Automotive Cybersecurity: The future of road safety

The changing automotive industry: a new threat landscape 

The automotive industry is undergoing a profound development that not only drives technological innovation but also brings with it a new threat landscape that presents both manufacturers and consumers with previously unknown challenges. 

From mechanics to digital world 

The development from the first steam-powered car to the networked electric car shows an enormous change. While the vehicle used to be a purely mechanical means of transport, today it has evolved into a highly complex and networked technological system. 

These “Connected Cars” are equipped with numerous embedded systems and electronic control units (ECUs) and use wireless connections such as Wi-Fi and Bluetooth to exchange data with other vehicles or the environment (V2X-Communication). Especially regarding autonomous driving, this connectivity is essential to ensure safe and efficient mobility. 

These technologies improve the driving experience, but also increase the risk of cyberattacks. Every electronic system has the potential to be identified as a weak point and thus become the target of hacking or malware. With increasing digitalisation and cloud connectivity, cars are becoming increasingly vulnerable to cybercrime. 

Possible points of attack in the vehicle 

Connected vehicles offer a variety of potential points of attack for cyber-criminals, which can have serious consequences. Wireless interfaces such as Wi-Fi, Bluetooth and keyless entry systems are a prime target. Attackers could use these to gain unauthorised access to the vehicle, unlock it or even start it.  In addition to wireless interfaces, there are other attack vectors that cyber criminals could use to jeopardise the security of connected vehicles. These can be divided into physical and remote attacks. 

Physical attacks 

The control units (ECUs), which control various vehicle functions such as brakes and engine management, pose a further risk. Physical attacks involve manipulating these ECUs by directly accessing the vehicle, for example via the OBD port or the CAN-Bus. By manipulating these systems, hackers could take control of critical driving functions and thus jeopardise the lives of passengers and other road users. One example of a physical attack is the theft of a Toyota SUV. In this case, thieves accessed the vehicle’s system bus (Controller Area Network Bus) by manipulating the wiring of a headlight. In this way, they were able to feed in fake messages that both deactivated the immobiliser and unlocked the vehicle. 

Remote attacks 

Applications that are connected to the car also pose a potential security risk. Remote attacks on vulnerabilities such as unprotected API-endpoints, for example in apps that can be used to unlock the vehicle, are particularly dangerous. Such gaps allow hackers to manipulate the software. This enables attackers to localise the vehicle, access it or steal users’ personal data.   

Core components of automotive cybersecurity 

The aim of automotive cybersecurity is generally to protect the connected vehicle and its vehicle data. To achieve this, it is necessary to consider all relevant areas of a vehicle, from embedded systems to cloud connectivity. 

On the one hand, the focus is on the security of internal data channels: ECUs (Electronic Control Units), the CAN-Bus and other components must be protected against unauthorised access, malware and hacking. This also includes securing the OBD-Port, which is a potential gateway for attackers. 

Secondly, external interfaces must be secured. A distinction is made here between direct and indirect communication. Direct communication includes, for example, the connection with the smartphone via API or Vehicle-To-X-Communication (V2X), also known as Car2x. V2X enables the exchange of information between vehicles and their surroundings, but also harbours security risks. Indirect connections, on the other hand, are created through the use of cloud services, for example for Over-The-Air-Updates (OTA) or smart charging. Securing data transmission and the cloud-infrastructure is of crucial importance here. 

In addition to technical protection measures such as encryption, firewalls and intrusion detection systems (IDS), the human factor also plays an important role. Social engineering describes attack methods that target the biggest weak point of any security system: people with all their idiosyncrasies and weaknesses. Criminal social engineers exploit the need for human interaction and manipulate their victims. Their aim is to get the victim to bypass the security measures and disclose secret information. An effective defence against social engineering therefore requires not only technical protective measures, but also comprehensive sensitisation and training of all employees. 

Protection goal of automotive cybersecurity 

Automotive cybersecurity therefore encompasses far more than just technical protective measures. Holistic security concepts must consider the entire value chain, from development and production through to the operation of a vehicle. In addition to the prevention of attacks through secure architectures, authentication and encryption, the early detection of anomalies and the effective response to security incidents are becoming increasingly important. It is important to keep an eye on all protection goals: 

• Confidentiality: Protection of sensitive vehicle data such as locations, driving profiles and personal information 
• Integrity: Ensuring that vehicle functions work correctly and cannot be manipulated  
• Availability: Ensuring that vehicle functions are always available and are not affected by cyberattacks 
• Authenticity: Verification of the identity of users, vehicles and other systems 

Automotive cybersecurity: The legal framework  

Automotive cybersecurity is no longer a “nice to have”. It must be guaranteed in order to prevent attacks on vehicles and avoid catastrophic effects on human lives. The OEMs alone are not responsible for analysing and complying with the relevant core components and protection goals in automotive cybersecurity. – Legal requirements have significantly supported and challenged cybersecurity in the automotive industry in recent years.  

UNECE Regulation No. 155, for example, represents a mandatory implementation for companies wishing to sell vehicles in the European Union. This regulation, combined with the ISO standard ISO 21434, provides a basic approach to ensuring the security of electronic systems and software in vehicles. The regulation specifies requirements for a cybersecurity management system (CSMS) for the vehicle manufacturing process and vehicle type approval to improve the security of connected vehicles and increase resilience to cyber threats. 

A regulatory deep dive on the topic of software updates and the software update management system (SUMS) has also been published by the UNECE. However, as these updates essentially change the vehicle’s software and bring with them a whole range of potential risks, it is crucial that they are carried out in the safest possible way. This is where UNECE Regulation No. 156 combined with the ISO standard ISO 24089 comes into play, creating the necessary framework for safe software updates. 

What companies need to do: automotive cybersecurity guide 

1. Security by design: Security right from the start 

Comprehensive cybersecurity in the vehicle sector does not come about by chance, but through foresighted planning. This requires a holistic security-by-design approach that extends from the concept phase through development and production to operation and decommissioning. This approach must include the vehicle systems and components as well as the back-end systems. 

2. Holistic risk management over the entire life cycle 

In order to protect the company, but above all the vehicles, you first need to know all the relevant electronic and electrical components, but also the software functions of the vehicles and along the entire value chain. Only then is it possible to establish centralised risk management by identifying, evaluating, prioritising and dealing with all risks. Risk management is necessary throughout the entire product life cycle. – Responsibility begins in the design phase of product development and only ends with the “end of life” of the vehicle. 

3. Multi-layered security measures for comprehensive protection 

In addition to a secure design, specific security measures are essential to counteract the risks. This includes the consideration of functional safety and security requirements in automotive software engineering. Specifically, this includes multi-layered security mechanisms such as authentication, authorisation, encryption, firewalls and intrusion detection systems (IDS). It is also essential to secure communication between vehicle components, backend systems and external devices. Regular security updates can close known vulnerabilities and increase resistance to cyberattacks. 

4. Continuous monitoring for agile security 

Cyber threats are constantly evolving. That is why continuous improvement is an integral part of a holistic security concept. By permanently and regularly monitoring all vehicle systems and analysing security incidents, vulnerabilities can be identified at an early stage and protective measures optimised. At the same time, the cyber security strategy must be flexible enough to be able to react to new threats and technologies. 

5. Cybersecurity-culture: People as a key factor 

All these security measures, structures and theoretical processes alone are not sufficient for successful cybersecurity within an OEM – they merely create the foundation. It is the expertise and security awareness of each individual employee that brings cybersecurity to life. Specialist training provides the necessary knowledge to recognise threats and protect against them. Awareness measures integrated into everyday life sensitise employees to the dangers of the digital world and sharpen their awareness of potential risks. In this way, every employee becomes a cybersecurity ambassador who handles sensitive data responsibly and actively contributes to protecting the OEM. 

Certification for companies: Proper preparation for the vehicle cybersecurity audit 

To ensure automotive cybersecurity comprehensively and seamlessly, the ENX Association has introduced the customised ENX Vehicle Cybersecurity (VCS) audit programme. The ENX VCS is intended to ensure that the entire automotive industry supply chain is anchored and is aimed at suppliers of hardware/software-based components/systems as well as software and ICT infrastructure-service-providers. Analogue to UNECE No. 155, a cybersecurity management system (CSMS) adapted to the ENX framework conditions is required for certification. 

Conclusion 

Automotive cybersecurity is relevant for the entire automotive industry, including suppliers and service providers. All parties involved must work closely together to protect the safety of connected vehicles and all road users. It is essential that the entire value chain and all relevant norms and standards are taken into account. This is the only way to gain and strengthen customer trust in the digitalised and connected mobility of the future. 

EFS Consulting provides OEMs and suppliers with comprehensive support in the implementation of automotive cybersecurity. With many years of experience in the areas of information security, risk management and process optimisation, EFS accompanies companies on their way to a holistic security concept. The expertise in this area includes: 

• Creation of security guidelines, performance of risk analyses and implementation of security measures in relation to ISO 21434 and UNECE R155 
• Integration of safety aspects into the entire development process of vehicles and components 
• Training and awareness measures for cybersecurity risks to protect against cyberattacks 
• Audit preparation and monitoring of the certification process