Cybersecurity is of the utmost priority since the advent of digital, connected, and autonomous cars.
A New Dimension of Quality for Automobiles
Connected cars are essentially data centers on wheels, with multiple processors and units connected to different cloud services. This complex infrastructure must be protected in order to withstand cyberattacks on the car’s software and backend.
In the new environment, OEMs will need to respond immediately to security incidents, including those in which companies discover a new or potential vulnerability, or in which their vehicles are attacked by malicious hackers. This will require organizational, procedural, and technical capabilities for detecting and addressing cybersecurity events. Providing security patches throughout the full vehicle life cycle will also be essential for safe vehicle operation.
Best Practices in order to Manage Risks and Ensure a Secure Design in the Long Run
Taking into account these cybersecurity vulnerabilities, challenges and threats, some best practices are identified to be adopted to manage the resulting risks. A global security strategy needs to be defined. Cybersecurity is definitely a new topic in the automotive industry; fortunately, there are mature technologies, tools, but also lessons learned, and processes in other industries and markets that can be adapted and reused. It is clear that the industry has a need to establish a relevant list of best practices that should be respected to ensure a secure design in the long run, according to car lifecycles, which are considerably longer compared to traditional computer products. These best practices will help to reinforce the overall security and keep the final product safer.
- The implementation of dedicated cybersecurity standards for the automotive industry.
- The defense in depth principle is one of the cybersecurity core pillars nowadays. It has already been applied in several fields, especially in critical infrastructures such as aeronautics or industrial systems.
- Security by design means that security is taken into account in every step of the project lifecycle starting from specifications to validation.
- In order to reduce the attack surface and protect most critical assets in a car system against the variety of threats discussed above, several effective state-of-the-art security countermeasures can be applied.
VDA China Activities
VDA China is committed to harmonizing the Chinese regulations and standards with international practice. Therefore, VDA China stays continuous bilateral communication and cooperation in key legislation and regulation areas with its Chinese counterparts, e.g., CAAM, TC114(CATARC), TC260(CESI) through joint workshops and research.