The ecosystem of the automotive cyber security market consists of manufacturers such as Harman (US), Continental (Germany), NXP (Netherlands), Escrypt (Germany), and Vector (Germany), as well as research institutes such as Japan Automobile Manufacturers Association (JAMA), European Automobile Manufacturers Association (ACEA), Canadian Automobile Association (CAA), and Korea Automobile Manufacturers Association (KAMA).
Reinforcement of mandates by regulatory bodies for vehicle data protection
White hat hackers have demonstrated the vulnerabilities of a modern automobile. For instance, in 2015, security researchers hacked a Jeep Cherokee, which enabled them to control the car remotely. This demonstrated that systems such as air conditioning, radio, windshield wipers, and transmission are vulnerable to external threats owing to a lack of cybersecurity measures. The same team also hacked a Toyota Prius and a Ford Escape. These events increased the focus of the manufacturers on cybersecurity solutions and regulations. The Security and Privacy in Your (SPY) Car Act, legislation proposed in the US in 2015, aims to mandate that critical software systems in cars are isolated and that the entire vehicle is safeguarded against hacking by using cybersecurity measures. It also specifies that data stored in the car should be secured to prevent unauthorized access, and vehicles should detect the same, alert the drivers, and respond to hacking attempts in real-time. Along with these measures, the act, which is developed by the NHTSA, will also regulate the information collected, transmitted, or shared by the vehicle by sharing the same with its owner. The act also proposes to offer the driver a choice to opt-out of data collection without affecting the functionality of key features such as navigation. Recently, BMW AG (Germany) rectified a fault that potentially granted hackers unauthorized access to a vehicle through the connected drive system. This was possible as BMW’s servers were not encrypted, and the attacker could thus imitate a server and send a lock or unlock command to BMW’s cars. In 2017, the UK government issued the cybersecurity guidelines for connected and autonomous vehicles: ‘The key principles of vehicle cybersecurity for connected and automated vehicles.’ The guidelines consist of 8 principles to make vulnerable cars safer.
Additionally, automotive stakeholders such as automotive trade groups, Tier-I suppliers, and OEMs are establishing standards and promoting the sharing of information regarding cybersecurity solutions. Whereas, stakeholders from non-automotive industries are researching to examine the cybersecurity level globally. For instance, in 2017, the International Telecommunication Union (ITU) released the Global Cybersecurity Index (GCI). According to the report, the level of commitment of different countries for making data safe and secure has been increasing year-on-year. These standards mandating cybersecurity solutions are expected to drive the adoption of cybersecurity measures.
The automotive industry is now becoming the focus area for many non-automotive suppliers. As the value chain is fragmented among all types of industries, revenue distribution has become a tough task for the stakeholders. In the cybersecurity market, the development of countermeasures is very difficult because of the lack of standardization of cybersecurity solutions. The solutions for cybersecurity depend on the specifications given by the OEMs. These solutions vary due to the use of different platforms in the same vehicle model, differences in the electronic architecture, and different features in the vehicle. As a result, the automotive cybersecurity solution providers face integration risks to deal with threats and vulnerabilities of a vehicle.
The inherited nature of OEMs to buy all the components for a vehicle from various suppliers and assemble them into one vehicle can make the car more vulnerable. Every supplier has its own platform of electronic components, and it would be difficult to integrate all the electronic components of different suppliers. Hence, regardless of the strength of individual components, poor integration of these components can lead to cyberattack exposure. Hence, it is necessary to release standards for cybersecurity products and services throughout the stakeholders of the value chain to make vehicles less vulnerable to cyberattacks
Exceptional technological development in autonomous vehicle space
Autonomous vehicles are gaining an unprecedented amount of traction. Companies such as Mercedes, Ford Motors, and Tesla are investing heavily in their R&D capabilities to revolutionize the traditional way of driving. For instance, Ford Motors has tripled its investment in the autonomous fleet market and is testing 30 autonomous Fusion hybrids in Michigan, California, and Arizona. Similarly, Google, Uber, and Tesla are also ramping up their investments to bring an autonomous vehicle on the road that will comply with all the statutory rules and regulations and make driving a seamless experience. The growth of autonomous vehicles offers unparalleled opportunities to cloud providers, OEMs, and other stakeholders to collaborate and partner with automotive companies to leverage this growth. The agreement between Daimler AG, the manufacturer of Mercedes-Benz, and Uber Technologies Inc. to develop self-service vehicles is another instance that suggests autonomous vehicles would be a reality soon. The advent of autonomous vehicles will increase cybersecurity threats and, hence, drive the cybersecurity automotive cybersecurity market.
Driverless cars are still in a nascent stage and are currently being tested on the road in Texas, Arizona, California, Pennsylvania, Washington, and Michigan under specific test areas and driving conditions. These cars would soon be a part of mainstream reality, according to automotive experts. Jen-Hsun Huang, CEO of NVIDIA, announced at Bosch Connected World 2017 in Berlin that NVIDIA will offer technology enabling Level-4 autonomous driving capabilities by the end of 2018. Similarly, BMW is also expected to unveil its self-driving electric vehicle, BMW iNext, by 2021. These developments would offer several opportunities to cloud and cybersecurity service providers to come forward and partner with automotive companies to take the driving revolution ahead with robust vehicle security.
Time lag in the delivery of cybersecurity updates to the market
Most of the automobile manufacturers do not have any necessary software development capabilities. The automobile manufacturers are only responsible for integrating the cybersecurity solution with the hardware of the vehicle while the rest is the responsibility of the cybersecurity provider. Hence, due to the absence of robust capabilities within automobile manufacturing plants and service centers, the time lag in the rectification of the identified vulnerabilities increases. The security code update development is a time-taking process due to back-end system records, which hampers the whole process of delivering updates to the market without any delay.
Also, the timely delivery of the security package at the time of vehicle recalls becomes a big challenge for the OEMs. The cybersecurity providers need to expedite the development functions and deliver that to production and service centers of automobile manufacturers. The cybersecurity solution development also requires risk management, progress monitoring and reporting, and incident management, which should be put in the process of developing the solution. The cybersecurity solution providers are looking for new ways to reduce the time lag for updates as it would give them a competitive edge among other players. Hence, product innovation and accuracy are crucial for the effective implementation of cybersecurity.
• Automotive cyber security manufacturers
• Automobile organizations/associations
• Compliance regulatory authorities
• Government agencies
• Investors and Venture Capitalists (VCs)
• Raw material suppliers for automotive cyber security
• Traders, distributors, and suppliers of automotive cyber security
We are pleased to offer you this exciting, new, and entirely free professional resource. Visit our Free Industry resource center today to browse our selection of 600+ complimentary Industry magazines, white papers, webinars, podcasts, and more. Get popular titles including: