Automotive Cybersecurity Needs Serious Work
Annual report from security software and services company BlackBerry indicates the auto industry faces cyber challenges.

According to the BlackBerry 2021 Threat Report , which looks at cybersecurity threats of all types on a global basis, “modern automobiles are effectively insecure networks.” The authors point out that because there are as many as 100 compute components from various vendors on a vehicle, achieving common cybersecurity criteria is exceedingly difficult.
What’s more, they say an estimated 280 million vehicles globally are connected to the internet, and consequently, “Securing vehicles from cyber threats becomes increasingly difficult with every additional network connection, electronic component, and software-driven system.”
Among the issues identified in the 2021 report are:
- Electronic control unit (ECU) takeovers that affect vehicle systems (brakes, steering, powertrain)
- Vehicle compromise through paired smartphones (current or previous owners’)
- Vehicle-to-everything (V2X) and vehicle-to-vehicle (V2V) communications vulnerabilities
- Reliance on network connectivity for vehicle functionality
One effort that the authors note is working to address these issues, is the cybersecurity regulation put into place on June 25, 2020, by the United Nations Economic Commission for Europe (UNECE), WP.29. While the regulation doesn’t tell automakers how to secure their vehicles, it does outline actions that must be done.
The recommendations include making efforts to manage risks, detecting and responding to cybersecurity threats across feels, designing secure systems across the supply chain, and providing secure software updates for on-board systems for the life of the vehicle. UNECE WP.29 is supported by several European Union countries, China, Japan and Korea. WP.29-compliance is not required until July 2024.
The report’s authors say that ISO SAE 21434 provides implementation information for engineering the electrical and electronic (E/E) systems from the cybersecurity perspective for vehicles, including the participants in the supply chain. But because of the timing of UNECE WP.29, the authors aren’t optimistic about the situation between now and then. “This delay leaves threat actors years to operate in the largely unregulated and insecure space of connected vehicles,” the authors warn.
Top Stories
INSIDERResearch Lab
University of Rochester Lab Creates New 'Reddmatter' Superconductivity Material...
INSIDERAR/AI
MIT Report Finds US Lead in Advanced Computing is Almost Gone - Mobility...
INSIDERElectronics & Computers
Airbus Starts Testing Autonomous Landing, Taxi Assistance on A350 DragonFly...
INSIDERSensors/Data Acquisition
Boeing to Develop Two New E-7 Variants for US Air Force - Mobility Engineering...
INSIDERWeapons Systems
PAC-3 Missile Successfully Intercepts Cruise Missile Target - Mobility...
INSIDERManned Systems
Air Force Pioneers the Future of Synthetic Jet Fuel - Mobility Engineering...
Webcasts
Electronics & Computers
Specifying Laser Modules for Optimized System Performance
Aerospace
The Power of Optical & Quantum Technology, Networking, &...
Automotive
How to Achieve Seamless Deployment of Level 3 Virtual ECUs for Automotive...
Manufacturing & Prototyping
Tailoring Additive Manufacturing to Your Needs: Strategies for Performance and...
Automotive
Driver-Monitoring: A New Era for Advancements in Sensor Technology
Electronics & Computers
Leveraging Machine Learning in CAE to Reduce Prototype Simulation and Testing
Trending Stories
ArticlesEnergy
BriefsSensors/Data Acquisition
Real Time Physiological Status Monitoring
ArticlesMechanical & Fluid Systems
Reducing the High Cost Of Titanium
ArticlesCommunications
Solving Military Satellite, Radar and 5G Communications Challenges with...