Currently, 200 million digitally “connected vehicles” are traversing the world’s roadways, according to a recent white paper from the 5G Automotive Association (5GAA). By 2024, real-time traffic updates will be possible thanks to road infrastructure that will be digitally connected. By 2026, advanced vehicle-to-vehicle (V2V) capabilities will help bring automated vehicles another step closer to reality.
Today’s vehicles contain more software than ever before, as well as a constellation of automotive systems in their power locks, brakes, windows, entertainment, steering, and other features. Future vehicles will come equipped with advanced autonomous capabilities and driver-assistance systems (ASAD) that will make them even more complex.
These developments are happening rapidly. According to the research firm Frost & Sullivan, over 18 million new autonomous vehicles will be road-ready by the end of the decade. However, without appropriate regulations and advanced security features, these vehicles can become easy prey for hackers. With this in mind, many governments and automakers have already begun to take cyber security seriously.
Standards and Regulations
The United Nations Economic Commission for Europe (UNECE) is in the process of developing automotive cybersecurity regulations. Known as WP.29, the regulation would enhance cyber security and software updates in vehicles. It will be mandatory for all vehicle manufacturers in the European Union beginning July 2024. While manufacturers in Korea and Japan have agreed to comply with WP.29 within their own timelines, manufacturers in North America won’t be required to adhere to them.
Additionally, the International Organization for Standardization (ISO) is working on ISO/SAE 21434, a standard that aims to establish “cyber security by design” from the initial phase of a vehicle’s design. The organization is also working to establish ISO 24089, a standard that would regulate software updates in vehicles.
Five Top Cyber Security Threats for Automakers
In order to ensure their designs are safe from cyber security threats, vehicle manufacturers have five main concerns they will need to consider, according to Security Intelligence. These include:
- Complexity: Future vehicles will come equipped with interconnected architectures containing embedded telecommunications that will make them challenging to secure.
- Attacks on the power grid: Recently, research has demonstrated that it would be possible for hackers to disrupt the power grid or trigger a blackout by attacking multiple electric vehicles that are charging at the same time. To prevent this, standards will need to be developed that require vehicles to undergo testing and come equipped with cyber security features.
- Mobile devices: Increasingly, mobile phones are being used to control the various functions and features of connected vehicles such as windshield wipers, locks, and heat/air-conditioning. These devices pose a range of security threats, such as when a user inadvertently downloads malware, fails to update their operating system, or has a faulty password. If a hacker manages to take control of their phone, it wouldn’t be difficult for them to take control of the vehicle.
- Untrained employees: In order to ensure cybersecurity is secure across all facets of a vehicle’s design, every employee engaged in the design process must be adequately trained in cyber security.
- Securing financial features: Since many hackers will likely be motivated to steal financial information from drivers, special attention must be given to financial security features such as payment for fuel, tolls, and subscriptions.
Change is often difficult, but vehicle manufacturers will need to adjust to international regulations and standards in order to gain the public’s trust. By getting a head start in the process now, they can ensure their vehicles are safe when they’re ready to hit the roads.
As the automotive industry continues to work on intelligent and autonomous vehicles, there is a need to better comprehend the safety and security of this connected technology. Automotive Cyber Security: Protecting the Vehicular Network is a five course program that aims to foster the discussion on automotive cyber security solutions and requirements for not only intelligent vehicles, but also the infrastructure of intelligent transportation systems.
Contact an IEEE Content Specialist today to learn more about getting access to these courses for your organization.
Interested in the course for yourself? Visit the IEEE Learning Network.
Dhami, Indy. (2 October 2020). Top 5 Threat Vectors in Connected Cars and How to Combat Them. Security Intelligence.
Grau, Alan. (28 September 2020). Cybersecurity is Imperative for Connected Cars. Electronic Design.
Kohler, Arndt. (24 September 2020). Automotive Cybersecurity: New Regulations in the Auto Industry. Security Intelligence.
O’Halloran, Joe. (10 September 2020). Connected vehicle association makes call for wireless spectrum to develop use cases. ComputerWeekly.com.