Auto2x Automotive Consultancy

February update on car hacks, partnerships and new product launches


Researcher reveals vulnerabilities in NissanConnect EV app

An Australian researcher unveiled security vulnerabilities in Nissan Leaf’s app NissanConnect, an app that allows owners of the EV to remotely access some of its functions. The vulnerability is not life- threatening but could allow hackers to remotely send commands to the electric vehicle which could affect its battery life and even access journey and distance data. The app requires a vehicle’s VIN (Vehicle Identification Number) which the researcher was able to crack but disabling the app would eliminate security concerns for owners.


Movimento partnered with security provider Vidder to deliver a cloud-based security solution that stops potential hacks in their tracks. Movimento will incorporate Vidder’s PrecisionAccess, which is based on a new Software Defined Perimeter (SDP) architecture, into its OTA platform to prevent hacks.

New product launches

During the Barcelona MWC, Samsung launched Connect Auto, a connected car dongle which plugs directly to the vehicle’s OBD II port. The solution is secured using Samsung Knox and Tizen OS for interoperability.

Additionally, from 2017, Volvo owners will be able to opt for a digital key via a mobile app, to substitute the physical key and make car sharing easier.

Finally, Renesas Electronics announced that it will offer a beta form of its Synergy Platform DLM, a solutions that provides security capabilities to OEMs who build devices connecting to the IoT, to select customers starting April 2016 and as a standard product in Q1, CY2017

Auto2x report

To learn more about the Automotive Cyber Security market, including the market status in 2015 and our forecast on the adoption of Cyber Security solutions for Connected Cars in key geographies over the next decade read our report:

Automotive Cyber Security Market Forecast: the secure Connected Car

For more information on this report, including sample pages and full Table of Contents, please contact us on (+44) (0)20 3286 4562 or using Contact us form

Secure Over-the-Air (OTA) software updates to be key in the Automotive Cyber Security Market

Massive vehicle recalls, massive fines-is there a better way?

After the second consecutive year of massive vehicle recalls and associated fines in the US, it is evident that the automotive industry needs a better, cheaper and quicker way to detect, report and fix defects. According to NHTSA’s administrator Mark Rosekind, more than 51 million vehicles were recalled in 2015 in almost 900 separate recalls, comparing to 803 in 2014.

First major cyber security-related recall in 2015-more to follow?

Safety-related recalls, primarily the defects in Takata’s airbags and General Motors’ ignitions, contributed the most in the new record-setting recall number in the world’s second largest car market.

However, during 2015, we experienced what we consider as the first major recall due a cyber security vulnerability -even though it was exposed by white hackers rather than organised crime. In detail, Fiat Chrysler had to recall 1.4 million cars to update the software in the affected vehicles after cyber security researchers were able to remotely infiltrate a 2014 Jeep equipped with Harman’s U-Connect.

More cyber security-related vulnerabilities where report last year, namely in BMW’s Connected Drive, GM’s OnStar and Tesla, but because models from these three carmakers feature OTA updates, the vulnerabilities were fixed via remote deployment of software patches.

Security is a whole new dimension in Connected Cars driven by the increasing role of software in modern cars

But as the number of ECUs, interconnected via CAN, MOST and other IVNs, increases in modern vehicles, the role and cost of software becomes more and more important, due to its growing amount and complexity.

OTA software updates as a response to the vehicle electronics lifecycle conundrum

Thus, software management throughout its entire lifecycle becomes paramount for carmakers. This is where OTA software updates can help by providing the much-desired upgradability and by bridging the gap between the differences in software and hardware lifecycle.

OTA updates’ role to expand from functionality to security for Connected Cars

What is more, because of the increasing role of software, we expect that software-related defects will become increasingly important, both in number and magnitude. This is because the proliferation of Connected Car, connected devices, and the progression from ADAS to automated driving and self-driving cars, the attack surface of the vehicle will increase exponentially.

As a result, we expect more and more OEMs to adopt OTA software updates to fix software glitches and security vulnerabilities quickly and remotely. Identifying defects sooner and fixing them quicker and cheaper is a top priority for carmakers and regulators. And the adoption of OTA updates can eliminate software recalls and their associated warranty costs, thus preserving the OEM’s brand image and improving customer satisfaction.

As OTA become mainstream, security will be a top priority

Secure OTA software updates must provide update reliability and protection of the data transmitted to and from the vehicle. At the same time, they must meet the strictest security and safety standards. Which companies are the leaders in embedded security for Connected Cars? What are there product offerings?

To learn about secure OTA and their role in the Automotive Cyber Security market read our report:

Automotive Cyber Security Market Forecast: the secure Connected Car

For more information on this report, including sample pages and full Table of Contents, please contact us on (+44) (0)20 3286 4562 or using Contact us form

Automotive Cyber Security Market: 26 companies to watch in 2016

The acquisition of TowerSec by Harman last month and the partnership between Argus and Israeli Check Point are just a start to what we believe will be a ground-braking year for the Automotive Cyber Security market. 2016 is the year when securing the Connected Car will unfold as the top priority for OEMs and regulators.
This is because as the Internet-of-Car expands and generates increasing amounts of data, a proactive and preventing approach on cyber security will be necessary. Consequently, mandatory fitment will come sooner than expected fuelling demand for Automotive Cyber Security expertise over the next decade.

Which are the companies to watch in 2016 and why?

We monitor the developments of more than 25 suppliers of Automotive Cyber Security solutions globally, together with all OEMs, Tier 1s and key providers of Connected Car products and platforms.


Fig.1: 26 Companies to watch in the Automotive Cyber Security market in 2016

AIRMIKA Inc. (USA) NXP Semiconductors (Netherlands)
Argus Cyber Security Ltd. (Israel) OIActive (USA)
Arilou Technologies Ltd. (Israel) Qualcomm (USA)
BT Security (UK) Red Bend Software (Israel)
Cisco Systems Inc. (USA) SBD & NCC Group (UK)
Continental AG (Germany) Secunet AG (Germany)
Covisint Corporation (USA) Security Innovation Inc. (USA)
ESCRYPT Embedded Security (Germany) Symphony Teleca & Guardtime (USA)
Harman International Industries (USA) Tech Mahindra (India)
Infineon Technologies AG (Germany) TowerSec (USA)
Intel Security (USA) Trillium Inc. (Japan)
IVSG LLC (USA) Utimaco GmbH (Germany)
Lear Corporation (USA) WhiteCryction (USA)


Source: Auto2x 2016


Here are some of the key factors we assess:

  • Product/Service portfolio
  • Product/Service category: software-based, hardware-based or services
  • Product/Service target: OEMs, consumers, dealerships
  • Company structure and financials (R&D expenditure, earnings, funding)
  • Company maturity: start-up, mature, etc.
  • Location
  • Number of employees
  • Announcements of pilot programs, product evaluation or partnerships with OEMs or Tier 1s

 These factors allow us to establish the following for each company:

  • Role in the marketplace
  • Product differentiation
  • Competitive advantage
  • Outlook

Understand the role of each company in the marketplace, read about their outlook over the next decade and build your strategy to take advantage of the changing landscape in the Automotive Cyber Security Market.  Is embedding cyber security solutions in cars enough to prevent cybe-attacks or there is more to be done?

Read more in our report Automotive Cyber Security Market Forecast 2015-2025: the secure Connected Car.