Considerations That Vehicle Manufacturers Need to Know →
Learn More
The “hype cycle” is about the hype—not the technology
The hype cycle has little to do with the merits of a particular technology. It simply has to do with the amount of publicity the technology has received. In particular, if the publicity jumps ahead of what the technology can immediately deliver, then the technology quickly gets labeled as “over hyped”. This is not the … Continue reading Connected Vehicle Cybersecurity Considerations That Vehicle Manufacturers Need to Know →
Learn More
What’s an “A” Player?
Steve Jobs used to say, "A players attract A players. B players attract C players.” Our own CTO, Dr. Jim Walsh, says "Companies are better off hiring A players who can learn, than B or C players who already know." But what exactly makes an “A” player — and how can you spot one?
Learn More
Innovators and Laggards: The Technology Landscape of 2019
In the 1960s, sociologist Everett Rogers produced a roadmap showing how innovations are adopted and, eventually, become obsolete. Later, author Geoffrey Moore wrote a book called “Crossing the Chasm” that detailed how companies and technologies succeed or fail to progress from “early adopter” to “early majority” status. Moore’s work further popularized Roger’s categories, and words like “innovator” and “early adopter” have become a firm fixture of the Silicon Valley and world-wide technology vocabulary.
Learn More
MockK Framework for Unit Testing in Kotlin (Android Mobility Development)
Unit testing is core to any software development process. In this blog, we demonstrate how MockK is an advantageous framework for unit testing with Kotlin, the preferred programming language for Android mobility development.
Learn More
Share this page:
-
-
-
-
URL copied!