What is a Software Defined Vehicle (SDV)?
A Software Defined Vehicle (SDV) represents a contemporary approach in the automotive industry, emphasizing the significant role of software in dictating the vehicle’s functionalities and features.
Traditional vehicles relied predominantly on hardware and mechanical parts for performance attributes.
Even compared to more recent automobiles with complex functionalities and features across individual Electronic Control Units (ECUs) or specific functional domains, SDVs differ by leveraging software and connectivity as central elements to dynamically determine, manage, and advance the capabilities of a vehicle.
The rise of SDVs brings about unique challenges, particularly in security, functional safety, and information assurance, partly due to the complex relationships between Original Equipment Manufacturers (OEMs) and their supply chains. While we could delve into the intricacies of these relationships (and the future role of Escrow in security agreements), today’s focus is on understanding what SDVs mean for different stakeholders.
Stakeholders in the Software Defined Vehicle ecosystem
The concept of SDVs affects a broad range of stakeholders, each with their own perspectives and concerns. Let’s explore what SDVs mean for each of these groups:
- Original Equipment Manufacturers (OEMs): For OEMs, SDVs offer the potential to reduce model variants, leading to manufacturing savings. They also provide a new avenue for post-purchase revenue through subscriptions and one-off payments for features.
- Drivers/Owners: SDVs present an opportunity for consumers to save money on initial vehicle purchases and the ability to enhance vehicle capabilities through updates and new features rolled out post-purchase.
- Suppliers: For suppliers, SDVs are a chance to lock OEMs into their ecosystem, driven in part by OEMs’ trend of in-housing software to differentiate themselves.
- Regulatory bodies: SDVs pose a challenge for regulatory bodies tasked with understanding and overseeing the capabilities of vehicles on the road, especially when features like self-driving and enhanced performance can significantly alter their behavior.
- Aftermarket/3rd party dealerships: These entities may find new opportunities or face new challenges as SDVs change the landscape of vehicle features and functionality.
- Security specialists: From a security standpoint, SDVs aren’t entirely new, as many of the risks they present have existed for some time. However, SDVs increase the number of possible security-relevant transitions a vehicle might undergo throughout its lifecycle, necessitating more complex assurance cases and holistic security considerations that can span more than just the “on-board” systems.
The impact of Software Defined Vehicles on security
The shift towards software defined vehicles will inevitably reshape what we consider a cyber attack. Typically, the focus has been on significant threats like ransomware, data breaches, and denial-of-service attacks.
However, in the context of SDVs, cyber attacks can also include more subtle activities, such as consumers attempting to bypass OEM security controls to unlock features they believe should be available, or looking to modify logs and backbox data associated with system capabilities for insurance fraud purposes.
Moreover, the aftermarket industry has long offered modifications and unlocked vehicle features, which can be seen as “cyber attacks” against OEMs’ revenue streams. This blurring of lines between legitimate consumer actions and malicious attacks highlights the complex security landscape SDVs introduce.
The role of Secure by Design, Secure by Default, and Design for Test in SDVs
The evolution of SDVs underscores the importance of building security into the design process from the outset. The principles of Secure-by-Design and Secure-by-Default are crucial in ensuring that vehicles are not only safe but also secure.
I’m sure we can all agree on Security-by-Design; however, Secure-by-Default is an approach that looks at protecting the end user against scenarios that they didn’t explicitly consent to—such as not enabling features like Passive Entry Passive Start (PEPS) or remote immobilization until the user is informed about any associated risks.
Additionally, the concept of Design for Test has become increasingly important in the SDV era. Modern security practices encourage a defense-in-depth approach, applying multiple layers of security controls to protect information assets. This strategy presents challenges for traditional assurance activities, typically occurring at the end of development.
As SDVs become more complex, security testing needs to happen earlier in development, and systems must be designed with testing in mind to ensure vulnerabilities are identified and addressed before production.
In the context of traditional vehicle testing, providing testers with in-depth information could make some leaders cautious about giving away too much proprietary insight.
However, the depth and quality of the testing process can significantly benefit from such detailed data well past the product’s initial phase.
It’s important to recognize that adversaries frequently possess substantially more information than legitimate entities (including third-party testers) in actual conditions. This allows for an evaluation better equipped to anticipate future contexts where unseen or currently non-exploitable weaknesses might emerge.
Navigating the future of Software Defined Vehicles
The rise of SDVs represents a significant shift in the automotive industry, offering new opportunities and challenges for all stakeholders involved. As vehicles become more software-driven, the need for robust security practices, regulatory oversight, and consumer awareness will only grow.
By understanding each stakeholder’s unique perspectives and embracing principles like Secure-by-Design, Secure-by-Default, and Design for Test, we can navigate the complexities of SDVs and ensure a safer, more secure future for the automotive industry.
Concurrent with these developments, there’s a growing trend of heightened regulatory oversight by governments regarding product security and operational resilience. Although proactive measures like Security-by-Design and ongoing testing are beneficial, it’s also crucial to have strategies for distributing patches or updates after discovering vulnerabilities.
Traditionally, the automobile industry has been proficient in performing verification and validation (V&V) testing for its products. Nevertheless, with the advent of software-defined vehicles, testing scenarios' complexity may significantly rise, leading to greater challenges for original equipment manufacturers and their suppliers.
Our teams and others in the industry have observed that many Electronic Control Units (ECUs) currently lack features such as A/B partitions, which support reverting to a stable firmware version. This could lead to high-risk situations reminiscent of recent episodes involving cyber security software, where a vehicle might cease to function due to an Over-the-Air (OTA) update that was insufficiently tested before deployment.
Therefore, it becomes vital to embrace a “Design for Test” approach that ensures comprehensive testing capabilities throughout a product's operational states before releasing any updates. Additionally, introducing policies to prevent simultaneous updates across all vehicles could mitigate risk when deploying patches or new firmware versions.
Safeguarding the road ahead
As the automotive industry continues to evolve, it’s more important than ever for organizations to stay ahead of the curve in managing and mitigating cyber risks. Whether you’re an OEM, supplier, regulatory body, or part of the aftermarket ecosystem, understanding and addressing the unique challenges of SDVs will be crucial.
There are several risk mitigation activities NCC Group recommends clients consider:
• Stay informed: Regularly update your knowledge on emerging trends and threats in the automotive cyber security landscape to anticipate and respond to potential risks more effectively.
• Engage with security specialists: Work with experts who can provide comprehensive security assessments from the early stages of development to post-production. This includes understanding the implications of software updates and ensuring a holistic security approach.
• Implement best practices: Adopt Secure-by-Design and Secure-by-Default principles in your development processes. Ensure that your systems are tested rigorously with Design for Test methodologies to catch vulnerabilities early.
• Collaborate with stakeholders: Maintain open communication with all stakeholders, including OEMs, suppliers, and regulatory bodies, to ensure everyone is aligned in their approach to security and safety.
• Consider long-term impacts: Think beyond immediate security concerns and consider the long-term implications of SDVs on your business, from revenue models to regulatory compliance.
Commercial Research at NCC Group
NCC Group has a rich research tradition, and our highly respected, world-class research efforts support much of our work. Our cyber security research services enable clients to benefit from our consultants' extensive technical expertise and insights, assisting them with various needs ranging from capability development to futures and horizon scanning.
We welcome organizations to work with us inside our structured commercial product portfolio or collaborate in a commercial research setting. Whether you’re looking to enhance your existing security measures with our comprehensive suite of products or seeking tailored research solutions to tackle unique challenges, we offer flexible collaboration opportunities to suit your needs.
Get in touch to discuss your Automotive cyber security journey.
Our specialists are available to help you navigate the ever-evolving threat landscape. Contact us today to discover how NCC Group can support tailored research or address your specific cyber security requirements.