Category: Blog

22 November, 2021 . 7 mins read

COP26: How We Have Overcome Barriers to EV Adoption

What Happened at COP26?

The 2021 UN Climate Change Conference, better known as COP26, concluded on November 12 after two weeks of negotiations by world leaders in Glasgow, UK.

As a member of the International Transport Forum (ITF) Corporate Partnership Board (CPB), AUTOCRYPT’s Co-Founder and CEO Daniel ES Kim called for climate actions at the ministerial meeting on November 9, collectively with other business leaders on board, emphasizing AUTOCRYPT’s commitment to decarbonizing transport.

AUTOCRYPT’s “Call for Action” at COP26

The resulting agreement signed by nearly 200 nations was a historical one, but was not transformative enough to reverse climate change, as many scientists suggested. Despite a preliminary draft demanding nations to accelerate “the phaseout of coal and subsidies of fossil fuels”, after negotiations, a revised draft tuned down the rhetoric to “the phaseout of unabated coal and inefficient subsidies of fossil fuels”. Still, facing firm objection from China and India, the final agreement was changed to “the phasedown of unabated coal and inefficient subsidies of fossil fuels”.

Implications for the EV Industry

Regardless of the rhetoric, COP26 made an unprecedented emphasis on the criticality of fossil fuel exploitation to the ongoing climate crisis. The agreement specifically demands governments to phase down fossil fuel subsidies. Currently, about half a trillion dollars in subsidies were spent by governments worldwide to lower the price of fossil fuels for consumers, more than triple the amount spent on other renewable energies.

The new agreement will likely pose more pressure on manufacturers and consumers of ICE vehicles, making electric vehicles (EV) more financially appealing to both automotive OEMs and end consumers. But setting aside discussions of money and politics—let us go back to the fundamental question: Are we ready to fully commit to EV adoption?

Are We Ready for EV Adoption?

The short answer is yes. Today’s EV has come a long way from its early days. Since the COVID-19 pandemic, EV sales have grown exponentially, even in regions where government subsidies have been decreasing, showing that consumers no longer need financial incentives to purchase EVs. Most potential buyers in the car market today are seriously considering purchasing EVs.

The booming EV adoption rate is not simply due to increased environmental awareness, nor purchase incentives and tax breaks. It is more so a result of technological advancements in EV design, powertrain, battery, and supply equipment (EVSE), all of which contribute to better overall reliability. Below, we look at how these advancements helped the industry overcome all the barriers to EV adoption.

How Have We Overcome the Barriers to EV Adoption?

1. Range

In the early days of the EV, range anxiety was the biggest concern for all potential buyers. Many feared running out of power prior to reaching their destination. In 2013, the average range of all EVs in the market was about 219 km (136 mi), less than half the travel range of gasoline-powered vehicles, which on average can travel between 450 to 550 km (280 to 342 mi) on a full tank. Given that there were very few public charging stations back then, range anxiety was a real fear for EV owners. Even though 219 km was beyond the distance of most daily commutes, long-haul travels were virtually impossible due to the lack of public charging stations, making it a significant drawback as compared to ICE vehicles. As a result, most early adopters at the time only drove their EV as a second car for traveling within the city.

We are in a different world now. For the past five years, automotive OEMs and suppliers have dedicated large portions of their R&D spending on advancing battery technology and motor efficiency. Thanks to these efforts, the median range for EVs has exceeded 400 km (250 mi) in 2020. Most flagship models made by world-class OEMs can now travel longer than 450 km on a single charge effortlessly, with a few outperformers boosting a range over 600 km (see figure 1).

Figure 1. Longest EV Ranges as of October 2021

Clearly, ICE vehicles no longer have an advantage in range over EVs. This explains why even private taxi operators are now adopting EVs considering that a range of above 400 km is adequate for a full day of operation. By now, the EV industry has largely eradicated range anxiety.

2. Charging Availability

Having a long range was not the only cure to range anxiety. For many frequent travelers, having a charger at home does not help the long-haul overnight trips away from home. In this case, public EV charging stations allow the driver to top up their car during their trip, perhaps anywhere along the way or at the hotel.

The good news is that public charging stations have become very common. As of mid-2021, the United States has roughly 43,000 public charging stations and 120,000 charging ports. To put these numbers in perspective, there are an estimated 150,000 gas stations across the US, meaning that there is now one public EV charging station per every three gas stations. Considering the share of EVs in the automobile market, the number of EV charging stations per vehicle has already far surpassed that of gas stations.

Among the United States, European Union, and China—the three largest EV markets—the US is in fact the worst performer of the three. Looking at the EU, there are reportedly 225,000 public charging ports across the continent (excluding Norway and Turkey), nearly twice that of the US. And in China, there are nearly 924,000 public charging ports registered in mid-2021. Consumers in these well-established EV markets can now make long-haul overnight trips without the need to worry about charging. Moreover, the number of public EV charging stations is expected to grow at an astonishing rate. The EU is planning to establish a network of 1.3 million charging points by 2025, six times the current figure. Compared to gas stations, EV charging stations do not require additional space and are much cheaper and easier to build; most are installed on existing parking lots.

3. Charging Time

Recent developments in EVSE have also shrunk the average EV charging time remarkably. Most home chargers (7 kW) can easily charge a typical EV from empty to full in about eight hours. Fast and rapid chargers found at public charging stations (22 kW fast or 43-50 kW rapid) can fill up an EV in between one to five hours. These are especially common at office buildings, shopping malls, and service plazas near highways, where people can top up their cars for an hour or two while working, shopping, or eating. The fastest rapid chargers today (150kW rapid) can fill up a Tesla Model S in less than an hour and add up to 160 km of range in less than 35 minutes. Nonetheless, these chargers remain relatively rare and are not compatible with all EVs.

For the average consumer, charging time should no longer pose any inconvenience. Expect to charge at home about once or twice a week, while occasionally topping up at public charging stations during longer trips away from home. With a little planning ahead, you should be able to easily blend vehicle charging into your schedule and never need to spend a minute waiting for charging.

4. Charging Complexity

After overcoming all the above EV adoption barriers, the last concern for some potential EV buyers is the perceived complexity in charging. Those who use public charging stations frequently might find it a hassle to keep a handful of membership cards or mobile apps for different charging point operators (CPO).

To simplify this process, AUTOCRYPT is actively working with the EV charging industry to accelerate the application of Plug&Charge (PnC) technology, an advanced charging and payment system that automatically verifies the vehicle when the charger is plugged in, then authenticates the transaction in the backend without the need for any RFID cards or mobile apps.

This verification and authentication process is conducted by AutoCrypt PnC, a secure V2G (vehicle-to-grid) communication interface based on ISO-15118-compliant AutoCrypt PKI technology. By 2023, PnC-enabled charging stations with V2G bi-directional charging will be widely available.

Revolutionize Transport With AUTOCRYPT

Apart from electrification, AUTOCRYPT’s effort in securing Cooperative Intelligent Transport Systems (C-ITS) and autonomous driving will make our roads and traffic smarter, less congested, and more energy-efficient, helping us accelerate our goal towards net zero.

To learn more about AUTOCRYPT’s end-to-end solutions, contact global@autocrypt.io.

To stay informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

2 November, 2021 . 6 mins read

3 Stages of In-Vehicle Security: A Step-By-Step Guide to Vehicular Cybersecurity

Vehicular cybersecurity is now an inseparable component of automobiles. To establish an ecosystem where vehicles can safely connect with the outside world, UNECE’s WP.29 regulations on vehicular cybersecurity require automakers (OEMs) to manage cybersecurity risks at every stage of a vehicle’s lifecycle. This includes 1) pre-production design and development stage, where cybersecurity gets embedded into the supply chain; 2) production stage, where hardware and software components are integrated and tested for interoperability; and 3) post-production stage, where continuous monitoring and timely updates are required to keep the vehicle protected throughout its lifespan.

As a cybersecurity adviser on the International Transport Forum’s Corporate Partnership Board (CPB), AUTOCRYPT has been contributing its expertise in vehicular cybersecurity standardization and policymaking, making the company a specialist in cybersecurity integration and regulatory compliance. Developed to help OEMs integrate cybersecurity with functional safety, AUTOCRYPT’s in-vehicle security solution, AutoCrypt IVS, provides a robust end-to-end security package for all three stages of vehicle production, stretching beyond regulatory requirements.

In this article, we break down AUTOCRYPT’s in-vehicle security process to look at how a vehicle is secured at each stage.

1. Threat Assessment and Remediation Analysis (TARA)

The biggest difference between vehicular cybersecurity and IT cybersecurity is that a vehicle does not run on a host computer, nor a unified operating system. Instead, each vehicle has a unique electronic and electric (E/E) architecture made up of over a hundred electronic control units (ECU), interoperating through the Controller Area Network (CAN bus). This means that there cannot be an off-the-shelf cybersecurity software or tool that is readily installable across all vehicles; instead, in-vehicle security needs to be custom-designed for each vehicle model.

To develop a system and process for a particular vehicle, it is crucial to start by assessing the threats associated with the specific OEM and vehicle model through an engineering methodology called Threat Assessment and Remediation Analysis (TARA). TARA is widely used for the initial assessment of cybersecurity risks, based on a deep analysis of the vehicle’s architecture, followed by a prediction of potential vulnerabilities and entry points. After identifying the risks, security engineers will thoroughly select a pool of necessary countermeasures that can mitigate these specific risks.

During TARA, AUTOCRYPT begins by identifying critical assets within the target vehicle, then compiles a list of attack vectors that hackers could potentially use to access and intrude the system. After that, the level of risk and feasibility of each attack vector is analyzed, before arriving at a final list of threat priorities. These priorities are used to design and develop a security model, where detection engines and software modules get embedded in different parts of the vehicle.

2. Threat Modeling and Security Testing

After initial design and development of the in-vehicle security system, it is then time to conduct a series of tests by simulating real-life hacking scenarios to verify the efficacy of the security model. In this stage, three types of security testing are implemented: vulnerability scanning, fuzz testing, and penetration testing.

Vulnerability Scanning

Unlike threat assessment in TARA, vulnerability scanning requires the physical vehicle prototype with the adopted security model. Both software static testing and dynamic testing are performed. The former checks for errors in the development stage, including leaks and buffer overflows, whereas the latter executes the code to test for vulnerabilities in runtime environments by analyzing the behaviours of dynamic variables.

Fuzz Testing

Fuzz testing, or fuzzing, is a type of automated software testing technique that feeds a large pool of randomly generated invalid and unexpected inputs into the program as an attempt to make it crash or break it through. If a vulnerability a found, a fuzzer can be used to pinpoint the potential causes. Fuzzing is a quick and useful way to identify unexpected coding errors, highly effective at mitigating most automated hacking techniques.

Penetration Testing

Penetration testing is the most advanced and sophisticated test of the three. It requires security analysts and red team hackers to manually search and exploit vulnerabilities using complex hacking techniques such as password cracking and injection, then try to manipulate and exfiltrate data from the vehicle. AUTOCRYPT’s red team, led by experienced resident white hat hacker Dr. Jonghyuk Song, performs penetration testing to vehicle components and security software prior to final implementation, ensuring that no vehicle leaves the factory in a vulnerable state.

After completion of threat modeling and security testing, all errors and vulnerabilities will be corrected and reviewed. Finally, the vehicle will be ready to enter the market.

vehicular cybersecurity diagram
Figure 1. Three Stages of In-Vehicle Security

3. Threat Mitigation

As the vehicle gets passed down to the consumer, the role of cybersecurity does not end here. In fact, this is only the beginning of a long journey of continuous monitoring, prevention, and incident response. At this stage, the security engineering of AutoCrypt IVS works at its best to protect the ECUs by running both an intrusion detection system (IDS) and intrusion protection system (IPS) to block hacking attempts, encrypting all messages to prevent data tampering, and controlling access to all storages to ensure privacy and financial safety. It also monitors the central gateway for any abnormal behaviour throughout the vehicle’s CAN bus and between the vehicle to the external network. Such data is then collected in real-time by the OEM and reported to AutoCrypt vSOC (Vehicle Security Operations Center) for analysis.

Vehicle Security Operations Center

Similar to the SOC in IT security, vSOC brings enterprise threat intelligence to the mobility environment by monitoring the activities and conditions of all active vehicles using live data collected and shared from the OEM’s cloud. AutoCrypt vSOC provides an easy-to-navigate graphical user interface, allowing the OEM to track and analyze threats by region and prioritize updates and patches.

Figure 2. AutoCrypt vSOC GUI for an OEM customer

Vehicular Cybersecurity Made Easy With AUTOCRYPT

Most OEMs do not have the time and capacity to assess, deploy, and manage all three stages of vehicular cybersecurity in-house. Over the past decade, AUTOCRYPT has been filling this gap not only by offering AutoCrypt IVS as a product, but also by designing and developing a complete in-vehicle security solution that OEMs can rely on in the long-run.

To learn more about AUTOCRYPT’s end-to-end solutions, contact global@autocrypt.io.

To stay informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

25 October, 2021 . 6 mins read

Top 6 Cybersecurity Challenges Unique to the Automotive Industry

Cybersecurity is one of the most complex and dynamic fields in the data-driven world, involving a constant battle between hackers and defenders. As internet connectivity reaches every corner of our lives, cybersecurity is now an essential component for automobiles. Yet, many are surprised to find out that cybersecurity in the automotive industry is entirely different from what we are used to encountering in the IT industry, and this means that there are challenges in terms of preparation and prevention. This article takes a closer look at how automotive cybersecurity differs from traditional IT security, with cybersecurity challenges unforeseen in the automotive industry.

1. Massive Scale and Density

As vehicles become increasingly digitalized and connected, many like to draw comparisons between cars and computers, referring to automobiles as “computers on wheels”. However, comparing a car to a computer is not quite fair because a car is, in fact, made up of hundreds of individual computers, which by industry terms are called electronic control units (ECU). The scale of the IT infrastructure in a vehicle resembles that of a small enterprise network, with all the computers, servers, and networking devices densely packed into this metal box. Now imagine having to manage cybersecurity risks for tens of millions of these densely packed “enterprise networks”; a single world-class OEM has between 20 to 100 million active vehicles on the road, a scale never seen in a single corporate IT environment.

Despite this seemingly impossible task, OEMs make cybersecurity scalable by incorporating it into the design and manufacturing stage. Since all vehicles of the same model contain an entirely identical IT infrastructure, they are able to pre-establish cybersecurity measures and embed them into the vehicle parts during the manufacturing stage. This brings us to the next point: type approval.

2. Regulations Requiring Cybersecurity Type Approval

In the IT industry, computer and device manufacturers are not directly responsible for the cybersecurity of their products. It is up to the users, mostly enterprises, to implement cybersecurity tools to protect their network and data. As a result, IT cybersecurity regulations tend to be enforced on enterprise users, not manufacturers. For instance, data privacy laws such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) mandate enterprises to have reasonable security measures to protect the customer data they possess. It is only recently that governments have started to require more transparent reporting from hardware manufacturers due to the latest surge of supply chain attacks.

In contrast, in the automotive industry, since cybersecurity must be deployed during the manufacturing stage, OEMs are directly held accountable for failures in cybersecurity implementation. UNECE’s WP.29 working party was the first to establish a set of regulations that require vehicular cybersecurity type approval, meaning that all vehicles must be assessed and qualified prior to being put on sale. The following diagram illustrates a stage-by-stage comparison of when cybersecurity is implemented between the automotive and the IT industry.

blog image
Cybersecurity Implementation: Automotive Industry vs. IT Industry

3. System Complexity

Besides having greater scale and density, the internal system of a vehicle—referred to as the E/E (electrical and electronic) architecture—is much more complex than that of a computer. With more than 30,000 hardware components moderated by over 100 ECUs, a single vehicle operates on over 100 million lines of code. What makes things more complex is that the in-vehicle system is largely distributed without a universal operating system; as each ECU serves a unique purpose, every one of them is crucial to a car’s functionality. For instance, some ECUs are paired with sensors and actuators. Some are paired with the powertrain. The ECU that provides wireless connectivity is called the telematics control unit (TCU)—or on-board unit (OBU)—overseeing communications between the vehicle and the outside world.

Given that the ECUs are highly sophisticated minicomputers, they are often manufactured by different third-party suppliers that specialize in their own field of expertise. This means that to implement cybersecurity throughout the vehicle, OEMs need to work with both cybersecurity providers and ECU manufacturers to ensure that all needs are aligned and all components interoperable. An example of such multi-party collaboration is demonstrated when AUTOCRYPT partnered with ECU manufacturer NXP Semiconductors to embed its AutoCrypt V2X software development kit (SDK) into NXP’s OBUs. The secured chipsets are then able to be delivered to OEMs for assembly.

As vehicles become more and more sophisticated, the industry is now looking for ways to group the ECUs by their domains of service and slowly work towards a more centralized vehicle system that is easier to assemble and manage, transforming the multi-tier supply chain into a more horizontal supply line.

4. Long Lifespan

Having covered the differences in the manufacturing process, it is now time to look at how car consumers differ from electronics consumers. With increasingly efficient engines, advanced mechanics, and precise quality control systems, vehicles now last longer than ever. As a result, more and more consumers are keeping their cars for longer, with the average age of vehicles on US roads reaching a record 12.1 years in 2020. This is three times the average age of computers in the US.

This might be good news to the consumers. Yet, long-lasting cars pose a new challenge to OEMs as they need to spend more effort into managing software updates for each car model to ensure that they are free of security vulnerabilities. More active vehicles on the road also put more strain on the Vehicle Security Operation Center (vSOC), which needs to constantly monitor all vehicle systems in real-time.

5. Scattered Locations

Speaking of vehicle monitoring, we need to talk about the unique challenges that the vSOC faces as compared to the SOC of an enterprise network. The computers and servers in a company do not move, hence it is easy for the cybersecurity team to monitor suspicious activities at all times and respond to threats immediately. On the other hand, vehicles move around constantly across cities and even countries. Oftentimes, they will enter zones without internet connectivity, making it difficult for the vSOC to detect and respond to threats due to delays in data transfer.

6. Damage Severity and Recovery

Lastly, in case a cyberattack happens, an enterprise will most likely lose sensitive data and experience operation disruptions. However, a successful cyberattack against a vehicle system not only puts data at risk, but the personal safety of the passengers and all those others on the road. Patching vulnerabilities is also more complex in the automotive industry because the OEM needs to work with different Tier 1 suppliers and cybersecurity providers to ensure smooth updates.

How AUTOCRYPT Overcomes Automotive Cybersecurity Challenges

What sets AUTOCRYPT apart from other automotive cybersecurity providers is its capability to offer a complete set of end-to-end solutions that help OEMs overcome all aspects of cybersecurity challenges throughout the vehicle. From securing in-vehicle systems and V2X communications, to EV charging and fleet management, AUTOCRYPT eliminates the complexity of searching for a different provider for each problem, making it a completely personalized experience for each client.

To learn more about AUTOCRYPT’s end-to-end solutions, contact global@autocrypt.io.

To stay informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

13 September, 2021 . 5 mins read

What Are Over-the-Air (OTA) Car Updates and Why Are They Important to Security?

Just like how IT software and operating systems receive regular updates from their vendors, vehicles receive software updates from their manufacturers. Software updates are an integral part of the overall user experience as they contain important feature enhancements and crucial security patches. Traditionally, software updates are performed in person at service centers. But as cars become increasingly connected today, OEMs are trying a new approach by sending and installing software updates over the air (the Internet) to the cars directly—the same way that smartphones and computers receive updates. Such software updates are called Over-the-Air (OTA) Car Updates.

The Software-Oriented Car: Skyrocketing Software Compliants and Recalls

Many car owners tend to believe that software only exists in a car’s infotainment system and thus downplay the importance of software maintenance. This might have been the case a few decades ago, but a modern vehicle today contains many more software components than it seems. With more than a hundred electronic control units (ECU) equipped in an average car, almost every function is either controlled or monitored by software. For instance, ECUs are built into the powertrain to run features like advanced driver-assistance systems (ADAS) and to monitor turning angles and road conditions to allow for on-demand all-wheel drive and traction control.

Having more software means more software issues. In the mid-2010s, OEMs saw a drastic increase in the number of emergency recalls with regards to software flaws and errors, with the percentage of software-related recalls reaching 46% in 2016. Timely recall is especially important for software parts that are crucial to safety. For example, Mercedes-Benz USA recalled 41,838 of its SUVs in the North American market in early 2021 due to a software error in its Electronic Stability Program, a feature that applies a twisting force to one of the car’s front wheels so that the car pulls itself towards the turning direction during sharp turns to maintain stability and comfort. Clearly, a malfunction in this feature could lead to an unexpected twisting force and potentially cause crashes.

The Growing Importance of OTA Car Updates

Even without major flaws or errors, both hardware and software components need to be maintained and updated regularly during a car’s lifespan. Normally, car owners visit the service center at least once a year to get their scheduled hardware maintenance and software updates. However, as software features become increasingly sophisticated, more frequent updates are required. Having to install software updates at service centers is not only inconvenient for the owners, but also highly costly for the OEMs due to the tremendous labour needed. Additionally, many car owners neglect software updates altogether and put themselves in the danger of outdated software that is not just slow and inefficient, but also prone to cyberattacks.

OTA car updates solve all the above problems by eliminating the need for software-related recalls and make software updates easy and seamless. OEMs simply send the updates and patches over the internet so that the cars can download and install them on their own.

OTA car updates are commonly applied to two major types of systems within a vehicle: drive control and infotainment. Updates in drive control systems include feature upgrades and security patches related to the ADAS, powertrain, and chassis. Updates in the infotainment system include map updates and application enhancements. Even though the infotainment system does not directly affect driving, it is still a crucial component that must be updated and secured as it contains sensitive personal data.

Another important role of OTA updates is that they keep vehicles from depreciating. Since modern vehicles are essentially computers on wheels, they depreciate much faster than conventional vehicles. Without regular updates, software-enabled features can deteriorate and become slow and unusable after a few years. OTA updates prevent this from happening and keep the onboard experience new and fresh.

How Do OTA Updates Work?

To enable OTA updates, cars must be equipped with a telematics control unit (TCU), which is a piece of hardware that contains a mobile communication interface (e.g., LTE, 5G) and a memory to store driving and vehicle data. The TCU must also be able to recover data in case if an update needs to be removed. Whenever an update is available, the OEM delivers the software package to its vehicles from a cloud-based server.

The first OEM to successfully perform OTA updates was Tesla. Other manufacturers like GM and Ford quickly followed. Being able to deliver OTA updates is especially crucial for electric vehicle manufacturers because it allows them to introduce their vehicles to the market as early as possible to gain an early advantage, while working on quality assurance and improvements after they are sold.

How Secure Are OTA Updates?

We now know that OTA updates are essential to keeping vehicle software up-to-date and secure, but the next question to consider is—are OTA updates secure? Giving vehicles wireless internet connectivity has a lot of benefits, but also creates a new world of opportunities for hackers. Attackers could attempt to corrupt the software update kits with malware and enter the vehicle system to steal personal data or even take physical control.

To prevent this risk, not only must OEMs make sure that their vehicle connections are secured, but more and more regulatory bodies are mandating vehicular cybersecurity. Recent releases of the WP.29 regulation now require cybersecurity type approval for all new connected vehicles.

To fill in this gap, AutoCrypt IVS provides an in-vehicle security solution that protects the vehicle’s internal systems from cyber threats, enabling secure communication between the vehicle’s onboard units and the cloud. With AutoCrypt IVS, both OEMs and car owners can rest assured that their OTA updates are original and protected. Apart from blocking malicious traffic from entering the vehicle, it constantly monitors communications within the vehicle for any abnormal activities.

 

To stay informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

31 August, 2021 . 4 mins read

Barriers to Autonomous Vehicle Adoption

Autonomous driving has been a futuristic technology we’ve seen in entertainment for decades. In the 2020s, self-driving seems like it is becoming a tangible reality, with manufacturers like Tesla releasing Full-Self Driving (FSD) mode, and other manufacturers eager to follow suit. While manufacturers have quite a way to go before achieving high or full automation (level 4 and 5, respectively, according to the SAE levels of vehicle autonomy), the bigger problem is that though manufacturers may be hard at work developing autonomous technology for future self-driving vehicles, there are still many factors to consider before fully overcoming the barriers to adoption of autonomous vehicles. Here are just a few of these challenges we look through in our blog today.  

1. Technology

There are a variety of factors why we haven’t seen more autonomous vehicles on our roads – technology is one of them. As previously mentioned, though manufacturers may tout “autonomous tech,” it’s still more of a marketing term, rather than technologically reliable. For example, autonomous vehicles rely on sensors like Lidar, Radar, and cameras. These technologies help the car navigate the environment around them, and they should be able to detect buildings, other vehicles, road infrastructure (think traffic signals and road signs) and most importantly, pedestrians. Sensors have to “see” in order to do all of this properly: whether it’s in inclement weather conditions, or in congested urban areas. While the available sensors are continuing to make great advancements in ensuring safety in autonomous driving, we have to ask ourselves what is the level of certainty we require and the level of risk we’re willing to allow.  

2. Public acceptance

In addition to the technology development, there is the issue of acceptance within society. While the majority of the population enjoys seeing futuristic technology on the big screen, it is an entirely different matter when it comes to personal usage. There is still resistance and distrust when it comes to self-driving cars. The Partners for Automated Vehicle Education (PAVE) found that 3 in 4 Americans say that they don’t think autonomous vehicle technology is ready to be mainstream. 48% said that they would never use a self-driving ride service, and 20% believed that AVs will never be safe. This was a 2020 poll, but polls in previous years have shown similar skepticism, and it looks like this attitude might be here to stay unless some major changes occur.  

3. Security

One reason that the public is still wary of autonomous vehicles may be that they don’t fully trust the security of AVs. More connected than its traditional counterparts, an AV is essentially a smartphone on wheels, which means that it is at risk of breaches unless a proper cybersecurity management system protocol is in place. There isn’t a one-stop solution to having a proper cybersecurity management system, but the ISO/SAE 21434 risk assessment system is a good place to start.  

Fortunately, manufacturers will soon be mandated to have a proper cybersecurity system in place. Starting in July 2022, new vehicle models will be required to get cybersecurity type approval for the model before it is allowed to be put on the market.  

4. Standardization and regulations

Ultimately, many of our aforementioned barriers to adoption can be improved upon when there are wider, universal standards put into place by regulators. For example, the UNECE’s WP.29 regulations for cybersecurity will mandate in-vehicle security for new vehicle models next year, and all vehicle models by 2024. With this kind of overarching, nearly-universal regulation in place, the public’s acceptance of connected and autonomous vehicles will continue to grow.  

An added example is the recently published ISO 22737, the first international safety standard for Level 4 automated driving systems. These types of standards help us to have more trust for safety and security, addressing the minimum requirements for technology systems, that previously were unclear.  

Conclusion

Unfortunately, AV adoption isn’t as simple as making a fully autonomous vehicle and putting it on the road. To overcome the various barriers to adoption, many factors need to work hand-in-hand to ensure not only that the vehicles do what they’re supposed to do, but also other societal infrastructure is on the same page. Standards will help move this process along, and we will be sure to keep you updated on the latest standardizations that are developed to keep our vehicles and mobility services secure.  

For more information about our vehicle security solutions, visit www.autocrypt.io/solutions  

24 August, 2021 . 6 mins read

How Do Automotive OEMs Transition to Electric Vehicle Manufacturing?

Due to growing customer demand and tightening carbon emission quotas, nearly all automotive manufacturers today are undergoing a significant transition from producing ICE and hybrid vehicles to electric vehicle manufacturing, specifically battery-electric vehicles. Last month, Volkswagen Group announced its NEW AUTO strategy, a long-term plan that projected electric vehicles to make up 50% of the group’s total sales by 2030 and 100% by 2040. Earlier in the year, Hyundai Motor Group also unveiled its plan to increase its EV portfolio from the current eight models to 23 models by 2025. Other OEMs such as GM, Mercedes-Benz, BMW, and Volvo all have ambitious plans to increase their EV portfolio and grab as many early adopters as possible in this booming industry.

Will Traditional OEMs Dominate Electric Vehicle Manufacturing?

Many tend to take it for granted that traditional major OEMs will naturally take over all electric vehicle productions. This is a fair assumption because the automotive industry has always had extremely high entry barriers due to the economies of scale—an absolute advantage firmly held by large global OEMs. While producing one vehicle might cost millions, producing 100,000 vehicles reduces the per-unit expense down to the thousands.

However, the above assumption has a major flaw; that is, it underestimates how different EV production is compared to producing ICE vehicles. When making a new model of a hybrid vehicle, the manufacturer can still use the existing frame, design, and powertrain of its gasoline-powered siblings, with only some modifications needed to the original assembly plant. On the other hand, to build a battery-electric vehicle, OEMs need to start from scratch and consider a whole different set of problems when designing the frame and the powertrain, such as how to best fit the batteries at the base. As a result, OEMs cannot take advantage of their existing ICE-vehicle assembly lines to make EVs, and hence lose the economies-of-scale advantage.

In fact, despite a vibrant automotive industry, these traditional OEMs are facing their biggest threats in decades, if not ever. Tesla has proven that a startup with no experience in car manufacturing can rise to become a market leader in the EV industry. Over the past few years, countless startups and even tech giants like Apple and Sony are all trying to gain a foothold in the market.

Nevertheless, despite losing their absolute advantage, traditional OEMs still have a better chance of winning the EV race as they have pre-established brands that are well recognized and trusted by consumers. Therefore, OEMs should take advantage of their beloved brands to make a smooth and bold transition into the EV game.

Brownfield vs. Greenfield: Two Strategies for Electric Vehicle Manufacturing

To start manufacturing electric vehicles, the first big decision that traditional OEMs face is whether to adopt the brownfield or greenfield strategy. OEMs that choose the brownfield strategy need to do a significant overhaul to their existing ICE-vehicle assembly line to accommodate an EV assembly line. This strategy is commonly adopted by an OEM at its early stages of the EV transition, when it does not expect high sales in the short run. However, adopting the brownfield strategy also means that the OEM must abandon some of their existing ICE-vehicle lineups to create rooms for EV production. The more EVs produced, the more ICE-vehicle sales it needs to sacrifice.

Another alternative is to adopt the greenfield strategy. That is, to establish new facilities and plants dedicated specifically to electric vehicle manufacturing. Doing so requires significant investment, and whoever has the most cash has the greatest advantage to begin with. By adopting this strategy, OEMs put themselves side by side with new market entrants like startups and tech firms.

What Advantages Do Traditional OEMs Have?

During this transition period, it is almost certain that some of the traditional OEMs will lose the race to new market entrants. However, traditional OEMs do still have certain advantages over startups and tech firms. First, their experience and knowledge in the E/E (electrical and electronic) architecture mean that it takes less time for them to design and develop new vehicle models. Moreover, the pre-established quality assurance system also ensures that their vehicles will be more reliable overall than those built by new market entrants. Additionally, the suppliers are evolving with the OEMs. Large tier 1 suppliers like Bosch and Magna are now providing EV parts and solutions, meaning OEMs with existing supply chains can save time and cost in looking for new suppliers.

However, traditional OEMs must be aware that these advantages are not as significant as the absolute advantage they used to have. Therefore, to establish a firm foothold in the new EV market, OEMs must utilize these advantages in an efficient way as early as possible.

New Considerations in Electric Vehicle Manufacturing

Amid the fierce competition, OEMs must also consider a wide range of new challenges in the EV manufacturing process. Most of these are related to charging and range. How far can the car travel on a full charge? How long does it take for a full charge? How many charging stations are available in a certain area? Can the power grid accommodate all charging needs during peak times?

To solve these problems, OEMs, charger manufacturers, charging point operators (CPO), and mobility operators are working towards a new solution that makes EV charging smart and seamless. Utilizing the vehicle-to-grid (V2G) communication interface, Plug&Charge (PnC) is an EV charging technology outlined by ISO 15118 to allow bidirectional charging with a seamless user identification and payment process. Plug&Charge infrastructure allows the driver to plug in their car at any charging station without the need to carry membership cards and credit cards.

To integrate Plug&Charge technology, OEMs must ensure that their vehicles have the security measures to allow the safe transmission of vehicle and payment data. This is AUTOCRYPT’s role as a cybersecurity supplier. AutoCrypt PnC secures the Plug&Charge process using a PKI-based security system made by cutting-edge encryption and authentication technology.

As the above example shows, electric vehicle manufacturing requires the collaborative work of a wide range of different parties extending into infrastructure providers and cybersecurity firms. OEMs that are willing to adapt to these changes have a greater chance of succeeding in this new market. To stay informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.