Tag: ivs

9 June, 2025 . 5 mins read

Global Commercialization of Robotaxis

As consumer attitudes shift in favor of intelligent, software-powered vehicles, there has been a rapid global commercialization of mobility transportation services developed by mobility platform operators. Several autonomous mobility services have emerged, each with their distinct technological, regulatory, and economic profiles.  

Among these services, robotaxi commercialization is proceeding faster than that of other autonomous mobility services due to a convergence of regulatory flexibility, scalable profitability models, and accelerated technological innovation. This momentum is further fueled by growing public expectations that robotaxis will emerge as a mainstream urban mobility solution, offering a cost-effective alternative to both traditional taxis and privately owned vehicles.  

At the same time, cybersecurity concerns have surfaced around autonomous robotaxi fleets, as a single vulnerability could potentially impact multiple vehicles and pose serious risks to public safety. This article aims to showcase the current status surrounding robotaxi commercialization and emphasize the importance of maintaining safe cybersecurity measures as robotaxis permeate more into everyday life.  

Robotaxi Service Development by Region  

Across the robotaxi ecosystem, service development among mobility providers spans multiple stages ranging from trials and pilots to commercial operations and mass deployment. Regional regulatory environments have been playing a critical role in shaping business strategies, with service providers typically expanding globally following proven success in their domestic markets. 

Regulatory Environment of Robotaxis by Region

Among the more regulatory-open regions are China, Dubai, Abu Dhabi and the United States, where governments have actively introduced dedicated frameworks and launched national initiatives to support the commercialization of autonomous robotaxis. Companies such as Baidu, Pony.ai and WeRide have expanded their presence in these markets through strategic partnerships with local taxi operators and public agencies.  

Meanwhile, countries such as Japan and South Korea have adopted a more measured approach to autonomous driving regulation, with services providers such as Avride, TIER IV and Motional conducting pilot programs in designated areas as they work toward full-scale commercialization. 

Global Robotaxi Commercialization Trends  

Observing the activities of global robotaxi service providers across key cities, several emerging patterns in commercialization efforts can be derived. 

First, major operators are actively expanding into the United Arab Emirates (UAE), signaling the region’s growing openness to autonomous mobility. WeRide and Uber launched their first international robotaxi service in Abu Dhabi in December 2024, and extended their partnership to Dubai in April 2025, with the goal of integrating robotaxis into the city’s transportation network. Baidu has also partnered with UAE-based Autogo, targeting the start of commercial operations in Abu Dhabi by 2026, with pilot trials expected in Dubai within 2025.   

Second, the global autonomous vehicle industry is increasingly defined by a two-track development model – China emerging as a leading hub for commercial deployment, and the United States serving as a focal point for research and development. AutoX, headquartered in San Jose, California, launched its Level 4 driverless robotaxi service to the public in Shenzhen, China in 2021. Similarly, Pony.ai operates dual headquarters in the US and China, with large-scale robotaxi fleets running in cities like Beijing and Guangzhou, while pilot programs continue in California cities such as Fremont and Irvine.

Third, US-based companies are steadily expanding robotaxi operations across state lines, navigating a fragmented regulatory landscape in the absence of a unified regulatory framework. As of May 2025, Waymo provides over 250,000 paid driverless rides per week across cities including San Francisco, Los Angeles, Austin, Phoenix and Austin, with plans to enter new markets such as Atlanta, Miami and Washington, D.C.  by 2026. Meanwhile, Tesla is preparing to launch its robotaxi service in Austin in June 2025, with expectations that the service expand to additional cities once operational stability is achieved.  

Cybersecurity Concerns around Robotaxis  

While autonomous robotaxis hold significant promise for improving urban mobility through enhanced convenience and accessibility, cybersecurity risks remain a critical concern. Although no confirmed cases of malicious hacking specifically targeting autonomous robotaxis have been reported to date, incidents involving software malfunctions have nonetheless heightened public unease around the reliability of these systems.   

This growing apprehension is reflected in the ‘Electric Vehicle Intelligence Report (EVIR) 2025 May Edition’ where 71% of respondents showed reluctance to riding a robotaxi. Among the key concerns regarding robotaxi rides, 28% of respondents cited safety issues related to robotaxi use, while 18% expressed worry about over-reliance on sensors. 

Public Concerns Around Robotaxi Safety, EVIR Survey

Unlike privately owned autonomous vehicles, cyberthreats to robotaxis carry heavy significance as a vulnerability in one model or system could potentially affect the city-wide transportation systems connected with internal and external data streams. As these services scale, it becomes vital to implement robust, end-to-end cybersecurity measures to ensure the safety of the vehicles, passengers and ultimately the entire mobility ecosystem.

Autocrypt’s Technical Expertise  

Through a multi-layered approach that integrates advanced technologies, regulatory compliance, and industry collaboration, Autocrypt is well positioned to address the cybersecurity challenges associated with public mobility services.  

With solutions spanning the entire autonomous ecosystem – from securing V2X communication security with AutoCrypt V2X, to safe-guarding in-vehicle security systems through AutoCrypt IVS, and overseeing operational data from AutoCrypt FMS – potential risks around mobility services can be prevented beforehand, enhancing the overall safety of connected mobility environments.  

As the rapid advancement of robotaxi services marks a pivotal step toward the integration of autonomous vehicles into mainstream mobility networks, it is critical to raise cybersecurity awareness and implement preventive safeguards. Doing so will be essential to ensuring public trust and unlocking the full potential of autonomous mobility. 

To learn more about the latest news on mobility tech and software-defined vehicles, read our blog for more technology insights or subscribe to AUTOCRYPT’s monthly newsletter. 

18 December, 2023 . 2 mins read

AUTOCRYPT Releases Polarion-Based Cybersecurity TARA Template for the Automotive Industry

SEOUL, KOREA, Dec. 18, 2023 — Automotive cybersecurity company AUTOCRYPT recently announced the release of “TARA Template for Automotive,” a project management tool for conducting Threat Analysis and Risk Assessment (TARA), a process crucial to the development and maintenance of automotive software. The cybersecurity tool is now available as an extension on Siemens’ Polarion ALM application lifecycle management platform, helping users effectively address TARA activities.

Defined by “ISO/SAE 21434: Road Vehicles – Cybersecurity Engineering,” TARA is a preventive cybersecurity methodology that involves performing a set of key activities during software development and maintenance. The process involves the analysis of potential cyberattack objectives, vectors, and threats, followed by an assessment of their risk and severity levels.

AUTOCRYPT’s TARA Template for Automotive greatly reduces the complexity and increases the accuracy of TARA activities. Developed by AUTOCRYPT in collaboration with Branvi, an official Polarion partner, the tool has been optimized for the Polarion platform. Work items can be automatically connected to the template, allowing users to benefit from the step-by-step manual and calculation tools in the template.

AUTOCRYPT’s CEO, Daniel ES Kim, commented, “With the advancement of software-defined vehicles, TARA has become an inseparable part of vehicle development and maintenance. Based on our decades of experience in cybersecurity implementation, our team at AUTOCRYPT has established an intuitive template optimized for ISO/SAE 21434 compliance.”

Beyond the ISO/SAE 21434 standard, TARA is also an effective strategy for implementing security by design and managing security updates, as mandated by UN Regulation 155 and 156. AUTOCRYPT provides a wide range of security testing tools and services to complement TARA and secure the vehicle manufacturing process.

To learn more about AUTOCRYPT’s automotive cybersecurity solutions, contact global@autocrypt.io.

About Autocrypt Co., Ltd.

AUTOCRYPT is the leading player in automotive cybersecurity and smart mobility technologies. It specializes in the development and integration of security software and solutions for in-vehicle systems, V2X communications, Plug&Charge, and fleet management, paving the way towards a secure and reliable C-ITS ecosystem in the age of software-defined vehicles. AUTOCRYPT also provides management and service platforms for the operators and end users of MaaS, contributing to sustainable and universal mobility.

5 September, 2023 . 3 mins read

AutoCrypt Security Fuzzer Expands Vehicle Fuzzing Capabilities Through Major Upgrade

SEOUL, KOREA, September 5, 2023 — Automotive cybersecurity and mobility solutions company AUTOCRYPT released a major upgrade to its automotive fuzzing software—AutoCrypt Security Fuzzer. The upgrade (version 2.0) enables a much wider testing range and greater automation, allowing automotive OEMs to benefit from a more simplified and efficient fuzzing process for UN R155 (WP.29) compliance.

AutoCrypt Security Fuzzer was first released in December 2021. As the world’s first fuzzing solution for the vehicular environment, its fuzzing algorithms were built based on the structures of Unified Diagnostic Services (UDS), the communication protocol used in electronic control units (ECU). Version 2.0 expands the testing range beyond ECUs to include other protocols like the Controller Area Network (CAN), Wi-Fi, Bluetooth Low Energy (BLE), and most importantly, the Ethernet, which is a crucial component of software-defined vehicles. The v2.0 platform also allows new protocols to be added through software updates.

Offered through an intuitive UI, AutoCrypt Security Fuzzer v2.0 greatly improves the user experience. Yet, its biggest differentiation point is its smart fuzzing capabilities. It accurately identifies the functions and technical specifications of each test target and generates test cases based on these characteristics, ensuring that only relevant test cases are input into the program. Moreover, testing can be assigned at a project level, allowing for continuous testing for multiple ECUs. Even if an unexpected interruption occurs, the fuzzing process will continue based on its automation algorithms. All these features make AutoCrypt Security Fuzzer exceptionally efficient and easy to use.

AUTOCRYPT’s CEO, Daniel ES Kim, emphasized the importance of fuzz testing for vehicle production, “Fuzz testing is not just an effective way to identify software vulnerabilities at an early stage, but a necessary process to receive vehicle type approval as mandated by UN R155.” Regarding AutoCrypt Security Fuzzer, he added, “We developed the solution specifically for the automotive industry. It offers diagnostics services and NRC support features based on ISO 14229. It also provides support for all ISO-TP specifications as defined in ISO 15765.”

AutoCrypt Security Fuzzer is a component of AUTOCRYPT’s in-vehicle systems (IVS) security solution, an end-to-end automotive cybersecurity solution that secures all stages of the vehicle lifecycle, offering a wide range of products and services from TARA and security testing to the intrusion detection and prevention system (IDPS) and vehicle security operations center (vSOC). To learn more about AUTOCRYPT’s IVS solution, contact global@autocrypt.io.

ABOUT AUTOCRYPT

AUTOCRYPT is the leading player in automotive cybersecurity and smart mobility technologies. It specializes in the development and integration of security software and processes for in-vehicle systems, V2X communications, Plug&Charge, and fleet management, paving the way toward a secure and reliable C-ITS ecosystem. AUTOCRYPT also provides management and service platforms for the operators and end users of e-mobility and MaaS, contributing to sustainable and universal mobility.

11 July, 2023 . 5 mins read

In-Vehicle Cybersecurity: A Closer Look at HSM and TEE

It has long been established that cybersecurity is essential to vehicle operations and needs to be implemented universally. However, it is important to note that automotive cybersecurity does not follow a one-size-fits-all approach. Different types of cybersecurity measures have their pros and cons and are more effective for certain types of vehicle architectures rather than others. While there are different types of vehicle cybersecurity measures available on the market today, this blog will discuss hardware security modules (HSM) and trusted execution environments (TEE), offering a closer look at two of the most robust vehicle cybersecurity solutions.

Why do we need in-vehicle security?

Modern vehicles have complex internal computing systems that enable superior functions like advanced driver-assistance systems (ADAS), vehicle-to-everything (V2X) communications, as well as network and cloud connectivity. These internal computing systems interact with each other and the external network, exchanging large amounts of data and signals. If these communication nodes lack appropriate security measures it leaves the vehicle vulnerable to cyber risk.

Wi-Fi, navigation systems, V2X communications, all of these network connection endpoints can be potential routes for cyber attacks. Hackers could breach into a vehicle’s internal system to steal private data like vehicle location, registration number, and even financial information. There is also the risk of hackers breaking into the vehicle systems to gain control of its functions. We saw this happen when two researchers hacked into a car through its cellular connection. After establishing a wireless access to the car, the hackers gained control of the vehicle’s dashboard, infotainment system, and even the engine.

This experiment revealed many vulnerabilities in vehicle internal systems security. It also solidified the importance of a layered approach to vehicle cybersecurity, where both the internal vehicle environment and the external communications are secured.

What is HSM?

One of the most robust cybersecurity solutions in the automotive industry is a Hardware Security Module (HSM). HSM is an external physical security unit that is installed into electronic control units (ECU). It safeguards vehicle communications and functional control systems with message cryptography. Typically, an HSM will include its own processor, cryptographic technologies, and dedicated memory for the hardware security firmware and secure data. Having its own processor, the HSM operates separately from the ECU, bearing the computational load of security functions.

The security module’s main job is to safeguard sensitive vehicle data during message exchanges. It does this by storing cryptographic keys, performing cryptographic operations, and verifying digital signatures to conduct authenticity checks for messages passing through the vehicle. This makes sure that data coming from outside of the vehicle is verified, and data leaving the vehicle is safely encrypted.

HSMs have been the industry standard in vehicle cybersecurity for their ability to safeguard valuable information from tampering. However, there is a problem of scalability with this particular cybersecurity measure. HSM is a security unit that has to be physically installed into ECUs within the vehicle. So, installing HSMs in cars with complex internal architectures and an abundance of ECUs may become costly.

There is also the issue of flexibility. Many modern luxury vehicles support over-the-air (OTA) systems like software downloads and updates. These OTA systems enable the installation of new functionalities into a vehicle without having to alter its hardware composition.

In a rapidly developing automotive industry, cybersecurity software needs to be able to adapt to vehicle software changes. This will be hard to achieve for a car secured only with hardware security modules. The hardware-software segregation in advanced vehicle architectures requires a more flexible approach to cybersecurity that ensures cybersecurity measures evolve hand-in-hand with vehicle software developments.

What is TEE?

A cybersecurity solution that works more effectively in centralized vehicle architectures with ever-evolving software structures is a Trusted Execution Environment (TEE). TEE is a software-based security measure that creates a secure and isolated environment within the application processor, separating critical operations from the rest of the system.

Critical operations and sensitive data can be executed and stored within the trusted execution environment, shielded from potential cyber threats. Similar to HSMs, TEEs have protected crypto libraries where sensitive information, such as cryptographic keys, can be securely stored and managed. They also provide secure communication channels between trusted components, ensuring that data transmitted within the secured area remains confidential and protected from the rest of the vehicle. This helps prevent unauthorized access or tampering.

For instance, the AutoCrypt IVS-TEE security solution offers OTA systems security with encryption and authentication technologies, making sure that only validated software is received and installed during OTA system updates. This is done to ensure that the software comes from an OEM and not a malicious actor.

While TEE and HSM offer similar cybersecurity measures they are very different in terms of implementation and execution. TEEs are built into the application processor’s chipset and can be implemented through software updates, making them more flexible and adaptable to changing security requirements. Leveraging a vehicle’s existing hardware resources, TEEs eliminate the need for additional security components, potentially reducing costs.

Establishing a TEE is a cybersecurity-by-design approach that ensures that there is a secure environment to run critical operations in every application processor.

Comparison of HSM and TEE structure

As vehicles become increasingly connected and autonomous, the importance of robust automotive cybersecurity methods cannot be overstated. HSM and TEE both play crucial roles in securing vehicles against cyber threats. HSMs excel in cryptographic operations and secure key storage, while TEEs create isolated execution environments within the main processor. By combining these methods, automotive manufacturers can maximize protection from external cyber threats and enhance the security of their vehicles.

AUTOCRYPT’s in-vehicle cybersecurity solutions provide complete protection for the vehicle-embedded systems minimizing cybersecurity risks.

To stay informed about the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.