Vehicle OEMs will need confidence that their products can provide security against current and emerging cyber threats from espionage to remote hacking. Companies need to assess their complete digital risk profile and implement appropriate measures for each element. To be successful this requires a deep knowledge of both best practices in cybersecurity, and automotive design and development. For these reasons, Ricardo has teamed with Roke Manor Ltd, a leading UK innovator in cybersecurity, autonomy and communications.
The go-forward solution will be for vehicles to be safe and secure by design. These, sometimes conflicting, requirements impact vehicle electronic architecture design in terms of processing, redundancy, networking and power consumption. Additional processors, gateways and the prospect of dual CAN and ethernet networks add cost to vehicles. Hence companies need to determine a suitable short term path of either digital resilience at minimal cost or invest in a platform for the future. A corresponding key business question is whether the future platform can yield product differentiation or other consumer value benefits to justify its costs.
Digital risks for vehicles exist from product design to end of life. Requirements include best practices to minimize corporate liability, but there is also increasing discussion of legislative requirements especially in Europe. As a framework to guide risk assessments and implement solutions, Ricardo and Roke consider the automotive attack space as a number of overlapping layers, each requiring its own digital resilience solution. The chart below provides an overview of these layers. An advantage for Roke and Ricardo in identifying and mitigating the key risks is our broad industry experience as we have developed solutions for passenger cars, commercial trucks, infrastructure and Rail applications. Our experience is the business situation varies significant between companies, and, hence, the most appropriate practice, and cost of implementation, will also vary, especially in the short term through 2025.
The cyber attack surface is complex and covers many layers, many of which are outside the direct control of OEMs and supply-chain’s
Automotive cybersecurity is a necessary requirement as we move towards more connected and autonomous vehicles. At our conference, this topic is the subject of specific presentations by Peter Lockhart and Gloria D’Anna as well as discussion points throughout the day. The goal for future vehicles will be digital resilience and secure by design. This will require a holistic cybersecurity approach across all aspects of vehicle design, development, launch and aftersales activities. It will bring additional cost for development and vehicle production, but the cost of not ensuring security will likely be much higher. A discussion of the different approaches and best practices for cybersecurity through 2025 should be an intriguing aspect of the conference discussions. Find out more about the Advanced Mobility 2025 conference or click here to register.