Block title


Cybersecurity in automotive industry presents a major challenge

- Advertisment -

Luxury vehicles are not exempt from cyber-attacks, even if a vehicle is designed with state-of-the art security and maintained with over-the-air software updates during its operational life. A cyber-attack on that vehicle can still happen at any time.

“How can a car fleet be monitored and by whom, to detect those attacks and mitigate their harmful effects?” This was just one of the questions that moderator Michael L. Sena, Consulting AB, asked a group of intelligent transport experts during a discussion on automotive cybersecurity at the recent ITU-UNECE Symposium on the Future Networked Car.

The ingredient for security in any industry lies in applying “prevent, detect and react,” according to Pierre Gerard, seni​or ​​security expert for Thales, and it all starts with the data sources. “Basically you can start with the data sources you already have,” says Gerard, “from your telematics, from services that you provide to your customers, you can tap into them to detect what is going wrong. It can come from the mobile app,” he adds. “Lastly, you can install an intrusion detection system inside the car to detect an attack. Anything suspicious can then be reported.”

“The car is becoming a software on wheels and it is unclear as to who is at fault or liable.”   Rossen Naydenov, ENISA.

The security operations centre, explains Gerard, figures out if there is an attack, and a procedure involving AI and Big Data learns the normal behaviour of a vehicle fleet, to then be able to detect any abnormal behaviour.

Participants were surprised to hear that the security process involves a huge monitoring task run by teams of security experts. They would be monitoring 24/7, with the ability to detect an attack, react and prevent further attacks, as well as attacks with the potential to lead to stolen vehicles.

Jo​hannes Springer of Deutsche Telekom said that the whole production process needs monitoring, considering the maintenance centre, the supplier network, as well as the whole research and development phase. But it’s not just the car manufacturers who face this security challenge; other service providers in a similar position also need high reliability”.

Quality assurance

Since driver-assisted functions are software-based, there needs to be a chain of trust at both the product and process levels. Software and embedded software are developed, integrated and maintained within a complex supply chain. Without proof of the quality, it cannot be assumed that the safety and cybersecurity is of a high quality. On a process level there should be certified and efficient management systems for software quality and safety, and for cybersecurity. On the product level there is a need to assess product development, particularly on the testing procedures, the testing strategies and whether they are in accordance with standards, he said.

Across the complete supply chain there is a need for thorough checks and audits, throughout the development, production and operation processes. Process and product supervision are of importance at the product’s creation, but also throughout its lifetime, again highlighting the necessity of 24/7 monitoring.

Insurance: who is liable?

Another question concerns that of insurance companies and liability in the event of a hacked car causing an accident.  Rossen Naydenov of ENISA pointed out: “The car is becoming a software on wheels and it is unclear as to who is at fault or liable.”

Would it be the producer of the software who would be liable – or the one using it? Who would carry the burden of proof?

IPv6 – crucial for security

Many countries are still at the transition phase from IPv4 to IPv6, and according to Latif Hadid, founder and president of the IPv6 Forum, 3GPP board member and research fellow at the University of Luxembourg, the continued use of IPv4 has implications for cybersecurity.

Hadid warned that car manufacturers still using IPv4 are more at risk of being hacked, warning that top level car manufacturers are unaware of the dangers of this and that “capacity building at a top level on IPv6 is important.”

Information sharing – key to cybersecurity

Is the automotive industry sharing threat intelligence in a way that improves cybersecurity, and if not, how can this information sharing be improved?  “Information sharing needs to be led by the industry,” according to Rossen Naydenov, network and information security expert at ENISA. “This is not something that regulation can impose.” Naydenov believes that the current automotive stakeholders have trust in each other, but perhaps not the level of trust required for information sharing on cybersecurity (referring specifically to Europe). “We have seen that in the U.S. the Auto-ISAC (Automotive Information Sharing and Analysis Centre) helps the industry to stand more firmly against the attackers and prevent new attacks being developed,” he said.

Naydenov recommends that if the automotive industry were to create its own ISAC in Europe, it should be in close co-operation with initiatives focused on threat intelligence sharing in the ICT sector.


Please enter your comment!
Please enter your name here

Latest articles

ABB Ability smart sensor enables preventative maintenance to be scheduled to prevent unplanned outages

The ABB Ability smart sensor attaches to a mounted bearing and employs temperature and vibration sensors to accurately track the health and performance parameters...

Keep abreast with technology while SA is on lock-down

EngineerIT will keep you abreast of developments in the world of technology throughout the lock down period and beyond with articles and news from...

Hasty cloud adoption increases companies’ risk profile

The relevancy of the cloud will soon begin to wane as more decision-makers come to acknowledge the hype for what it is and realise...

The March edition of EngineerIT has been published, another great read.

The March edition of EngineerIT has been published and is being delivered to subscribers. A PDF version is available for download. Click here.The articles...

Coronavirus-themed security attacks on the increase

By Indi Siriniwasa, Vice President at Trend Micro Sub-Saharan Africa When there is a crisis, there are those who will try and take advantage. Unfortunately,...

IoT will become the biggest user of edge computing amidst increasing security concerns

From less than $1.5 billion in 2017 to an anticipated $9 billion by 2024, the worldwide edge computing market is set to show significant...
- Advertisement -

ICASA calls on licensees to make communication services more freely available, while making regulatory concessions

Considering the recent developments with regards to the spread of the COVID-19 pandemic, the Independent Communications Authority of South Africa (ICASA) has written to...

Nine South African students attended US Space and Rocket Centre for 10th annual space camp

Nine South African students recently travelled to the U.S. Space and Rocket Centre (USSRC) in Huntsville, Alabama, as part of the 10th annual Honeywell...

The global outbreak of COVID-19 has brought the world’s digital divide into sharp focus.

ITU News reports that the Internet is a vital communications tool for people and communities affected by the outbreak of the Coronavirus. As schools...

Cybersecurity in automotive industry presents a major challenge

Luxury vehicles are not exempt from cyber-attacks, even if a vehicle is designed with state-of-the art security and maintained with over-the-air software updates during...

Surveillance and security service providers must be PRiRA accredited

Any business operating as a surveillance or security service provider, be it for the installation, configuration, support and monitoring of CCTV equipment, for a...