Auto industry ‘not ready for cyber attack on smart vehicles’
Written by Hannah McGrath
An overwhelming majority (84 per cent) of automotive professionals have warned that vehicle manufacturers are failing to ensure their cyber security practices are keeping pace with evolving technologies, leading 62 per cent to expect a cyber attack on smart car systems in the coming year.
A survey of 593 professionals from automotive manufacturers and suppliers commissioned by software firm Synopsys and engineering association SAE International, also highlighted a number of deficiencies across the automotive industry in preparing for the adoption of software-enabled and Wi-Fi-connected vehicles, with the typical organisation having only nine full-time employees devoted to cyber security.
The survey gathered responses from automotive professionals involved in addressing software security risks inherent in a smart and connected vehicle technology, including infotainment systems, telematics, steering systems, cameras, System on a Chip (SoC) based components, driverless and autonomous vehicles, and radio frequency technologies such as Wi-Fi and Bluetooth.
Nearly a third (30 per cent) of respondents said their organisation was lacking an established product cyber security program team, while 63 per cent said they tested less than half of the automotive technology they develop for security vulnerabilities.
Meanwhile, 71 per cent believed that pressure to meet product deadlines is the primary factor leading to security vulnerabilities, while 73 per cent of expressed concern about the cyber security of automotive technologies supplied by third parties. Only 44 percent said their organisation imposed cyber security requirements for products provided by upstream suppliers.
Andreas Kuehlmann, co-general manager of the Synopsys Software Integrity Group, said: “The proliferation of software, connectivity and other emerging technologies in the automotive industry has introduced a critical vector of risk that didn’t exist before: cybersecurity.
“This study underscores the need for a fundamental shift – one that addresses cybersecurity holistically across the systems development lifecycle and throughout the automotive supply chain.”