Connectivity has opened the door to many services that promote vehicle safety, driver convenience and comfort. According to Fortune Business Insights, the global connected car market will grow from $59.7 billion in 2021 to $191.83 billion in 2028, growing by 18.1% over the forecast period 2021-2028. of he is projected to grow at a CAGR. Connectivity is opening the door to new technologies and information sharing across industries.
This progressive outlook for connected mobility opens up new challenges. Systems and components that manage safety must be protected against malicious attacks, unauthorized access, damage, or anything else that could interfere with the vehicle’s safety functions. Today, the standard car he consists of over 100 million lines of code and is projected to have 300 million lines of code by 2030. A loophole in even one of the components in the vehicle can allow hackers to steal data or interfere with functionality.
As technology advances and the number of software components inside vehicles grows, hackers continue to find backdoors to remotely break into vehicles. Navigation and other connectivity features are already standard in today’s vehicles. Keyless entry, cloud access, and smart voice assistants are increasingly found in modern automobiles. With this comes the importance of protecting vehicles from potential security breaches.
Cybersecurity is an ongoing process that continues throughout the vehicle lifecycle. This has increased the importance of software engineers and cybersecurity professionals in the automotive industry as well, and his OEMs around the world are gradually building teams capable of handling such issues.
Challenges and risks
As vehicles become increasingly IoT-driven, unprotected ecosystems can expose vehicles to threats and vulnerabilities. Automotive cybersecurity systems powered by artificial intelligence can help provide a clear picture of potential vulnerabilities in the system.
Connected vehicles exchange data with multiple parties, including other vehicles on the road (V2V), surrounding infrastructure (V2I), and everything else (V2X). Within the connected car, various individual segments serve the function of the system. In the future, common automotive architectures may look like this. In this case, the electronic control unit (ECU) is connected to the zone unit, which in turn is connected to the high performance computer (HPC). The architecture requires robust security to prevent possible compromise by external threats.
However, automotive cybersecurity is not just about keeping your vehicle safe. It should start much earlier, especially during the manufacturing process. A manufacturing setup needs a strong security system to prevent hackers from breaking into and modifying the code of a component to cause erroneous behavior. In a typical Industry 4.0 smart factory, the entire manufacturing infrastructure is connected. Advances in connected plants expose the ecosystem to new threats and vulnerabilities. All data moving over the network is vulnerable to cyberattacks. As manufacturing data moves from his OT systems on the factory floor to interconnected information technology (IT) systems within the corporate network, new risks arise. Cybercriminals can access intellectual property, shut down systems, disrupt production schedules, and adversely affect product quality.
A manufacturing environment should be considered fully integrated, even if some processes are not connected to the internet. Many breaches start in your IT network, but hackers and attackers can move to other parts of your environment through connected devices. Additionally, some connected devices may contain information about unconnected processes.
Prevention is the first important step
Automotive cybersecurity solutions must be proactive and multi-layered. The automotive industry is committed to protecting systems, memory, communications and supporting infrastructure. Online trust centers protect cryptographic keys, and penetration testing labs that continuously look for vulnerabilities and threats have become essential to ensuring vehicle safety.
Cybersecurity can be approached in three main steps:
- prevent – The potential for security breaches increases in proportion to the degree of networking and the number of vehicle interfaces required. Hackers are driven by many factors, including data theft, financial gain, and prestige. Manufacturers must harden all potential points of attack and build security solutions across multiple levels and departments. This is possible by identifying various points of attack, understanding their behavior, and designing safeguards to protect your system.
In other words, make it as difficult as possible for hackers to attack. This typically includes hardware-enhanced cryptography, embedded security software, secure networks, and secure vehicle architectures. Another example of a proactive approach when it comes to automotive cybersecurity is DevSecOps. This practice allows developers to use coding practices that are not vulnerable to attacks.
- Understanding – Know when your system has been hacked, identify points of entry, exposed vulnerabilities, and other critical information in real-time. This includes live monitoring and tracking of connected vehicles. An example of this is a Security Operations Center (SOC) configuration. Real-time detection and real-time response to such compromises requires an SoC. A SOC also helps identify gaps and apply rapid patching to avoid long-term exposure to road vehicle vulnerabilities.
- Response – It reduces damage and makes the fleet immune in a few hours. This includes over-the-air software updates and patch management. Cybercrime is an asymmetrical challenge. Organizations have to monitor hundreds of processes, but a hacker only needs access to find and access one flaw. This is like an endless race between those who want to protect the network and those who want to destroy it. Therefore, it is important to act as soon as a loophole is identified.
The UNECE WP.291 regulation on cybersecurity and software updates (World Forum for Harmonization of Vehicle Regulations) is on the horizon and will cause a paradigm shift in the automotive industry in UNECE member countries. Under this framework, his OEMs in UNECE member countries are required to demonstrate evidence of adequate cyber risk management practices end-to-end, i.e. from vehicle development to manufacturing to post-production. This also includes his OTA fixed post sales of vehicles.
Continental’s Technical Center India is continuously working to innovate new technologies to meet customer requirements and cyber security is one of them. Continental acquired Argus Cyber Security in November 2017, ensuring a secure data channel for in-vehicle and cross-platform connectivity via the company’s devices.
Given that connectivity will play a central role in EE architectures and that modern vehicles will become autonomous and automated, cybersecurity protocols are not only nice to have, they are essential and must be added to the system. . Developers work on code that is less susceptible to attacks. Cybersecurity is a continuous process rather than steps and layers that need to be added after development is complete. Cybersecurity is therefore non-negotiable to ensure future market access.
The author is Head of Technical Center India, Continental Automotive India.
Disclaimer: The views expressed are personal and do not reflect the official position of the author’s institution or the policies of Financial Express Online. Unauthorized reproduction of this content is prohibited.