Registered users can unlock up to five pieces of premium content each month.
Automotive Cybersecurity |
NEWS |
The increased penetration rate of digitized automotive systems and connected vehicles over the past decade has given rise to an entirely new array of cyberattacks and threat vectors. This emerging threat horizon has caught even major car manufacturers, service enablers, and connectivity providers off guard, and they are now being called to deal with these new attack vectors that target not only secondary automotive applications (e.g., infotainment and navigation) but also primary critical functions related to vehicle performance, system, data and network security, and, most importantly of all, driver and passenger safety.
Key Cybersecurity Threats Outlined by Regulatory Entities |
IMPACT |
ABI Research posits that while major car manufacturers, service enablers, and software developers are making strides toward developing truly impressive applications, cybersecurity operations are being left behind and addressed reactively, usually following a security incident. This is due to three primary reasons:
Naturally, the spotlight falls on more Artificial Intelligence (AI) and user-centric solutions, which is to be expected. After all, it was way more eye-catching for the public to read about new developments in AI technologies in the connected car than the discussion of compliance requirements for Over-the-Air (OTA) security updates. However, this fact alone should not put related organizations off track regarding cybersecurity advancements. Even non-automotive firms have also entered the fray with truly innovative solutions focusing on AI, Machine Learning (ML), and autonomous driving, such as Nvidia’s partnerships with major car Original Equipment Manufacturers (OEMs) like Mercedes Benz and Toyota.
While most car-focused companies could pinpoint some key future trends in the automotive market dealing with machine vision, virtual assistants, and AI, not many are aware of cybersecurity threats. Many of these threats are not limited to simple nuisances and cannot simply be fixed with a new patch like many in the automotive industry erroneously assume. After examining a wide spectrum of regulatory standards, compliance requirements, and recommendations from industry and regulatory entities including the National Institute of Standards and Technology (NIST), the European Union Agency for Cybersecurity (ENISA), the European Telecommunications Standards Institute (ETSI), and the International Organization for Standardization (ISO), ABI Research has examined extensive lists of prevalent threat vectors that still manage to elude the attention of automotive players. Some of these threats include the following:
Regulation and Standards Recommendations |
RECOMMENDATIONS |
ABI Research highly recommends that organizations in the automotive market better familiarize themselves with cybersecurity regulations and compliance requirements depending on their target applications, communication protocols, technology restrictions, and threat vectors. Below follows a small but important fraction of cybersecurity standards, guides, and protocols based on the threats listed in the previous section.
ABI Research suggests further examination of the following documents: