AUTOCRYPT, Author at AUTOCRYPT

13 June, 2023 . 5 mins read

AI In Automotive Cybersecurity

The rise of artificial intelligence is signaling disruption in the technology industry. The likes of Microsoft, Google, and OpenAI are spearheading fierce competition to create the most advanced artificial intelligence aimed at improving the way we interact with technology. While intelligent language models like ChatGPT are already fascinating people with their abilities to deliver answers to given prompts, AI technologies currently available to the public are just the tip of the iceberg. In the automotive industry, artificial intelligence can streamline operations and improve efficiency throughout the supply chain. Utilization of artificial intelligence in the automotive cybersecurity sector can especially benefit threat detection and response.

The Need for Strengthened Vehicle Cybersecurity

Several decades ago vehicle security would entail door locks, car alarms, and airbags. While the same is still true, cybersecurity is becoming an essential part of automotive security. Ensuring full protection now includes shielding the vehicle from internal system malfunctions as well as external cyber threats. However, as cars turn more software-driven and connected, vehicle security is becoming increasingly complex.

A modern-day car contains multiple electronic control units (ECUs) responsible for in-vehicle electronic systems that regulate and perform various functions ranging from essential tasks like steering and engine control to more mundane ones like unlocking doors and rolling down windows. The number of ECUs in a given vehicle depends on the quantity and complexity of vehicle features. For instance, a contemporary luxury car can have up to 150 ECUs, and the number may continue growing if new functionalities and sub-systems are added. These ECUs communicate with different parts of the vehicle and other ECUs to keep the vehicle running. Each of these ECUs and their communication nodes must be secured to protect the vehicle from cyber threats.

Limitations of Conventional Automotive Cybersecurity

Keyless car theft, infotainment system attacks, malware, conventional automotive cybersecurity software is built to protect against these and many other known threats. Cybersecurity companies employ ethical hacking methods to ensure the timely discovery of system loopholes. In ethical hacking, white hat hackers are responsible for hacking vehicle systems to find weaknesses in the software and report it to the cybersecurity software developers, who then implement appropriate security measures.

The complex system architecture of modern vehicles contains dozens of ECUs and millions of code lines, all of which can be potentially exploited by malicious actors. Manually searching for vulnerabilities in these vehicles is like looking for a needle in a haystack. As vehicle systems get more complex securing them will become even harder. While ethical hacking helps companies develop resilient security measures against cyber attacks, this ad hoc approach to cybersecurity has its limitations.

The biggest challenge in automotive cybersecurity is protecting the vehicle from unprecedented danger, also known as a zero-day attack. These attacks exploit previously undiscovered vulnerabilities in vehicle systems to install malware or tamper with the vehicle. Protection against zero-day attacks necessitates a more sophisticated approach to automotive cybersecurity, which is where AI comes in.

The Potential of AI/ML-powered Cybersecurity

AI/ML-based systems analyze, classify, and train on large amounts of data to self-improve and make independent decisions down the road. When applied in automotive cybersecurity, machine learning algorithms can be implemented in the security software to learn common patterns of vehicle operations. A trained model will then be able to distinguish anomalies that fall beyond the scope of ordinary vehicle signals. If malicious behavior is detected the cybersecurity software will send alerts and shield the vehicle from danger. Even if a malicious actor exploits a previously unidentified vulnerability, an AI-powered anomaly detection model will be able to detect intrusions and prevent them.

A car’s digital communications are simple and more predictable than that of a typical computer network. Since signals exchanged during normal vehicle operations often follow fixed patterns, determining an anomalous signal is not very difficult. Therefore, employing unsupervised machine learning in cybersecurity is feasible. For instance, imagine a car driving on the highway at cruising speed that suddenly receives a breaking signal requesting to stop the car in the middle of the road. An AI-powered security software will be able to differentiate this unusual command from a common driving pattern. The system will then block the anomalous signal and send it over to the security experts for further action.

While perfecting a fully AI-based cybersecurity software may take years, some companies are already leveraging the power of machine learning in their solutions. One example is AutoCrypt Security Fuzzer, which is an automated testing solution that employs an AI-based algorithm to input semi-random test cases into selected systems to reveal errors in vehicle software. The solution essentially causes intentional crashes in the system to expose software vulnerabilities that need to be addressed. An AI-based security fuzzer greatly reduces testing time, streamlining the ad hoc approach to cybersecurity implementation.

Due to the self-improving nature of artificial intelligence, the potential of AI in automotive cybersecurity is limitless. The speed of developments in the automotive sector requires cybersecurity measures that are just as agile. Leveraging artificial intelligence in vehicle cybersecurity will help address the risks of zero-day attacks and mitigate threats in a timely and efficient manner.

To stay informed and updated on the latest news about AUTOCRYPT and automotive cybersecurity, subscribe to AUTOCRYPT’s official newsletter.

24 May, 2023 . 5 mins read

How Custom Mobility Solutions Promote Transportation Sustainability

Making transport sustainable has become a global priority as we strive to reduce our carbon footprint and create a more environmentally friendly future. However, sustainability in transportation goes beyond decarbonization, it also necessitates inclusivity and accessibility for all individuals. Unfortunately, the current state of transport often overlooks the needs of people with reduced mobility (PRM), making their everyday journeys challenging and limiting their freedom. This blog will explore the importance of inclusive transport and how custom mobility solutions can help build a sustainable and accessible transportation system for all.

The Challenge of Inclusivity in Public Transport

Public transport forms the backbone of urban mobility, yet it often falls short in terms of inclusivity. People with reduced mobility face numerous obstacles when using public transport, such as inaccessible stations, lack of proper seating, and insufficient accessibility information. These barriers hinder their ability to travel freely and participate fully in society, making routine actions like commuting to work or visiting healthcare facilities unnecessarily complicated.

To address this issue, public transport systems need to be improved with inclusivity in mind. Governments should invest in infrastructure upgrades that include ramps, elevators, and accessible seating at stations and on vehicles. However, accessibility goes beyond infrastructure improvements. To enhance the accessibility of public transport for PRM local authorities will need to ensure clear signage, provide real-time information, and establish customized mobility services.

Harnessing the power of technology in transportation

Technology can be a powerful enabler of inclusive transportation. Embracing technological solutions empowers individuals with disabilities to plan their journeys more efficiently and travel with confidence. One innovative solution that holds great promise is demand-responsive transport (DRT). DRT utilizes advanced algorithms and technology to provide flexible and on-demand transportation services that cater to the specific needs of individuals, including those with reduced mobility. On-demand transportation services specifically tailored to PRM can offer convenient and affordable options. Optimized in the form of mobile applications, DRT platforms can provide real-time information on accessible routes, schedules, and vehicle availability.

DRT systems operate by allowing passengers to request transportation through a mobile app or a centralized call center. The algorithms optimize routes based on real-time demand, picking up passengers from their desired locations and dropping them off at their destinations efficiently. DRT systems can be customized to accommodate various accessibility requirements. For instance, passengers with reduced mobility can request wheelchair-accessible vehicles, ensuring that their specific needs are met during transit. As such, DRT promotes a more inclusive and user-centric transportation experience by integrating various customized features into the technology.

Unlike fixed-route public transport, DRT adapts dynamically to passenger demand. By optimizing routes in real-time, DRT vehicles can efficiently serve passengers across different areas, reducing wait times and providing more efficient routes. This is done by real-time data collection that feeds machine-learning algorithms, constantly improving routing efficiency.

In addition to addressing accessibility concerns, DRT has the potential to offer cost-effective transport solutions. By optimizing vehicle occupancy and pooling multiple passengers traveling in the same direction, DRT can lower individual travel costs compared to traditional private rides. This affordability factor makes it a more sustainable option for everyday commutes, benefiting individuals with reduced mobility who may face financial constraints.

On top of providing customized services to users, DRT can be seamlessly integrated into existing transportation networks, complementing traditional public transport systems. By connecting with buses, trains, and other modes of transport, DRT offers a holistic approach to inclusive mobility, allowing individuals with reduced mobility to transition smoothly between different modes of transportation. Technology-enabled DRT platforms provide real-time information to passengers, including estimated arrival times and vehicle tracking. This information empowers individuals with reduced mobility to plan their journeys, reducing uncertainties and improving overall confidence in using public transport.

Incorporating technology-driven customized DRT transport can revolutionize the way individuals with reduced mobility navigate their cities. By leveraging advanced algorithms, mobile applications, and seamless integration with existing transportation systems, DRT offers a flexible, accessible, and cost-effective solution that caters to the specific needs of all passengers, regardless of their mobility limitations.

DRT in Action – Case Study of 2U Access

AutoCrypt EQ’s 2U Access is a DRT platform created specifically to serve PRM. The platform was created in collaboration with 2U Social Cooperative, a non-profit based in Busan, South Korea. The main purpose of the platform is to make transportation efficient while keeping it accessible and affordable for PRM. Utilizing a dynamic routing system powered by machine learning algorithms, 2U Access ensures that each user’s transportation needs are met at the right place and time. Valuable demographic data such as information on the local spread of people with disabilities, areas with inefficient public transport, barrier zones, and more were used to create and further optimize the service.

In less than 2 years since the launch 2U Access gathered close to 20,000 users, completing over 300,000 rides. A vast amount of data collected during these rides quantifies the benefits delivered to users. Travel time savings and increased convenience were the most significant user benefits. In fact, 18% of 2U Access passengers used the service for work commutes and reported a 20-minute reduction in their commute time. By offering easier commutes 2U Access not only saved the passengers’ valuable time but also enabled PRM to enter the labor market, indirectly delivering public sector benefits. This shows that DRT services not only promote transportation sustainability but also contribute to overall public welfare and economic sustainability.

As we strive for a more inclusive and sustainable transport future, harnessing technology, including innovative solutions like DRT, becomes increasingly important. By embracing these advancements, we can create a transportation ecosystem that breaks down barriers, empowers individuals with reduced mobility and ensures that no one is left behind on the journey toward a more inclusive society.

4 May, 2023 . 2 mins read

AUTOCRYPT Releases Comprehensive Key Management Solution for Automotive Manufacturing

SEOUL, KOREA, May 4, 2023 — Automotive cybersecurity and mobility solutions company AUTOCRYPT released a comprehensive key management solution dedicated to the automotive industry. “AutoCrypt KEY” enables OEMs and suppliers to efficiently manage all types of cryptographic keys used for the components of connected and electric vehicles.

Modern vehicles function through communications, including internal communications between ECUs and application processors, and external connections with nearby vehicles, roadside infrastructure, mobile devices, and charging stations. To ensure that all transmitted data are safely encrypted and all connected components can be securely verified, the use of cryptographic keys is essential in establishing trust between vehicle hardware, users, and services.

Based on a robust key management system (KMS), AutoCrypt KEY provides all the key management features needed for automotive production, including symmetric key, asymmetric key, public key infrastructure (PKI), hardware security module (HSM) key storage, Quantum Random Number Generation (QRNG), encryption, certification, and digital signature. Beyond these features, AUTOCRYPT assists OEMs and tier suppliers in establishing an integrated key management framework across the supply chain, maximizing security and efficiency.

“With more and more advanced systems and components, cybersecurity now begins even prior to the automotive assembly line, with more and more component makers utilizing cryptographic keys in the production process,” said Daniel ES Kim, CEO of AUTOCRYPT. “AutoCrypt KEY guides OEMs and suppliers in establishing a secure and efficient key-based security architecture.”

AutoCrypt KEY was most recently adopted by major manufacturers of battery management systems and ADAS. To complement the solution, AUTOCRYPT provides consulting services to clients on regulatory and standard compliance.

For more information regarding AutoCrypt KEY, contact global@autocrypt.io.

27 April, 2023 . 6 mins read

What Are the Potential Consequences of Cyberattacks on OEMs?

The automotive industry has drastically changed in the past decade becoming increasingly software driven. However, higher reliance on software comes hand in hand with a higher risk of cyberattacks. This is because a more complicated system backend has more potential entryways malicious hackers can exploit. A cyberattack on an OEM can have dire consequences that may affect sensitive company and customer data, disrupt supply chain operations, and tamper with vehicles produced by the OEM. This blog will explore some of the potential consequences of cyberattacks against OEMs.

Data Breaches

One of the biggest cyber threats to an OEM is a data breach. If an OEM’s system is attacked and a data breach occurs, the stored data could be stolen, compromised, or deleted, leading to various adverse effects on both the customers and the OEM.

During a data breach, malicious hackers can steal confidential customer data, such as personal identification numbers (PINs), social security numbers, medical records, and more. This valuable information can either be leaked or posted on the dark web for purchase. In any case, if the customers’ confidential data is exposed, malicious actors can use it to commit fraud, phishing, or an infinite number of other criminal activities. Not all data breaches are targeted toward retrieving customer data. Sometimes cyber criminals may want to access sensitive company information and steal trade secrets or intellectual property. Some breaches are purely destructive, with hackers accessing confidential data only to destroy it.

Data breaches are extremely dangerous as they not only compromise data but also lead to a loss of customer trust in the OEM. On top of that, OEMs may face legal consequences or be fined for negligent cybersecurity practices that can end up costing a fortune.

Sometimes a breach into a company’s system may not be limited to stealing sensitive data. Malicious hackers may encrypt the data and request a ransom in exchange for a decryptor. Ransomware is designed to deny a user or organization access to files on their computer. By encrypting these files and demanding a ransom payment for the decryption key, cyber attackers place organizations in a position where paying the ransom is the easiest way to regain access to their files.

In 2021, Kia Motors America allegedly suffered a ransomware attack, where the hackers requested $20 million to decrypt files and not leak confidential data. During the alleged ransomware attack, the OEM’s portals suffered a system outage. This resulted in the disruption of services where customers and dealerships across the country were unable to access their data. While financial damages were never disclosed, this incident ended up damaging the OEM’s reputation.

A cyberattack on an OEM can cause significant harm to customer data, leading to financial loss, legal consequences, and loss of customer trust. As such, it is crucial for OEMs to invest in robust cybersecurity measures to protect themselves and their customers from potential cyberattacks.

Supply Chain Disruptions

Software plays a critical role in making sure the automotive sector’s supply chain operates efficiently and effectively. A cyberattack on an OEM, or any other company within the supply chain, could disrupt the production of components that are critical to the supply chain. This could lead to delays in operations, holding up the delivery of final products down the supply chain. Delays in the supply chain will ultimately slow down the rollout of vehicles to customers. If this happens, not only does the OEM suffer financial losses, but the company’s reputation will also take a major hit. A similar incident happened in 2022, when a supplier of Toyota suffered a cyberattack. As a result, the OEM had to halt production which ended up slashing production outputs by a third.

The effects of a cyberattack on the supply chain can be disastrous, therefore industry regulations like WP29 and ISO/SAE 21434 hold OEMs accountable for enforcing cybersecurity practices. Meaning that OEMs are obligated to make sure that cybersecurity measures are implemented across every company in the supply chain. This includes monitoring and auditing cybersecurity throughout the supply chain to demonstrate enforcement of the regulations at all times.

OEMs need to encourage cybersecurity measures at the base of all IT operations within the company and throughout the supply chain. Implementing cybersecurity measures is not limited to installing sophisticated cybersecurity software. It also includes utilizing encryption and authentication, as well as educating employees on cybersecurity practices that need to be honored in day-to-day operations.

Vehicle System Disruptions

While supply chain disruptions and data breaches have negative consequences on operations, finances, and company image, a cyberattack on a vehicle can escalate into a life-and-death situation.

Modern vehicles run on around 100 million lines of code which enable many advanced features beloved by customers. Unfortunately, hackers can exploit vulnerabilities in complex vehicle software to gain unauthorized access to in-vehicle systems. We have seen reports of hackers breaking into vehicles using car infotainment systems, key fobs, or Wi-Fi dongles. But hackers can also gain access to a car by attacking the OEM’s server. Hackers can inject malware into a company’s server, which can then spread to the vehicle’s systems via over-the-air software updates or other connections. The malware can then allow them to take control of the vehicle’s functions or steal data.

If the OEM system has remote access capabilities, through cellular or Wi-Fi connections, hackers can attempt to exploit vulnerabilities in these connections to gain access to the vehicle’s systems. This can allow them to remotely control the vehicle’s functions, such as acceleration, braking, and steering. If malicious hackers get access to vehicle control this can wreak havoc on the roads and put millions of lives in danger.

Companies must secure in-vehicle systems and conduct regular security assessments to mitigate the risks of vehicle-targeted cyberattacks. The automotive industry can collaborate with cybersecurity experts to stay on top of vehicle cybersecurity regulations and best practices. This can help the industry get access to effective solutions that address emerging cybersecurity risks. For instance, AutoCrypt IVS specializes in securing in-vehicle systems by protecting the vehicle from external attacks, monitoring communications within the vehicle, and responding to any abnormal activities.

The increasing reliance on software in the automotive industry has created new cybersecurity risks. To address these risks OEMs have to prioritize cybersecurity within the company, across the supply chain, and in every vehicle on the road by developing a comprehensive cybersecurity framework. Ensuring cybersecurity should come in multiple levels. First, OEMs must secure internal IT systems and operations. On the second level, OEMs will need to secure the supply chain and encrypt all communications between partner companies. And lastly, employ in-vehicle security measures that will make sure that vehicles are protected against internal and/or external threats.

4 April, 2023 . 6 mins read

Improving Suburban Mobility with Multi-modal MaaS

In the past decade we have seen an emergence of mobility-as-a-service (MaaS) companies that create and manage their own platforms, aiming to make transportation efficient, easy-to-use, and available for everyone. Mobility-as-a-service provides an integrated transportation experience through a single platform allowing users to plan and pay for their journey seamlessly.

The most common example of MaaS are ride-hailing services like Uber and Lyft. These companies have democratized mobility-as-a-service, combining the entire experience from hailing a cab to paying for your ride into a mobile application. The emergence of ride-hailing also allowed for the spread of a C2C model in mobility, significantly increasing the supply of available transportation options. And due to the asset-light business model of ride-hailing companies it is easy to scale and launch in any country. Impact the likes of Uber and Lyft made on the mobility industry is undeniable, however, this impact is mostly concentrated in bigger cities.

An important characteristic of e-hailing services is its C2C operation model, where for the service to operate efficiently there needs to be an appropriate number of drivers willing to use their personal vehicles to provide rides to users. While this model works well in big cities it is less feasible in suburbs and rural areas that have smaller populations. If there are not enough people providing rides on Uber or Lyft people will not use the app.

It is also important to note that private and shared rides offered by ride-hailing companies are generally much more expensive than public transportation. An experiment conducted in Chicago revealed that the average public transit fare was $2.69, while Lyft and UberX rides averaged $18.13 and $17.90 respectively. This stands to prove that routine ride-hailing is not a very affordable transportation option for a lot of people. Even though ride-hailing comes with its own advantages, there are still limitations to how well it can operate in smaller cities and rural areas.

Increasing mobility coverage in smaller cities

It’s no secret that rural and suburban communities often lack access to reliable and efficient public transportation. Unreliable schedules, shortage of transit options, and lack of ride-hailing service presence significantly reduce the selection of available transportation means for suburban residents. Nonetheless, it is extremely important to connect rural populations with better transit options.

Developing a multi-modal MaaS platform can solve the inefficiency problems in the current suburban public transit system. A multi-modal mobility platform integrates different modes of transport into a single application that generates navigation directions across various transport modes and provides a centralized payment channel. The greatest advantage of multi-modal MaaS is that it provides users with a wide range of transportation options, making it easier for them to choose and combine the most efficient, convenient, and cost-effective one. By combining various modes of transportation such as public transit, ride-sharing, bike-sharing, car-sharing, and more, multi-modal MaaS offers users a seamless and integrated transportation experience that takes them from door-to-door.

For instance, if your commute from point A to point B consists of a bus ride and a 10-minute bike ride, the application will generate detailed directions to your destination, calculate your travel time according to real-time transit schedules and traffic congestion, and allow you to pay for both the bus and bike-sharing fee all on the same platform. Thus, a multi-modal MaaS offers the potential to integrate public transit with other mobility options, creating a higher range of transportation choices for users. By adding more variety into transport supply, a multi-modal mobility platform could transform a relatively inflexible transit system into one that is extremely efficient, cost-effective and easy-to-use.

Customized multi-modal MaaS case study

In 2022, AUTOCRYPT developed a multi-modal transport sharing platform for Jeju Island, a scenic tourist destination off the coast of Korea. The island is notorious for being hard to navigate without a private vehicle. So, the platform was designed to help tourists and locals get around the island without a car. By integrating alternative means of transport, such as electric bikes, electric motorcycles, and electric scooters, to complement public transport, the platform offers users an extended range of transit options, where all services can be accessed and paid for through a single application. The app also included benefits for users in the form of discounted transfer between public transport and micromobility.

Beta testing services began in April 2022, and the platform was officially launched in October of the same year. Operational data collected throughout this period revealed that the platform gained nearly 10,000 account registrations and had over 3,000 active users, serving a total of 10,312 trips. The number of account registrations almost tripled between beta testing and the official launch. The number of trips made via the platform also increased from 1,157 in April to 1,838 in October.

The operational data indicate that both locals and tourists used the platform to navigate the island with ease. Not only has the platform expanded transportation options for users, but it has also opened up new routes to more distant destinations. This is a significant accomplishment as it has allowed people to explore remote areas that would have otherwise remained unvisited, and at the same time helped local businesses in hard-to-access areas gain more customers.

Moreover, the platform collects valuable data that can be used to improve the local mobility infrastructure. For instance, data of frequently used routes can be analyzed to help improve public transit and micromobility availability for these routes. Additionally, operational data can be used to indicate off-peak times, which can be leveraged to introduce dynamic pricing strategies.

A similar platform tailored to unique local needs can be created in any region. Such a platform would help improve suburban mobility and expand transportation options for local populations.

MaaS aims to provide users with a seamless transportation experience, making it easier and more convenient to get around cities. A multi-modal mobility service takes it a step further by offering a range of transport options through a single custom-made platform to provide users with a flexible, integrated, and sustainable transportation system that can improve mobility and enhance the quality of life in any region.

8 March, 2023 . 7 mins read

Software-Defined Vehicles: Tangent Industry Collaboration Opportunities

The lines between the automotive and tech sector are blurring as we approach the age of software-defined vehicles. Modern day vehicles are much more sophisticated than ever before, where hardware and software are intricately intertwined to achieve superior car performance and user experience. And while improving hardware is not new for OEMs, creating advanced software systems is a much tougher task. Automotive system innovations are causing disruptions in the entire industry, affecting manufacturing processes, product management, policies, and more. However, these disruptions are bringing in an array of new opportunities in the sector and its tangent industries.

B2B auto insurance

The way vehicles operate has changed in the past decade, but the insurance policies surrounding our cars have not evolved at the same rate as the technology. There is still no universal framework that decides who is liable for accidents involving software-defined vehicles (SDVs). Yet, current events in the industry are pointing to a shift of liability from individuals to OEMs, especially when autonomous driving is involved. Auto insurance policies have yet to reflect upon industry developments.

Traditional vehicle insurance policies typically cover physical damages resulting from driver-caused accidents. However, as ADAS and autonomous driving becomes more prevalent, the element of human error will gradually decrease, making traditional insurance policies less relevant. In addition, as software improves and cars become safer, revenue from individual insurance sales will also drop. Losses are expected to reach $25 billion, putting auto insurance providers at a risk of bankruptcy. Nevertheless, industry disruptions are creating new opportunities for auto insurance providers, with a significant portion of these opportunities located in the B2B sector. Between 2020 and 2025, new insurance policy revenues are predicted to reach $81 billion , according to a source.

As long as vehicle performance is directly tied to software performance, OEMs will be held accountable for cyberattacks, bugs, and software malfunctions in SDVs. Since the cost of software-caused accidents can have a colossally negative impact on manufacturers they will be looking for ways to offset the losses. Insurance providers will need to adjust to the changes in the industry and create policies that offer coverage for a new set of potential threats for a smaller pool of larger customers. Key opportunities for new policies include cybersecurity insurance, product liability insurance, and infrastructure insurance for OEMs and governments.

In recent years, cyberattacks have become more common and are projected to cost the automotive industry $505 billion. Due to the growing frequency of malicious cyberattacks, governments are enforcing cybersecurity regulations and pushing OEMs to adopt more stringent cybersecurity measures. Data breaches, hacking break-ins, ransomware attacks, and similar incidents are on the rise, and as the number of SDVs continues to increase, these attacks may soon spread into the automotive industry, leading to various negative consequences. One solution to mitigate these risks is for auto insurance policy providers to analyze the most common cyber threats and offer coverage for a new set of cyber risks. This approach can help companies protect themselves and their customers against the costly repercussions of cyberattacks.

In addition to cyberattack insurance, OEMs will also need to insure themselves against product malfunctions. Software is just as crucial to a car’s function as hardware, and failures in either can have devastating consequences. Fiat Chrysler experienced the effects of software issues firsthand when a pair of cybersecurity researchers uncovered a significant vulnerability in the manufacturer’s Jeep Cherokee. The researchers were able to hack into the car’s internal computer network through its Wi-Fi connection, gaining access not only to the car’s entertainment system but also to its engine, transmission, and brakes. The discovery revealed software shortcomings in multiple Chrysler models and eventually led to a recall of 1.4 million vehicles. As a result, the OEM’s stock value dropped by more than 2%. This case shows that software gaps can lead to catastrophic outcomes that could cost companies millions, if not billions. Therefore, manufacturers will need product liability coverage to offset the high stakes of potential software malfunctions.

Vehicles are not the only things getting smarter nowadays. The infrastructure is becoming increasingly reliant on software. Wireless technologies that allow communication between pedestrians (V2P), vehicles (V2V), and the infrastructure (V2X) are crucial for ensuring safety on the roads. But even the infrastructure is not entirely safe from cyber risk. Higher levels of connectivity can create more pathways for malicious hackers to exploit. Infrastructure software malfunctions can disrupt traffic conditions in entire cities, potentially putting people’s safety in jeopardy. Failures in the infrastructure can negatively impact governments, OEMs, drivers, and pedestrians. Hence, the risks should be insured against with appropriate coverage policies.

Vehicle software development and maintenance

The number of electric and software-defined vehicles is rapidly increasing, causing car manufacturers to shift their focus from hardware to software. Most new vehicles on the road are essentially computers on wheels, and like any computer, vehicle software needs to be properly maintained and periodically updated to improve performance. To keep up with this demand, manufacturers will need to expand their software development departments. However, since software-defined vehicles are a relatively new concept, most OEMs still lack the technological expertise to create and maintain advanced vehicle software technologies.

Creating and continuously managing vehicle software will become more challenging as the number of self-driving vehicles grows. Vehicle software management requires specialized technical expertise and large amounts of computing power, which in turn requires substantial financial resources. To keep up with industry trends manufacturers have developing in-house technological capabilities, hiring new personnel, establishing subsidiaries, and even acquiring other companies. While expanding in-house abilities can be a viable plan, OEMs can also embrace collaboration and seek partnerships with software solutions providers. By delegating software development, maintenance, bug fixes, and management to software suppliers, car manufacturers can focus on their core competencies. At the same time, software suppliers can unlock new revenue streams by entering the automotive sector.

An example of such cross-industry collaboration is the partnership between Mercedes-Benz and Nvidia. The two companies are working on a new software architecture for self-driving vehicles that is expected to add upgradable automated driving functions in the OEM’s vehicles. Unique expertise and know-how shared through cross-industry partnerships will positively affect the supply chain and help push the industry further forward.

Cybersecurity by design

As the SDV market expands, cybersecurity is becoming one of the biggest challenges facing the industry. Regulations hold manufacturers fully responsible for ensuring cybersecurity measures throughout the supply chain, which means that the risks associated with cybersecurity incidents are not just limited to a single player in the market.

To ensure vehicle cybersecurity measures are effective, manufacturers need to take a multi-faceted approach. One of the key areas that needs to be addressed is the protection of in-vehicle systems. These systems, which are responsible for controlling various vehicle functions, need to be secured to prevent unauthorized access and tampering. Additionally, manufacturers need to ensure secure charging for electric vehicles, as well as safe infrastructure communications. Each of these measures requires the development of different solutions and management systems, which can be a complex and time-consuming process.

In addition to implementing security software, companies also have to periodically test and update their security systems to keep up with the evolving threat landscape. OEMs will need the help of cybersecurity experts to put all of the cybersecurity measures in place. This creates new market opportunities for B2B partnerships between manufacturers and cybersecurity providers. Automotive cybersecurity solutions providers can advise manufacturers on the required security systems and deliver the necessary cybersecurity software. Various models of software-as-a-service can be offered to the manufacturers. Cybersecurity solutions providers can take on the task of not only developing the security software, but also managing it and performing periodic checks and improvements.

Disruptions caused by the new trends in the automotive sector are creating opportunities for collaboration with tangent industries. To take full advantage of current market opportunities, the automotive industry will need to embrace the culture of collaboration.

To stay informed and updated on the latest news about AUTOCRYPT and mobility tech, subscribe to AUTOCRYPT’s official newsletter.