Why Cybersecurity plays a strategic role for smart mobility

Article menu

Why Cybersecurity plays a strategic role for smart mobility-strategic

The modern car rides not only electrically, it is more and more developing to rolling, highly crosslinked computer. This will also be prone to cyber attacks. Which dangers threaten and how can the smart mobility be properly secured? These questions employ manufacturers, suppliers and also customers. Because in the future, digital confidence will decide whether we buy a car or not.

Passing are the times when the car was just a means of transportation. Today is a small data center in the body. We no longer just want to drive, but also stream music, connect our smartphone to the cockpit and use online services. Even if full autonomous vehicles are still future music, there are always more comfortable driver assistance systems that make much easier and already partially take control of control. This driving experience is made possible by the interaction of countless sensors, electronic control units and software. The individual components communicate with each other and with other vehicles, the backing of the manufacturer, cloud services of third-party providers and even traffic lights or traffic signs.

The modern car is software-defined: new features can be reloaded and unlocked with over-the-air updates. Tesla does what it works; Other manufacturers move. According to a CapGemini study, software-based functions and services will make up around 22 percent of the year sales of the OEMS by 2031. Compared to today, their value triples.

There are many attack points

This development also changes the way we have to consider security in the car. In addition to the classic safety, ie physical security, the cyberscurity is now playing a crucial role. Because when cars are to be carried through and crosslinked computers on wheels, they are just like an Office PC – but with serious effects. In the worst case, human life are on the game.

Electric vehicles are not insecure in this regard than other modern cars. Often, however, they are already further advanced on the way to the software-defined vehicle. In addition, the charging infrastructure comes into play as an additional point of attack. To ensure safety, it is not enough to consider the technology in the vehicle alone. Each component in the networked cosmos can be a potential inventory. Cybercriminals could chop, for example, in the entertainment system and penetrate from there into the bus system, which controls the vehicle. Possible vulnerabilities can lurk everywhere, at each endpoint and in each network connection over the entire ecosystem of mobility.

How is the smart mobility safe?

A system is always as safe as its weakest link. Cybersecurity for networked vehicles must therefore always be holistic and consider the entire ecosystem – and over the entire life cycle. Decisive is a security-by-design approach: security must already be included in product development over all levels. This starts with a risk analysis, which attack scenarios are conceivable and which threaten dangers. Subsequently, a suitable security architecture is developed and implemented. This must be checked for heart and kidneys. So-called pentters come into play, security experts who take a look from the outside and take over the perspective of cybercriminals and try to chop the systems. They question internal assumptions and cover gaps in compliance with legislation.

A special challenge is the long life of a car. It is from planning to scrapping about 20 years. During this time, software, services and security situation change permanently so that new vulnerabilities can occur even if a vehicle was originally developed safely. Therefore, Cybersecurity must be a continuous process. An important role here play OTA security updates and solutions that encircle systems for vulnerabilities or automatically reveal automated suspicious behaviors (Incident Monitoring & Response). The latter serves to quickly recognize and react signs of cyber attacks before damage occurs.

This in Tel Aviv, Israel, and Berlin, Germany, Cymotive Technologies, has specialized in such holistic security solutions for networked vehicles and smart mobility. The experts pursue a “purple approach”, which combines blue team and red team procedures. In Security Jargon, a Blue Team takes care of the protection against cyber attacks, while the Red Team occupies the perspective of attackers. By combining the two views, cymotives is able to secure the entire digital ecosystem of a vehicle in each phase of its life cycle.

Cybersecurity has to be concerned

Nobody wants to sit in an insecure vehicle. Many consumers therefore make ways of cybersecurity. 56 percent fear a hacker attack on their car, so Consumer Loss Barometer 2019 by KPMG. The vast majority (82 percent) would even hesitate to buy a vehicle of a manufacturer who was already victims of a cyberattack. In order to gain and retain the confidence of customers, it becomes indispensable for OEMs to pursue a holistic, strategic security concept. Cybersecurity has to become a common concern of the entire industry. Only if car manufacturers, suppliers, security experts as well as government and regulatory authorities cooperate closely, networked vehicles can become really safe and build the trust of their customers in the new, smart mobility world.

About the author: Dr. Tamir Bechor, Co-Founder Cymotive Technologies

Please follow and like us:

Leave a Comment