Automotive Cybersecurity: Foundations for Next-Generation Vehicles

TL;DR

This paper discusses the urgent need for a secure-by-design approach in next-generation vehicles, which are becoming complex cyber-physical systems with increased connectivity and cybersecurity challenges due to digital transformation and autonomous features.

Contribution

It introduces foundational concepts for automotive cybersecurity tailored to the evolving landscape of connected and autonomous vehicles, emphasizing a paradigm shift in design principles.

Findings

Modern vehicles have a larger attack surface due to constant connectivity.

Traditional automotive architectures are insufficient for cybersecurity in next-gen vehicles.

A secure-by-design approach is essential for future automotive systems.

Abstract

The automotive industry is experiencing a serious transformation due to a digitalisation process and the transition to the new paradigm of Mobility-as-a-Service. The next-generation vehicles are going to be very complex cyber-physical systems, whose design must be reinvented to fulfil the increasing demand of smart services, both for safety and entertainment purposes, causing the manufacturers' model to converge towards that of IT companies. Connected cars and autonomous driving are the preeminent factors that drive along this route, and they cause the necessity of a new design to address the emerging cybersecurity issues: the "old" automotive architecture relied on a single closed network, with no external communications; modern vehicles are going to be always connected indeed, which means the attack surface will be much more extended. The result is the need for a paradigm shift towards a secure-by-design approach.