Author: Esther Jeohn

6 March, 2025 . 7 mins read

Taking Charge with the Transition to SDVs: Autocrypt’s presence in Europe, an interview with Joohwa Sarah Lee

The automotive industry is going through a period of transformation: with electrification, automation, and software becoming the stars of the show, the traditional automotive industry in Europe has been through the ups and downs of trying to keep up with the Joneses. Established car manufacturers have realized that to navigate the transformations, quickly implementing and introducing new technologies to build innovative business models will be key.  

joohwa sarah lee autocrypt svp
Joohwa Sarah Lee, SVP of AutoCrypt Technologies GmbH

Anticipating these changes, Autocrypt established its European subsidiary back in 2021, and has been working with its European partners and customers to ensure that new innovations go hand-in-hand with secure, resilient environments. And as we head into 2025, we sat down with Joohwa Sarah Lee, who leads Autocrypt’s European business, to discuss the current landscape in Europe, Autocrypt’s strategies, and what we can expect moving forward.

Q: Sarah, could you tell us a bit about yourself, and what you do? 

Hello – I’m Joohwa Sarah Lee, SVP at Autocrypt Technologies. I’ve been in the automotive space for nearly two decades now, first as an R&D engineer at a major German automotive manufacturer, gaining extensive experience in vehicle thermal management systems, HVAC and battery systems.  

My background is in mechanical engineering and computational science engineering (CSE), but I’ve really enjoyed being a part of all areas of the automotive business, from open innovation to even tech scouting, collaborating with internal development departments. At Autocrypt, I’ve been working with creating innovative partnerships with manufacturers and suppliers, and especially highlighting to them the importance of regulatory compliance in the current automotive landscape. 

Q: Wow, your experience is quite extensive in the automotive industry – what got you interested in this industry in the first place? 

I’ve always been interested in cars, even as a child. I remember as a child growing up in Korea, I saw a Ferrari F50 for the first time – its lines and color were so striking, it’s embedded in my memory. When I was trying to figure out what to study at university I vacillated for a while between automotive design and Engineering. I’m glad I chose the latter, but even more glad that engineering brought me to work in the automotive industry. Though I’m interested in a lot of different areas, be it engineering or business or recruiting, I don’t believe I’ll ever stray from the automotive sector. 

Q: You’ve had quite a career in the automotive sector: What would you say has been the biggest change you’ve seen in the industry? 

The transition from internal combustion engines (ICE) to electric vehicles has most likely been the biggest change in the history of the industry. I’m based in Germany, and this is a country where until the mid-2010s, the country’s ICE technology was world-class due to its decadeslong history in engine research and innovation. German manufacturers have been slower to adopt EV technology, which allowed for other competitors to push their way into the market. Despite those challenges, though, the European market remains one of the largest and most important, so it’s exciting to see governments looking to boost innovation through policy and regulatory support. This will play a crucial role in keeping Europe’s automotive leadership alive.  

Q: What is the biggest challenges facing the industry as we move forward? 

Along with electrification, the transition from traditional architecture to software-driven vehicles is going to be a challenge for legacy manufacturers, compared to the newer EV manufacturers. The shift from a distributed structure to domain and zonal architecture requires a lot of research, time, and human resources. While a lot of OEMs agree that transitioning to SDVs is the right move, it’s difficult to change architectures that they have maintained for decades.  

Q: So what can they do? 

Ultimately, SDVs are the right move, but we have to talk numbers. With SDVs, manufacturers can definitely expect higher profitability. Take Tesla, for example. They achieved a 22% operational profit margin in 2022 through their subscription models such as FSD. Vehicle and user apps and APIs have become a critical factor when it comes to consumer purchasing decisions – a McKinsey report said that 50% of EV buyers said that they consider connectivity features a major priority when it comes to a new vehicle purchase.  

SDVs also contribute to cost savings in development. Simulations and virtual testing not only cost less, they are much more efficient in terms of development and prototyping. Furthermore, after SOP, software updates will be far less costly than a hardware change. Ultimately, SDVs aren’t just a technological trend but will be an essential strategy for manufacturers in the current era of autonomous and electric vehicles.  

Q: How have you seeing the growing importance of security in the automotive industry? 

The demand for security is rapidly increasing, which is why I saw joining Autocrypt as a major opportunity. Automotive security will be in demand, more than ever, as software-defined vehicles become the norm. This isn’t just in Korea or Europe, it’s a global phenomenon. A good example is the Indian market, where the AIS-189 regulation will be implemented as of October 2027. The regulation is based on UNR-155, and similarly requires a cybersecurity management system. This means that Indian OEMs and parts suppliers are urgently demanding security testing solutions, especially in the area of PKI. This is really exciting for me, as we really get to open doors to collaborating with different manufacturers and suppliers all over the world.  

Q: What’s the next step for AUTOCRYPT in Europe (and maybe beyond)?

Europe was and continues to be a key player in the global automotive market. We’ll definitely focus on strengthening our partnerships with European OEMs and Tier-1 suppliers, and continue establishing our reputation as a leading player in vehicle cybersecurity. AUTOCRYPT has decades of experience in securing vehicles, and that puts us in the perfect place to address the unique challenges posed by the transition to SDVs. 

But the automotive market isn’t limited to a single region. As vehicles are manufactured and sold to other regions, there’s going to be more and more hoops that manufacturers and suppliers need to jump through. I’m looking forward to guiding our partners and customers through regulation compliance and providing the necessary approvals and systems in place to make it an efficient and seamless process.  

Q: Any final thoughts? 

There’s a lot of changes in the automotive market right now. Vehicle software, artificial intelligence, and cybersecurity will be at the core of this new era and it’s critical for manufacturers to begin implementing some changes. Companies equipped with solutions to deal with changes (whether technological, regulatory, etc.) will have a significant edge in addressing the growing demand from consumers and regulatory bodies for advanced, intelligent automobiles.  

We’ll continue to see amazing changes in the next few years, and as the European (and global) automotive industry transitions to SDVs, AUTOCRYPT already has developed many of the solutions that are or will be required for the new market. Leveraging these capabilities and expanding our business opportunities is my goal, and I’m optimistic about our future here! 

Many thanks to Joohwa Sarah Lee for the interview. For more insights, follow her on her personal Linkedin page.

16 August, 2022 . 5 mins read

Spotlight: Vehicle Hacking at DEF CON 30

In this blog, we’ll be highlighting our Security Validation Department, who made the trip to Los Angeles to present on Ethernet and Blackbox fuzzing and participate in the annual hacking festivities. Have an insider’s look at our team, led by Dr. Jonghyuk Song, and how this group of ethical hackers are striving to make connected and autonomous driving safer for us all.

Las Vegas is a long way from Yeouido. An island sitting on the Han River in Seoul, Korea, Yeouido is often referred to as the “Manhattan” of Seoul. It’s home to many a bank and investment firm, as well as the country’s National Assembly Hall. It is a far cry from the Las Vegas strip, but last week the two collided as seven members of AUTOCRYPT’s Security Validation Department, led by Dr. Jonghyuk Song, AUTOCRYPT’s Chief Security Research Officer and Head of Security Validation, spent their week at DEF CON 30.

The annual hacking and security conference hosts tens of thousands of visitors each year and the schedule is jam-packed with presentations and workshops. However, unlike other expos or events, DEF CON is unique in the sense that it is divided into “villages” that host a variety of events and contests dedicated to hacking and pushing the boundaries of what it means to be “secure” in the connected space. Some of the most well-known villages include Aerospace Village, Car Hacking Village, Biohacking, Physical Security and even Social Engineering Village.

While the idea of hundreds of hackers and hacktivists congregating in Vegas and the aforementioned villages may seem like a recipe for disaster, in reality it’s the opposite. Hacking events, especially like DEF CON, attract hackers who are passionate about these industries, and contests allow both hackers and industries associated with these villages to be able to see vulnerabilities within existing technology.

Visitors at DEF CON 30 can participate in a number of activities, including physical security engineering.

One of the members, Donghyeon Jeong, who attended DEF CON for the first time ever, remarked, “Unlike what the general public may believe, hacking isn’t something that’s done alone or without careful planning and logic. There’s lots of advanced equipment required, and some teams have up to 20 people working on different elements simultaneously. Your team has to work together to prioritize problems and solve the problems strategically, depending on the level of difficulty.” The AUTOCRYPT team placed fifth at this year’s Capture the Flag (CTF) contest in the car-hacking village, and tasks consisted of a wide range of problems like ECU hardware-related issues, virtual environment operations, Bluetooth hacking, and firmware reverse engineering.

AUTOCRYPT’s team at work in the Car Hacking Village CTF. AUTOCRYPT came in fifth at this year’s event.

Dr. Song, a many-time participant in the CTF competitions as well as presenter for advanced hacking methods, says that he believes that hacker conventions like DEF CON are crucial to the advancement of secure technology for autonomous driving. “Hacking is just like other technologies where advanced methods are always in development, and coming to these events allows us to see firsthand how to deal with new attacks and also share new strategies we’ve come across in our own work. More and more we see the crossover between hackers and the industries that they are trying to hack as companies are beginning to recognize that the best defense is actually a smart, strategic offense. In fact, you’ll see quite a few recruiters at these events looking to hire an in-house security expert or even just an ethical hacker to test their defense systems.”

And while the competitions are a large part of the event, there are a multitude of presentations that speak more directly to visitors and participants regarding hacking techniques. Dr. Song with AUTOCRYPT’s Soohwan Oh, Jeongho Yang, and Woongjo Choi, presented on automotive ethernet fuzzing as well as black box fuzzing of UDS CAN. Dr. Song stated that he believes that presenting on automotive hacking is especially important, as more and more connectivity is moving outside the traditional IT system. “The last thing you would want to happen is for someone to tamper with a connected vehicle on the move, which could ultimately affect human lives. Showcasing how we hack into systems allows manufacturers and suppliers to take a second look at their own security architecture before drivers and passengers get in the car.”

“It’s important to note that car hacking isn’t the end all be all. Just as we moved on from traditional IT to connected IoT, I think hacking will continue to evolve into other parts of the mobility ecosystem. EV chargers, Fleet Management Systems and mobility services – they will all continue to require white hats like us to monitor and test them, so that everyone can enjoy them without worrying about the vulnerabilities or risks involved,” said Donghyeon Jang.

Check back on our blog for more Spotlight pieces, as we continue to travel around the globe to new events and exhibitions exploring automotive tech and security. To subscribe to our newsletter, visit here.