IoT & Embedded Technology Blog

Securing the Road Ahead: Self-Driving Cars & Cybersecurity

by Joe Abajian & Dan Mandell | 1/3/2024

By nature, autonomous cars amplify cybersecurity stakes. If hackers compromise a self-driving car’s internal computing network, its safety critical components (brakes, gas, transmission, headlights, etc.) can become exposed. Fully automated fleets will be prime targets for ransomware hacks. In the future, crucial freight and trucking infrastructure will depend on automated systems.

Cybersecurity needs will advance with autonomous driving capabilities. Level 1 autonomous driving (ADAS features such as electronic lane keep assist, adaptive cruise control, parking assistance, etc.) presents the least cybersecurity risk. Level 2 and Level 3 autonomous driving, the highest levels of autonomous driving publicly available (self-driving with varying levels of human monitoring required), pose significant cybersecurity stakes. To support and secure higher levels of autonomous driving, OEMs will demand strong intrusion detection and prevention systems (IDPS), active monitoring services, and timely over-the-air (OTA) update support.

It’s worth noting, however, that widespread adoption and development of autonomous driving technology faces significant obstacles. Out of the 55 automotive engineers that participated in VDC’s Voice of the Engineer survey, 28.3% of respondents identified complexity of systems as the biggest obstacle to autonomous vehicle development, suggesting that higher levels of autonomous driving won’t become widely available for several years. Concerns around cost of development (19.6% of respondents) suggest that the market for autonomous driving will continue to be led by luxury automakers, although all major automotive groups are making investments in autonomous driving technology. Varying with implementation timelines, nearly all automakers will require cybersecurity support for autonomous driving technology.

Biggest Obstacle to the Development and Growth of the Autonomous Vehicle Industry
(Percentage of Respondents)

The foundational cybersecurity technologies that will be used to secure autonomous cars already exist. ECU Intrusion Detection and Prevention Systems (IDPS), for example, are ubiquitous in cars now and will remain essential to securing autonomous cars. The key cybersecurity difference between current cars and autonomous cars will be threat response.

Managed cybersecurity services will see a rise in demand as self-driving technology progresses. Constant monitoring from security operations centers will be more valuable in the world of automated cars. For example, Upstream, a cloud-based automotive cybersecurity provider, specializes in threat detection and proactive monitoring. Sheelds, formerly Arilou, specializes in monitored cybersecurity for entire fleets of connected vehicles. Actively monitored cybersecurity services from organizations such as Upstream and Sheelds address threats as they appear, which is especially critical to safety in the world of autonomous vehicles. Even if autonomous systems require temporary disablement in response to a threat, identifying and communicating risks in a timely manner will be important for cybersecurity vendors serving self-driving cars.

Because of the safety risks associated with autonomous car hacks, OEMs should pair cybersecurity software with managed security-as-a-service solutions. As regulations on self-driving cars evolve, continuous cybersecurity monitoring may become a requirement. From a capability standpoint, rapid threat response tools will also be essential to securing self-driving cars. Sonatus, an automotive cybersecurity provider based in Sunnyvale, California, is a leader in quick response. Unlike typical OTA update timelines that are stretched across weeks, Sonatus delivers lightweight software policies to address threats in real time. Active monitoring and response tools fit into the future of automotive. Commercial cybersecurity providers should focus on increasing their real-time monitoring and response capabilities with a focus on reducing OTA update package size and timelines.

Strong interest in autonomous driving features/services from consumers and automotive innovators will continue to drive entire automotive industry to further invest in autonomous driving technologies. Cybersecurity is a critical component of autonomous driving platforms because of new requirements for ensuring consumer safety and data protection. Security is essential to functional safety in autonomous vehicles. Cybersecurity solutions such as proactive threat monitoring and rapid threat response will be the largest drivers within the expanding automotive cybersecurity market.

For more information about automotive cybersecurity leaders and the future of automotive cybersecurity software and services, check out VDC’s recently published report, The Global Market for Automotive Cybersecurity.