Nick Power explores the importance of cyber security in the realm of software-defined vehicles and outlines key strategies for safeguarding these technologies
As the automotive landscape evolves, software and connectivity are no longer just features; they are the backbone of the modern driving experience. From over-the-air (OTA) updates to real-time diagnostics, consumers now expect their vehicles to seamlessly integrate with their digital lives. But while this transition toward software-defined vehicles (SDVs) represents a significant opportunity for innovation, it also exposes manufacturers and consumers to new vulnerabilities that require urgent action.
The global market for SDVs is projected to soar, with estimates suggesting it could reach over US$210bn by 2032. According to Boston Consulting Group, SDVs will account for 15% to 20% of automotive value by 2030. This shift towards a software-centric approach not only enhances vehicle functionalities but also leads to the generation of vast amounts of data—up to two terabytes daily. While this data provides valuable insights for manufacturers, it also makes them a target for hackers. That’s why it’s vital for automakers to have robust cyber security frameworks in place.
According to the 2024 Global Automotive Cybersecurity Report by Upstream, there has been a staggering increase in high-scale incidents, with remote attacks now comprising 95% of all cyber threats. The report highlights critical vulnerabilities across various manufacturers, exposing risks such as unauthorised access to vehicle controls and sensitive consumer data.
Several key threat vectors illustrate the current landscape of automotive cyber security. The first is keyless entry breaches, showing how hackers can now steal vehicles remotely, bypassing the need for physical access. There are also remote vehicle control attacks. Here, manipulating vehicle operations remotely poses severe safety risks, underscoring the need for sophisticated security protocols that can safeguard critical vehicle functions. Then there is data interception. With the introduction of 5G connectivity, hackers are increasingly focusing on the networks they support, such as vehicle-to-everything (V2X) communications.
Telematics platform vulnerabilities are a key focal area. Cyber criminals often exploit vulnerabilities within backend telematics systems responsible for managing OTA updates. This emphasises the critical need for comprehensive defences at all operational levels of the vehicle. Malware is another concern; malicious software can infiltrate vehicles through compromised software updates, connected applications, or IoT devices. Once embedded, malware can execute unauthorised actions such as data theft, surveillance, or disruptions in vehicle operations. By addressing these evolving threats, automakers can better safeguard not just their vehicles, but the sensitive data customers entrust to them.
As the automotive landscape continues to evolve, the importance of prioritising cyber security for manufacturers cannot be overstated. A strategic focus on securing vehicles requires a comprehensive approach. Implementing multi-layered security safeguards is vital for protecting vehicles, networks, and applications from potential threats. Additionally, reducing and encrypting sensitive data can significantly lower the risk of exploitation. Access control measures, such as multi-factor authentication (MFA) and role-based access control (RBAC), further enhance defences against unauthorised access, while regular audits and compliance checks can identify, and significantly reduce, vulnerabilities.
With the transition to a future filled with connected vehicles, the need for robust cyber security measures has never been more critical. Manufacturers must understand that these threats are not theoretical; they are very real and evolving. By prioritising data security and adopting a holistic approach to protecting the entire vehicle ecosystem, automakers can not only safeguard their customers but maintain a competitive edge in a rapidly changing market. With the right strategies in place, the future of automotive innovation can be both exciting and secure.
The opinions expressed here are those of the author and do not necessarily reflect the positions of Automotive World Ltd.
Nick Power is Chief Technology Officer at Cubic Telecom
The AutomotiveWorld.com Comment column is open to automotive industry decision makers and influencers. If you would like to contribute a Comment article, please contact editorial@automotiveworld.com
