Over the past decade, every company has ostensibly become a tech company. Nowhere is this more true than in the automotive sector. In 2021, there were an estimated 237 million connected cars on the road. By next year, that number is expected to hit 400 million.
The era of the software defined vehicle
Cars are becoming increasingly suffused with technology.
So much is this the case that (in a sort of Armageddon oil drillers in space situation) tech companies like Xiaomi and (maaaybe, probably not any more) Apple are getting into the car game.
Next generation electric vehicles aside, the average car is, according to Luca de Meo, CEO of the Renault Group, more about software than hardware. “The car must now go beyond the physical object. Today, it’s all about connecting it to the cloud, to the digital ecosystem, and turning it into an extension of our digital spaces,” he wrote in March of last year.
The average passenger vehicle contains hundreds of sensors, cameras, and enough microchips for the global semiconductor shortage to hit the auto industry harder than it hit the smartphone market. The most technologically sophisticated passenger cars contain as many as 3,000 microchips guided by 150 million lines of software code. According to a report by the United Nations’ economic commission, cars could become twice as complex by the end of the decade.
De Meo even notes that the “computer systems and practical software features” have become the main selling points of modern vehicles.
These software defined vehicles (SDVs) are defined by De Meo as operating based on a centralised electronic architecture, being equipped with artificial intelligence (AI), have the potential to be paired with a digital twin, and most importantly are connected to the cloud during their entire lifecycle.
Car’s aren’t just getting smarter. They’re also more inseparably and permanently connected to the internet. Automakers are constantly updating, even improving SDVs, argues De Meo. He says SDVs will “become better and improve themselves day by day. As a result, they will be better when you sell them than when you buy them.”
Smarter cars mean more cyber risk
Despite the benefits touted by the auto industry of an always-on, always-connected car, perpetual connection to the internet via a plethora of IoT devices also has its risks.
More technology makes cars safer, smarter, and more convenient to use. However, it also presents a troubling new threat vector. As the electronic (and always connected) systems inside cars become increasingly sophisticated, they present a more inviting target for cyberattacks.
What kinds of cyberattacks?
The infotainment system in an SDV connects to the internet and other devices around it via wifi, bluetooth, cellular, and USB connections. These systems—much the same as for a personal computer—can provide an entry point for hackers to exploit. Ivan Reedman, director of secure engineering at IO Active, argues that this could allow these hackers to “access and control vehicle functions remotely, endangering human safety.”
It’s more likely, however, for hackers to be interested in attacking a car for the same reason they breach many other systems: data. “Infotainment systems also store personal information, such as personal contacts and location data, which can attract cybercriminals,” says Reedman. Personal data is vulnerable to attack whether users store is in the car itself, or on a device that trusts the car.
Cybersecurity in the auto industry shifting gears
The simple fact is that the auto industry is going to have to adopt a cybersecurity-conscious mindset and invest heavily into ensuring the SDVs of the future don’t represent a huge potential cyber risk.
A McKinsey report notes that “cybersecurity will be nonnegotiable” for automakers looking to bring connected cars to market. Despite the fact that “Unlike in other industries, such as financial services, energy, and telecommunications, cybersecurity has so far remained unregulated in the automotive sector,” new regulations are changing the landscape faster than some automakers can adapt.
New EU cybersecurity rules set to take effect in June have reportedly resulted in the scrapping of two new Porsche cars, the 718 Boxster and 718 Cayman for failing to live up to new cybersecurity standards. Porsche says it plans to continue selling the cars outside of the EU.
The evolution of the SDV will undoubtedly have major consequences for the auto industry. However, the success of smarter, more connected cars relies on automaker’s ability to not only make them physically safe, but cyber-secure as well. “Cars are an extension of the home, and we want to feel protected there,” Ronen Smoly, Chief Executive of Argus Cyber Security recently told Automotive World. “We don’t want anyone to spy on us or download personal data that exists in the car.”
- Cybersecurity
