In recent years, the automotive sector has undergone several rapid changes, including connected and autonomous vehicles, advanced driver assistance systems, and smart transportation. Although they have increased driver comfort and safety, these innovations are also associated with technological challenges—especially in the areas of data privacy and cyber security. According to The Business Research Company, the automotive cyber security market size is expected to reach US$4.16 billion by 2026, growing at a rate of over 19%. The good news is that automakers are adding hardware and software for better cyber defenses. The bad news is that criminal hackers are gaining more advanced capabilities. Furthermore, there are now more attack surfaces to hack and exploit.
It is important not to undersell the scale of this potential cyber attack problem. In 2021, only 32% of all American cars were “connected,” sending and receiving data on a regular basis. By 2025, that number may top 50%. Then in another ten years, the percentage of new US vehicles that will be connected is predicted to hit 95%. This expands the cyber attack playing field from just under a third of all new vehicles to almost all new vehicles.
Types of Attacks
One clear trend is the growth of remote hacks, which includes both web-based and nearby wireless attacks such as key-fob hacks. Remote hacks make up the majority, now accounting for about 85% of attacks. Upstream, a cyber security and data management platform, revealed that cyber attacks on cars have soared 225% in the last three years. They found that the most common automotive cyber attacks saw a data or privacy breach, followed by car theft or a break-in via the car’s wireless key fob mechanism.
“Without effective cyber security, everything from the infotainment system to the engine control unit is at risk. The issue is that the move toward connected, autonomous vehicles is outpacing automotive cyber security measures and regulations,” explained Charles Griffiths, Head of Technology and Innovation at IT of website AAG. Once carjackers enter a car with a cloned key, they can hack the engine control unit to turn the engine on and drive away. For cars in motion, hackers can tamper with settings like the auto brake or steering, potentially causing a serious accident.
Upgraded Technology Comes with New Threats
The push towards more sophisticated levels of autonomy in the automotive sector is a challenge for security. Adding data-exchange and GPS signal-guidance to vehicles benefited drivers, but the extra technology increases the potential for significant cyber attack. Signals and data are weaknesses that we have intentionally introduced into vehicles in the last 20 years in favor of end-user benefits. And so far, these benefits have massively outweighed the risks.
Signal attack vectors are predicted to narrow over the next 20 years—making it harder for attackers and safer for drivers. Data interchange density problems and security weaknesses still exist, making vehicles the next version of the email hack (where there is unsecured data, there is money to be made from stealing that data). Currently, the responsibility for ensuring any such hack is unsuccessful is split between the individual vehicle component manufacturers, the overall vehicle manufacturer, and the seller of the vehicle. With the responsibility net unclear, unhardened security, and a vast array of potential data-targets, you have near perfect conditions for hackers.
Changing How We See Vehicles
Many technology-savvy people are very protective of their data. They’ll install the most impressive data security they can afford on their computer system, monitor their credit cards for fraud, and take other security measures. However, historically, people haven’t needed to think of their cars as a data-risk. As such, there isn’t a huge demand for ruggedized data security in vehicles. The connected car changes the very nature of what a car is, and mitigation of data-theft from connected cars has yet to mature. Until it does, high security is likely to remain a paid-for add-on for the foreseeable future.
Focus on Automotive Cyber Security
As the automotive industry continues to produce connected and autonomous vehicles, there is a need to better understand the safety and security of this technology. Automotive Cyber Security: Protecting the Vehicular Network is a five-course program that aims to foster the discussion on automotive cyber security solutions.
Contact an IEEE Content Specialist today to learn more about getting access to these courses for your organization.
Interested in the course for yourself? Visit the IEEE Learning Network.
Resources:
Bradley, Tim. (28 June 2022). Cyber attacks on cars up 225 percent: how hackers could be targeting your vehicle. Express.
Fyler, Tony. (21 July 2022). Cyber-Attack Vectors in the Automotive Sector – Part 1: Signal Attacks. TechHQ.
Fyler, Tony. (21 July 2022). Cyber-Attack Vectors in the Automotive Sector – Part 2: Data Attacks. TechHQ.
FWM. (August 2022). Evolution of the automotive sector – data privacy and cyber security. Financier Worldwide Magazine.
Juliussen, Egil. (29 June 2022). Automotive Cybersecurity: More Than In-Vehicle and Cloud. EE Times Europe.
Liao, Rita. (25 July 2022). Real Driverless Cars Legal in China’s Shenzhen. TechCrunch.
MRH. (27 July 2022). Smart Transportation Market Segments, Opportunity, Growth and Forecast by End-use Industry 2022-2030. This Is Ardee.
Straits Research. (25 July 2022). Advanced Driver Assistance System Market Size is projected to reach USD 57.90 Billion by 2030, growing at a CAGR of 18.3%. GlobeNewswire.
TBRC Business Research Pvt Ltd. (20 July 2022). Automotive Cybersecurity Global Market to Grow at Rate Of 19% Through 2026. EIN Newswires.
The new wireless networking standard 802.11ax (Wi-Fi 6) delivers enhanced wireless technology in dense environments where it can more effectively overcome interference from cells on the same channel. An even newer version of Wi-Fi 6, dubbed “Wi-Fi 6 Extended” (Wi-Fi 6E), could deliver even better service.
As Jerry Jackson in PC Mag reports, Wi-Fi 6E provides faster speeds and lower latencies than Wi-Fi 6 and earlier versions. At the time of announcement, the IEEE 802.11ax (Wi-Fi 6) standard “was limited by law to a wireless spectrum that only covered the 2.4GHz and 5GHz bands”. These 2.4GHz bands have just three non-overlapping channels— meaning you, your household, and your neighbors, all share bandwidth.
Since multiple devices are competing for bandwidth, signals are often lost. However, after the Federal Communications Commission unanimously voted to make the 6GHz band available for unlicensed use in April 2020, significantly more airwaves opened, which routers can use to broadcast Wi-Fi signals.
Hence, Wi-Fi 6E expands on Wi-Fi 6 to cover 6GHz frequency.
“The opening of the 6GHz band is the biggest spectrum addition to Wi-Fi since 1989,” writes Jackson. “The jump from 5GHz to 6GHz might not sound like much, but it essentially quadruples the amount of airwaves (14 additional 80MHz channels, and seven additional 160MHz channels) available for routers and smart devices. That means less signal interference.”
What Are the Technical Benefits of Wi-Fi 6?
Wi-Fi 6 is expected to bring a number of technical benefits that will “enable use cases beyond what is possible today,” states Tim Pohlmann, CEO of IP Analytics, an IP intelligence tool. According to Pohlmann, these benefits will include:
- Connected venues and cities: Wi-Fi 6 BSS Colouring technology will guarantee resistance to interference— even in public places with a high density of devices such as event venues and universities. With its larger bandwidth, Wi-Fi 6 can deliver consistent real-time data exchange while allowing thousands of people to connect.
- Connected cars: Wi-Fi 6 enables larger bandwidth that will let vehicles exchange real-time information. Furthermore, Wi-Fi 6’s target wake time (TWT) feature allows for lower battery consumption. This means Wi-Fi sensors in traffic lights or buildings will only “wake up” when needed.
- Connected factories: Wi-Fi 6 technologies OFDMA and MU-MIMO will support “more IoT devices to operate unimpeded on the network, and thus means that millions of machine components can be connected and real-time data points operated at low-power consumption.”
- Connected homes: Wi-Fi 6 enables 2.4 GHz and 5 GHz to operate at the same time, delivering high bandwidth and low latency for high-definition video systems, augmented reality/virtual reality (AR/VR) devices, high-quality streaming platforms used for, conference video calls and gaming.
“Wi-Fi 6 will likely become the dominant access choice for indoor networks on account of improvements in speed, latency and higher density of connected devices,” states Pohlmann. “It is also the ideal system in spaces where access points will serve more users.”
However, he notes that Wi-Fi 6 must exist alongside 5G to support “use cases at home, while driving, at the office, outside or when working remotely.” While many argue that Wi-Fi 6 and 5G will be competitors, Pohlmann believes that they will work in tandem and complement each other in many applications. Furthermore, it is unlikely that a sole technology would support all connectivity.
Wi-Fi 6 and Wi-Fi 6 Extended are still developing. However, the ability to overcome service issues in high-density environments will undoubtedly spur advancement.
Improving Quality of Experience with IEEE Std 802.11ax™
The work on High Efficiency Wireless Local Area Networks (WLANs) in IEEE Std 802.11ax™ started in 2013 as a new amendment to the IEEE 802.11 WLAN standard. A goal of the new amendment is to address dense deployments characterized by a large number of access points and stations placed in close proximity in a limited geographical area. Such usage scenarios impact the quality of experience (QoE) for latency-sensitive applications such as voice-over-Wi-Fi™ and video conferencing.
Learn More About Wi-Fi 6
Enroll in our upcoming live two-course program, IEEE 802.11ax: An Overview of High Efficiency Wi-Fi (Wi-Fi 6), which will provide an overview of the features and optimizations introduced by IEEE 802.11ax to the physical (PHY) and medium access control (MAC) layers, which lead to the improvements in Wi-Fi. Purchase this course program by 17 February for the opportunity to ask questions and interact with the instructors. Part One will take place on 21 Feb from 12-3pm ET, and Part Two will take place at the same time on the following day.
Plus, check out this on-demand virtual event from IEEE Educational Activities and IEEE Standards Association that describes new IEEE 802.11ax features such as Orthogonal Frequency Division Multiple Access and Uplink multi-user transmissions together with Physical (PHY) and Medium Access Control (MAC) enhancements specific to IEEE 802.11ax to improve QoE. Watch now!
Resources
Jackson, Jerry. (7 October 2021). What Is Wi-Fi 6E? PC Mag.
Pohlmann, Tim. (2021). Who’s ahead in the WiFi 6 patent race. I am.
As modern vehicles grow increasingly connected, they are becoming a boon to cyber criminals in the process. According to the AV-TEST Institute, cyber attacks targeting vehicles increased to about 1.1 billion by the end of 2020. This is a significant rise compared to roughly 65 million a decade ago.
A number of new standards, regulations, and best practices aim to help curb these attacks. Among these include 29 regulations from the United Nations Economic Commission for Europe (UNECE). In addition, there is the National Highway Traffic Safety Administration (NHTSA) best practices report. The SAE J3101 standard outlines hardware-protected security requirements for applications in ground vehicles. Moreover, the ISO/SAE 21434 standard is designed to safeguard vehicles from security risks across their lifetime. According to Security Boulevard, the new ISO/SAE 21434 standard specifies “various engineering requirements and recommendations.” It covers risk management in the concept, product development, production, operation, maintenance, and decommissioning of electrical and electronic systems in vehicles, components, and interfaces. This automotive cyber security standard is significant. It will spur automakers, suppliers, and product developers to adopt a vigorous cyber security culture.
What Will This Cultural Shift Entail?
The auto industry’s cyber security cultural evolution will consist of transformations that are both human and technical, according to Automotive World.
Human:
Every employee will need a basic understanding of cyber security and techniques for reducing risks. This means that employees involved in vehicle design will have to undergo regular training. Select experts will need to oversee cyber security in various organizational divisions. Furthermore, special budgets for security will need to be developed, and new functions and features will need to undergo testing.
“Security has to be part of the thought process, but this is going to be quite a difficult transition for many organisations as it is a fairly new topic for the auto industry,” Dr. Dennis Kengo Oka, Principal Automotive Security Strategist at global software company Synopsys, told Automotive World. “This will require a cultural change to promote cyber security from the top down.”
Technical:
New technical solutions will help safeguard vehicles from cyber criminals. Additionally, there are services that help original equipment manufacturers and suppliers make more secure products. However, there will still be security challenges. For example, open-source software has saved time and money for the auto industry, but it also increases the chances of errors. These errors create doorways for hackers. For this reason, it is essential to bring in services that specialize in automating open-source software management that can help identify potential issues.
“Large automotive organisations cannot develop everything on their own, and in many cases those open-source software components are very beneficial,” said Oka. “The challenge in using open-source software is managing it; you need to know which components and versions are being used in your products and systems. Also, you must identify if there are any vulnerabilities associated with those versions.”
As hackers grow more sophisticated, so will the challenge of securing modern vehicles. By creating a sound cyber security culture across the automotive industry from the ground-up, automakers and suppliers can ensure their vehicles and products are trustworthy and safe.
Understanding Automotive Cyber Security
Prepare your organization to better comprehend the security aspects of the automotive industry. An online five-course program, Automotive Cyber Security: Protecting the Vehicular Network aims to foster the discussion on automotive cyber security solutions and requirements. This is important for both intelligent vehicles and the infrastructure of intelligent transportation systems.
Contact an IEEE Content Specialist today to learn more about getting access to these courses for your organization.
Interested in the course for yourself? Visit the IEEE Learning Network.
Resources
Neustadter, Dana. (5 August 2021). Protecting Automotive Socs Starts With Secure Ip. Semiconductor Engineering.
Oka, Dennis Kengo. (19 July 2021). Practical solutions for a secure automotive software development process following ISO/SAE 21434. Security Boulevard.
Holmes, Freddie. (14 July 2021). Automakers must champion cyber security. Automotive World.