Automotive Cybersecurity

Findings on the state of automotive cybersecurity

Sponsored by Security Innovation and INTEGRITY Security Services, a Green Hills Software company,  has conducted their second annual cybersecurity survey of over 500 automotive developers, engineers, and executives.

“The cybersecurity of connected vehicles is one of the most important challenges for the automotive industry,” says Pete Samson, Senior Vice President and General Manager of Security Innovation’s embedded systems team. “Our second annual Ponemon survey represents an important step toward understanding and therefore improving the safety, security and privacy of the global transportation system.”

The survey results provide valuable insights on the mindset of over 500 key people in the automotive software ecosystem regarding the state of cybersecurity readiness within their industry. The results are alarming although they do show cause for optimism when compared to last year’s survey.

Some key findings include:

There is a growing concern that hackers are actively targeting automobiles.

Car manufacturers are more concerned about automobiles being hacked than their major electronics suppliers.

The lack of skilled personnel and requirements, and pressure to meet release dates are the main impediments to secure software development.

Cryptography is not being used as much as needed.

Legacy technology is hindering the ability to make vehicles more secure.

Automakers believe they are not as knowledgeable about secure software development as are other industries.

There is little clarity or consensus regarding a single point of responsibility for a secure development process.

Senior management have a rosier view of their company’s cybersecurity readiness than the people actually doing the work.

However, there is a small but statistically significant trend toward a more mature approach to securing vehicles.
”While study results show there is still work to be done to secure connected vehicles, there are many things that can be started today,” said Gregory Rudy, Director of Business Development at INTEGRITY Security Service, a Green Hills Software Company. ”Automotive executives must champion this change by promoting secure system design by allocating requirements, properly training, and looking to outside security suppliers for help.  Automotive security starts with the ECU and must extend throughout the manufacturing supply chain.”


Related Articles