• Agenda:
o To evaluate various security vulnerabilities in connected vehicles.
o To analyze the initiatives taken and regulations implemented to address security vulnerabilities.
o To analyze the various types of cybersecurity solutions being developed or offered for the security of connected vehicles.
o To evaluate the major players in the ecosystem.
Report Preview is available at: https://bisresearch.com/industry-report/global-automotive-cybersecurity-market.html
2. 2
Agenda
▪ Introduction
▪ Connected Car Ecosystem
▪ Connected Car: Generic Network Architecture
▪ Automotive Cybersecurity: Attack Vectors
▪ Current Trends and Future Potential
▪ Key Developments and Industry Players
▪ Automotive Cybersecurity Standards
▪ Presentations of Guest Speakers
▪ David Barzilai
▪ Andrew Till
▪ Concluding Remarks by Dhrubajyoti Narayan
▪ Q&A
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities
3. 3
Speakers
David Barzilai
Co-Founder, VP Sales &
Marketing
Karamba Security
Andrew Till
General Manager Secure
Platform
Trustonic
Dhrubajyoti Narayan
PrincipalAnalyst
BIS Research
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
5. 5
Connected Car Ecosystem
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
Connected Car Ecosystem
Connected Car
Traditional Mobility
Software Service Information and Data Navigation
Wireless Network
Mobile Device
Automobile
6. 6
Connected Car Ecosystem
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
Generic Network Architecture
OBD-II
Ethernet
gateway
OBD 3G/LTE/4G/5G Ethernet BUS communications USB of Ethernet SPI or UART Direct connection
(no protocols specified)
Cloud Services
Cellular via
mobile
Other CAN buses
MOST
FlexRay
LIN
Head unit
Telematics
Wi-Fi
Bluetooth
RDS/
Satellite
eSIM ECU 1 ECU 2 ECU 3
ECU 4 ECU 5 ECU 6
ECU 7 ECU 8 ECU 9
Powertrain CAN
Chassis CAN
Body control CAN
Gateway
ECU
Main board
ECU
7. 7
Automotive Cybersecurity: Attack Vectors
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities
www.bisresearch.com I All right reserved
Attack Vectors
Internet of
Things
Global Navigation Satellite
System (GNSS)
Vehicle-to-Vehicle (V2V)
Vehicle-to-Infrastructure (V2I)
External Storage Device/
Nomadic Devices
Grid Connection
Incl. Smart Charging
Camera
Radar
On-Board Diagnostic
(OBD) Tools
Infotainment
Cloud Servers
Network Connectivity
and Cloud Servers
Connected
Vehicle
Technology &
Communication
Systems
Communication Channels
SD
Gateway
ECUs
P/T
ECUs
Chassis
ECUs
Body
ECUs
Black
ECUs
8. 8
Automotive Cybersecurity: Current Trends and Future Potential
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
Trends
• Increasing Adoption of the
Connected Vehicle and
Autonomous Driving
Technology by Manufacturers
• Growing Focus on V2X
Equipped Vehicles in the
Connected Vehicle Industry
• Growing Demand for Cloud-
Based Applications in the
Automotive Industry
Growth Factors
• Increase in Use of Electronics
Per Vehicle and Growing
Number of Connected Vehicles
• Rising Cyber Threats Owing to
Increase in Data and
Connectivity of the Vehicles
• Rising Sales of Electric
Vehicles
Business Challenges
• Lack of Skilled Cybersecurity
Professionals
• Highly Complex Ecosystem
with Presence of Multiple
Stakeholders
• High Costs of Automotive
Cybersecurity Solutions
Opportunities
• Rising Demand for Advanced
Cybersecurity Solutions and
Technological Developments in
Autonomous Vehicles
• Growing Digital Solutions for
Semi-autonomous and
Autonomous Vehicles
9. 9
Automotive Cybersecurity: Key Developments and Industry Players
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
Key Industry Players in Automotive
Cybersecurity Market
Key Developments in Automotive
Cybersecurity Market
Company Date Description
Aptiv PLC
January
2022
Aptiv PLC acquired Wind River, an intelligent edge
software provider, from TPG Capital for $4.3 billion to
produce secure and connected mobility services.
NXP
Semiconductors
July 2022
NXP Semiconductors signed an MoU with Hon Hai
Technology Group (Foxconn) to develop next
generation connect vehicle platform.
Argus Cyber
Security Ltd.
September
2022
Argus Cyber Security Ltd. and Elektrobit launched EB
zoneo SwithCore Shield pre-integrated solution
embedded with intrusion detection and prevention
system (IDPS) functionality with advanced network
management systems for the next generation of
vehicles
Denso
Corporation
October
2022
Denso Corporation, in collaboration with NTT
Communications Corporation, announced the
development of the vehicle security operation center
(VSOC) in response to the increasing cyber threats
against vehicles.
Garrett Motion
Inc.
September
2022
Garrett Motion Inc., at IAA Transportation Exhibit in
Hannover, announced that it would showcase a
connected vehicle software solution to help automakers
effectively optimize, maintain, and secure their
commercial fleets.
10. 10
Automotive Cybersecurity Standards
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
UNECE UN R155 and UN R156
• R155 Cybersecurity Management System
(CSMS): Monitors vehicles for faults during
and after production
• R156 Software Update Management
System (SUMS): Continuous software
updates enable OEMs in avoiding recalls
related to OTA updates
ISO/SAE 21434
• Focuses on requirements for cybersecurity
processes and cybersecurity risk
management
• Applicable to electrical and electronic (E/E)
systems and their components & interfaces
used in road vehicles
MIIT CN ICV Access Guide
• Consists of 97 standards (2022)
• Target by the end of 2023: Preliminary
establishment of a cybersecurity standard
system for the ICV, and complete
formulation and revision of more than 50
key and urgently needed security standards.
• Target by the end of 2025: Relatively
complete establishment of a cybersecurity
standard system for the ICV, and complete
formulation and revision of more than 100
key and urgently needed security standards.
13. |
3 COMPANY CONFIDENTIAL
• The car is becoming a service platform
• Maintain continuous engagement with end-customers
• Users benefit from features on-demand
• New capabilities delivered dynamically
• Open and better user experience
SDV is the Industry’s Next Revolution
14. |
4 COMPANY CONFIDENTIAL
Zonal Architecture: Hardware-Software Separation
Microprocessor
Board Support & Startup
Hypervisor
Inter-Processor/Partition Communication
os
Container
Runtime os os
AUTOSAR
Classic or
Adaptive
System
Functions
AUTOSAR
Apps
ADAS
Apps
IVI
Apps
ADAS
Middleware
e.g,
AUTOSAR
Adaptive VAL
IVI
Middleware
Middleware
Micro-
service
App
Standardized Vehicle Data
Basic Software Interfaces
Applications
Middleware & System Funcions
Infrastructure & OS
Source: Vector
15. |
5 COMPANY CONFIDENTIAL
• End user benefits
• Agility: subscribe to features on-demand
• OEMs’ cost benefits
• Hardware commoditization
• Increased reliance on open-source software
• Vehicle weight reduction
SDV’s Hardware-software Separation Benefits
20. |
10 COMPANY CONFIDENTIAL
• A combination of mobile and cloud security elements
• Mobile: large number of applications, downloaded in seconds.
• Cloud: virtualized operating systems and services
• Safety and privacy above all
• Harden safety-critical applications
• Protect customers’ in-vehicle data from leakage
SDV In-Vehicle Security Unique Characteristics
21. |
11 COMPANY CONFIDENTIAL
• UN R155 and ISO/SAE 21434
• All new vehicle types – July 2022
• All new connected vehicles – July 2024
Emerging Regulations: OEMs MUST Certify to Sell
22. |
12 COMPANY CONFIDENTIAL
• GB/T 1.1-2020
• All new vehicle types – January 2025
• All new vehicles – January 2027
Even Harsher Regulations
23. |
13 COMPANY CONFIDENTIAL
• Adapt their development processes (secure coding)
• Demand from *all* of their software suppliers to perform
• TARA – threat analysis and risk assessment
• Supply chain verification
• Penetration testing
• Pass homologation by an authorized auditor
To Meet Both Regulations OEMs Must
24. |
14 COMPANY CONFIDENTIAL
• OEMs and tier-1 suppliers must perform “Continual Security”
• Alerts of new vulnerabilities
• Impact analysis and prioritization
• Perform security updates to all affected vehicles
And Even After Release through End-of-Life
25. |
15 COMPANY CONFIDENTIAL
• In addition to UN R155, OEMs must
• Ensure in-vehicle anti-malware measures
• Verify applications integrity in runtime
• Verify third party applications’ integrity
The Chinese Took it to Harsher Levels
Make vehicles ready for the SDV era
29. |
19 COMPANY CONFIDENTIAL
• VCode Automated TARA (threat analysis and risk assessment)
• VCode Binary scanning, to continuously identify vulnerabilities, early
• Penetration testing, focusing on critical issues and shows proof why
others can be postponed
Karamba Products Enable to Shift Left, Automatically
30. |
20 COMPANY CONFIDENTIAL
• XGuard hardens workloads deterministically – saving learning curve
• Automated policy creation, as part of CI/CD pipeline – patented
Automated Application Workloads Protection
31. |
21 COMPANY CONFIDENTIAL
• SDV represents significant industry advantages and changes
• To avoid SDV delays, cybersecurity compliance must be considered,
as part of current planning phases
• To allow accelerated innovation, product security needs to
• Continuous validation and verification of each application’s building blocks
• Harden deterministically safety-critical application
• Maintain an automated vulnerability management system
Summary: SDV and Security
34. ▪
▪
▪
▪
▪
▪
▪
•
Trustonic develops a Secure
OS (called Kinibi)
Port to multiple
silicon platforms
Creates a “Trusted Execution
Environment”
Enhanced with Trusted
Applications and supported by a
Software / Driver Development
Kit for use by 3rd parties
We distribute directly or via SIPs &
licensed to device OEMs &
AutomotiveTier 1s
45. 12
Key Takeaways
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
Current and Future Outlook of Automotive Cybersecurity Industry
Key Trends in Automotive Cybersecurity Space
Security Challenges Related to Connected Vehicles
Demand for Automotive Cybersecurity Solutions
State of Cybersecurity in Software Defined Vehicles
Cybersecurity Regulations in Automotive Industry
Changing Security Landscape
46. 13
Key Takeaways
Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
Recently Published Reports
• Automotive Cybersecurity Market
• Defense Electronic Security and Cybersecurity Market
• Vehicle Diagnostic Analytics Market
• In-Vehicle Payments Market
• IoT Solutions for Micromobility Market
• Intelligent Transportation Systems Market
• Automotive Data Monetization Market
• ADAS and Autonomous Driving Component Market
• Automotive Cloud Market
• Automotive V2X Market
• Artificial Intelligence Market for Automotive and
Transportation Industry
Upcoming Reports and Updates
▪ Global Automotive Domain ECU Market
▪ Global Automotive Software Architecture Market
▪ Global Automotive Connected Blockchain Market
▪ Global Automotive Telematics Market
▪ Global Automotive Embedded Systems Security Market
▪ Global Cloud Security Market for Automotive
▪ Global In-Vehicle Connectivity Market
▪ Global Automotive Software Development and
Engineering Services Market
For more information about any report please click on the report name, and please visit https://bisresearch.com/ for any other queries and report details
Connected Vehicles and Related Solutions:
Research Production Plan (2023 and 2024)
47. 14 Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
▪ Over 30 Electric Vehicle industry market intelligence reports
▪ Access to PDFs from over 100,000 reputed sources
▪ Market Statistics
▪ Company profiles for leading and emerging companies in the Electric Vehicle industry
▪ Database of key industry professionals
▪ Expert content like analyst notes, whitepapers
▪ Global expert network for consultations
To get a free trial access, please schedule a demo. Visit: https://www.insightmonk.com/
Insight Monk
48. 15 Cybersecurity in Automotive: Connected Vehicles and Growing Security Vulnerabilities www.bisresearch.com I All right reserved
Questions
50. 17
14 Green Hydrogen and Green Fuels – The Future of Energy www.bisresearch.com I All right reserved
BIS RESEARCH INC.
39111 Paseo Padre Pkwy STE 313, Fremont CA 94538-1686, USA
T
el: +1-510-404-8135
BIS RESEARCH PRIVATE LIMITED
Tapasya Corporate Heights, Greater Noida Expressway, Sector 126, Noida, U.P., 201303 India
Tel: +91 120 4261540
www.bisresearch.com
THANK YOU