Cybersecurity for Software Defined Vehicles

How do you secure 100 million lines of code in a car that's always online?

#1about 2 minutes

The automotive industry's shift to software-defined vehicles

The transition from hardware-centric cars to complex, connected software-defined vehicles introduces new capabilities and challenges.

#2about 3 minutes

Understanding the UNECE R155 cybersecurity regulation

The UNECE R155 regulation mandates a certified cybersecurity management system (CSMS) for all new vehicles, impacting the entire supply chain.

#3about 3 minutes

Managing security over the entire vehicle lifecycle

Vehicle cybersecurity must be maintained for over a decade, requiring continuous monitoring, incident response, and robust over-the-air update capabilities.

#4about 3 minutes

Volkswagen's approach to in-vehicle network security

Volkswagen's security technology kit uses a secure service-oriented architecture (SOA) with TLS to protect in-vehicle communication between ECUs.

#5about 2 minutes

The OBD port as a physical attack vector

The standardized On-Board Diagnostics (OBD) port creates a significant physical vulnerability, comparable to an unsecured USB port on a laptop.

#6about 4 minutes

Real-world examples of modern car hacking techniques

Several real-world examples, including CAN injection, key fob brute-forcing, and relay attacks, demonstrate common vehicle vulnerabilities.

#7about 1 minute

Defending against attacks and the future of automotive security

Ultra-wideband (UWB) technology prevents relay attacks by measuring signal time-of-flight, representing a paradigm shift towards proactive, long-term cybersecurity management.

#8about 3 minutes

Q&A on securing CAN bus and future architectures

The discussion covers securing legacy systems like CAN bus, the role of open standards like AUTOSAR, and the importance of domain separation in future vehicle architectures.