Tag Archives: Automotive Cyber Security

Auto2x Automotive Consultancy

New Autonomous Driving Roadmap report: Drivers to legally take their “eyes-off” the road from 2017

Learn about leading OEMs’ ADAS & Autonomous Driving roadmap and strategies

Auto2x’s latest report examines the current status of autonomous vehicle deployment including the ADAS&AD portfolio of 24 leading OEMs, the engineering and regulatory challenges for high levels of autonomy and the business models to overcome and monetise them. Finally, we provide a technological roadmap for the introduction of L2-5 by leading OEM and a penetration forecast of cars equipped with different levels of autonomy over the next decade.

CADILLAC supercruiseRead about our key findings:

2017 will see the introduction of technology that allows “eyes-off” the road

2017 is the year of transition from Partially-automated cars (SAE L2), where drivers are in complete control with ADAS providing assistance for safety and convenience, to Conditionally-automated ones (L3) which can take over the driving and monitoring task under specific scenarios allowing the driver to be ‘’distracted’’. However, in L3 the driver will still be the ultimate back-up and must remain ‘’available’’ to regain control within a few seconds of the
takeover request.

Level 3 deployment is still subject to regional regulatory approval. What’s more, the regulatory and legal framework differs across leading car markets. This could result in lack of harmonisation and restrict standardisation, adversely impacting the adoption of higher levels of vehicle autonomy.

Germany legalises Level 3 automated driving giving a head-start to German carmakers

Germany wants to be in the forefront of Autonomous driving (testing and deployment) ahead of the U.S. therefore it has amended the German Road Traffic Act (Straßenverkehrsgesetz, StVG) to allow domestic car manufacturers, which already are closer to L3, to deploy their systems in the market. Deployment of L3 in Germany would be possible under the new framework, but also provided that systems are compliant with UNECE regulations and data recording for accident reconstruction and claims.

The transition from driver-centric regulation to Automated Driving Systems is necessary for the deployment of higher levels of vehicle autonomy. Amendment in international regulations and national traffic laws will soon give the green light for deployment but will there be regional inconsistences between what’s legal?

The removal of the front passenger seat allows for full forward vision creating a uniquely spacious environment.

Another OEM skips L3 as the debate for Conditionally-Unsupervised driving continues

Volvo is now added to the list of carmakers pulling away from deployment of Level 3 with the CEO characterizing the handover of vehicle control as unsafe. The company claims they will only offer (completely) unsupervised autonomous mode when it’s safe, for which it will assume full responsibility. This comes a few months away from the first-ever L3-equipped car from Audi.

Different OEM strategies over Supervised vs Conditionally and Completely-Unsupervised driving

This development is another demonstration of the different approaches leading car manufacturers are following to commercialize automated driving amid the engineering, regulatory and consumer adoption hurdles.

The industry is currently facing a debate over supervised (L0-2) vs (optionally) unsupervised driving (L4-5) and whether an intermediate” level (L3), where the system can monitor but drivers have to takeover in case of an emergency is safe and adds value to owners. Thus, the commercialisation of L3 is uncertain given the high cost/benefit ratio, i.e. the marginal impact on safety and driver convenience from L2 comparing to the massive engineering challenge.

Partially-automated (L2) model offerings expand to the compact segment

At the same time, more carmakers are introducing L2 parking and driving capabilities and expand L2 feature availability across their model range. What’s more important though is that L2 expands from premium large cars to the compact car segment. This breakthrough is another indicator that ADAS are no longer the privilege of flagships, premium large cars and luxurious SUVs since regulations, consumer requirements and competition drive fitment of ADAS.

l2 2015-17

Aggressive marketing contributes to customer confusion and leads to misuse and/or abuse of L2

L2’s purpose is to assist the driver but not substitute him by offering longitudinal and lateral assistance. L2 Traffic Jam Assists and Cruise Assists may allow a few seconds of hands-free driving
but do not have the system capability and redundancy to monitor the road-hence your hands-on-the steering- wheel are mandatory (from both technological and legal perspective) despite what you here from some aggressive marketing campaigns.

Engineering challenges to drive demand for sensors, SW and collaborations

A Mobileye executive has recently described the challenge and complexity of launching SAE L4, i.e. chauffer driving and valet parking features among others, with putting a man on the moon. Higher level of vehicle automation will require augmented sensor set, new architecture and innovative validation methods among others.

This will drive demand for sensors, supercomputers, high precision
maps etc. It will also drive further collaboration between OEMs and Tier 1s-2s for the development of AD platforms-be it L4 for car sharing or not.

New business models arise in the new era of smart mobility

Carmakers, Tier-1s and new-entrants, such as tech giants Apple and Google (Waymo) and MNOs compete in the autonomous vehicle race to establish a winning portfolio or just remain competitive.

L4/fully-automated vehicles will revolutionise transportation and mobility leading to what we call Intelligent Mobility. This includes the rising car-sharing and ride-sharing businesses as well as new
vehicle ownership models in the Passenger Car market. We analyse opportunities across the supply chain.

For a detailed Table of Contents or Sample Pages contact us on: (+44) (0)20 3286 4562, info@auto2xtech.com or visit auto2xtech.com.

Concern about car hacking has grown but industry response remains weak, says Security Innovation’s survey

Security is a safety issue and a top priority for the USDOT but is it also for OEMs and other stakeholders?

NHTSA’s recent guidelines about vehicle cybersecurity urge stakeholders to make security an organisational priority and adopt existing guidance (standards from SAE, Auto-ISAC) among others.

The regulatory action follows recent ”white hacker” demostrations of security weaknesses in modern cars -with Tesla being the latest ”victim” – and concern that as vehicle connectivity, automation and V2V communication progresses a succesful malicious attack could have catastrophic consequences.

Security Innovation’s survey identifies gap 

A cybersecurity survey of more than 500 automotive professionals from OEMs and suppliers sponsored by Security Innovation and
INTEGRITY Security Services indicates that a gap exists in securing Connected Cars.

Half of the 500 automotive OEM and suppliers’ professionals surveyed in Security Innovation’s latest Vehicle Cybersecurity study believe that ”hackers are actively targeting automobiles but only 54% of respondents agree that security is a priority for their company. This puts the automotive near the bottom of those industries who put security as a priority with financial at the top”.

Another finding was that ”the lack of skilled personnel and requirements, and pressure to meet release dates are the main
impediments to secure software development”.

Check their whitepaper here: https://lnkd.in/dq7263e

Automotive Cyber Security is becoming a top priority for OEMs but lack of regulation and standardisation restricts security adoption, Auto2x 

Auto2x is concerced that while carmakers strive to roll out more and more Connected Cars and models equipped with Advanced
Driver Assistance Systems in an attempt to gain competitive advantage and enhance costumer-loyalty, cybersecurity remains an afterthough.

Read why Auto2x believes that Automotive cyber security and privacy is the new frontier for Connected Cars: https://lnkd.in/dkScaEg

To learn more about the status of Automotive Cyber Security regulation and what solutions leading companies offer to secure Connected Cars see our report:

Automotive Cyber Security Market Forecast 2015-2025: the secure Connected Car (https://auto2xtech.com/articles/automotive-cyber-security-the-connected-car-forecast-2015-2025/)

About Auto2x

Auto2x is a London-based automotive consultancy that offers business intelligence reports and custom research to carmakers, Tier 1s and other key stakeholders.

For more information on this report, including sample pages and full Table of Contents, please contact us on (+44) (0)20 3286 4562 or using Contact us form

Vehicle Cybersecurity a key part of USDOT’s Federal Autonomous Vehicle Policy

Identification, protection, detection, response and recovery functions should be in place, DOT says


September 20th saw the USDOT announcing voluntary federal guidelines for Highly Automated Vehicles (HAVs) to promote safe and secure AV testing and deployment across the country. The voluntary guidance signals DOT’s intention not to mandate AV rules but to work with OEMs and other companies developing autonomous driving technology.

Status of AV regulation in the U.S: testing and deployment

The United States offer a favourable environment for AV testing and deployment- North America was the first region to introduce legislation to permit testing of automated vehicles. No federal regulatory framework is present as states were responsible for deciding whether or not to approve AV testing.

What is more, a self-certification process applies in the US, i.e. OEMs need to make sure that their vehicles and standard vehicle equipment comply with all relevant FMVSSs NHTSA issues.

Key findings from FAVP

Amid the absence of federal AV regulation and inconsistencies between state-level testing and deployment Autonomous Vehicle regulations NHTSA’s Vehicle Performance Guidance provides an outline for best practices for anyone seeking to manufacture, design, test, use or sell automated vehicles or vehicle automation equipment in the United States. The guidance focuses on highly automated vehicles (HAVs=SAE L3/L4/L5) and applies to light, medium and heavy vehicles, whether developed for testing or production.

  1. Voluntary guidelines for HAVs instead of regulation to avoid lengthy regulatory process (4-8 years) and enable updatability (annually) and relevance
  2. Guidance is not mandatory but the consensus is that NHTSA will make the VGP elements mandatory, similar to a FAA type approval. USDOT’s chief announced yesterday that the next U.S. president will formalise the AV rules
  3. USDOT wants L2 and HAV manufacturers to voluntarily submit the 15-point Safety Assessment for testing and deployment: (meet / not meet guidance / Not applicable). This ‘’Pre-market approval for testing and deployment’’ of HAVs marks a significant change to NHTSA’s current regulatory regime of “self-certification” with all FMVSSs, post-fitment
  4. The change from self-certification process to pre-testing and pre-deployment approval, as well as the large amount of data recording and sharing required, have been met with criticism from the auto industry as it could drastically slow down the rollout of driverless cars
  5. The policy has immediate effect apart from data and information collection. Comments are expected until November 22


Vehicle Cybersecurity

”Manufacturers and other entities should follow a robust product development process based on a systems-engineering approach to minimize risks to safety, including those due to cybersecurity threats and vulnerabilities. This process should include systematic and ongoing safety risk assessment for the HAV system, the overall vehicle design into which it is being integrated, and when applicable, the broader transportation ecosystem. The identification, protection, detection, response, and recovery functions should be used to enable risk management decisions, address risks and threats, and enable quick response to and learning from cybersecurity events.

Identification, protection, detection, response, and recovery functions

While this is an evolving area and more research is necessary before proposing a regulatory standard, entities are encouraged to design their HAV systems following established best practices for cyber physical vehicle systems. In particular, entities should consider and incorporate guidance, best practices, and design principles published by National Institute for Standards and Technology (NIST), NHTSA, SAE International, the Alliance of Automobile Manufacturers, the Association of Global Automakers, the Automotive Information Sharing and Analysis Center (ISAC) and other relevant organizations.

The entire process of incorporating cybersecurity considerations should be fully documented and all actions, changes, design choices, analyses, associated testing and data should be traceable within a robust document version control environment.

As with safety data, industry sharing on cybersecurity is important. Each industry member should not have to experience the same cyber vulnerabilities in order to learn from them. That is the purpose of the Auto-ISAC, to promote group learning. To that end entities should report any and all discovered vulnerabilities from field incidents, internal testing, or external security research to the Auto-ISAC as soon as possible, regardless of membership. Entities involved with HAVs should consider adopting a vulnerability disclosure policy.”

What happens next

Although most of the guidance is effective immediately, NHTSA has invited public comment for 60 days at www.transportation.gov/AV. Today, DOT’s chief said that the next president would formalize self-drive rules into a mandate.

These developments reaffirm our position that Automotive Cyber Security is now a top priority for carmakers, as well as regulators, because of its implications on physical safety, the carmakers’ whole business and the transition towards more automated vehicles.

Collaborative, proactive Automotive Cyber Security is paramount, but is it realistic?

Although we view any collaborative, industry-wide agreement as a step forward, we approach this development with scepticism because of the degree of effectiveness when relying in voluntary agreements in an industry characterised by the lack of collaboration among OEMs.

Carmakers disagree on the effectiveness of a mandate, with some arguing that industry-wide cybersecurity guidelines and practices would be more appropriate to mitigate real-life malicious cyber-attacks than a government regulation in terms of speed of action and relevance.

But in our view, mandatory fitment of robust software and/or hardware solutions together with industry-wide standards and certification of peripheral devices can reduce organised crime’s incentives to attack cars as their probability of success and their gain from infiltrating car security will decrease significantly.

To get a better understanding of how global Car Cybersecurity regulation evolves and its implications for leading players read in our report Automotive Cyber Security Market Forecast: the secure Connected Car.

For more information on this report, including sample pages and full Table of Contents, please contact us on (+44) (0)20 3286 4562 or using Contact us form

Auto2x Automotive Consultancy

New JV in Automotive Cyber Security: VW-CyMotive Technologies


Security is at the forefront of OEMs’ agenda as vulnerabilities and car hacks in Connected Cars are real and imminent. What is more, with Level 3 automation expected to hit the road next summer and V2V on the agenda, carmakers need expertise to protect the vehicles’ augmented attack vector.

In this direction, Volkswagen and Israeli start-up CyMotive Technologies formed a Joint Venture to develop automotive cyber security solutions that would protect Connected and Autonomous cars from malicious attacks. CYMOTIVE Technologies is a newly founded company based in Herzliya, Israel and led by Yuval Diskin, Tsafrir Kats and Dr Tamir Bechor.

The news come almost one month after two UK-based computer experts revealed that over 100 million cars sold by Volkswagen since 1995 are susceptible to hacking due to security flaws in keyless entry systems.


Volkswagen will own 40% stake while the Herzliya-based partners 60% and will be working exclusively with VW for the foreseeable future but with a view to target more OEMs at some point.

“It is a long-term investment in cyber security to make vehicles and their ecosystem more secure” Volkswagen’s Head of Electrical and Electronic Development Dr Volkmar Tanneberger commented.

Auto2x believes that this development confirms Israel’s status as a leading hub in Automotive Cyber Security as many Israeli start-ups are have been in the epicentre of investment, M&A and partnerships in this segment. In the beginning of the year, Argus Cyber Security announced a partnership with Check Point and earlier with Magna. In late 2015, TowerSec and RedBend were acquired by Harman. Finally, this summer, Karamba Security launched its CarWall software.

‘’The expansion of the vehicle’s attack surface means that many OEMs will have to rely more on automotive cyber security companies with expertise in this field, since most Tier-1s’ expertise is also limited. The outcome will be the formation of new partnerships, M&A and further investment in the Automotive Cyber Security market.’’

Georgios Stathousis, Auto2x

To find out who are the leading suppliers of software, hardware solutions and services in Connected Car Security and a competitive assessment of their portfolio read our report Automotive Cyber Security Market Forecast: the secure Connected Car.

Automotive Cyber Security

Karamba Security and Symantec launch new products for Automotive Cyber Security

Retrofitting existing vehicles is a priority

Demand for solutions that protect existing and upcoming Connected Cars from cyber-threats is high and as a result new companies are entering the Automotive Cyber Security arena. These news come just a few days after the car alarm hack in a Mitsubishi Outlander hybrid and the faulty software update that caused trouble to Lexus owners in the US.

Back in March, the FBI in a joint statement with the NHTSA and UDOT warned about the vulnerabilities of modern vehicles, advising owners to keeping automotive software up to date as well as avoiding any unauthorized changes to a vehicle’s software and being careful about plugging insecure gadgets into the car’s network.

Karamba launches CarWall software to secure Connected Cars

Karamba Security, the US-Israeli start-up which in April  raised $2.5 million, launched CarWall, a purely software solution that enables OEMs and Tier-1s to detect any deviations from factory settings and prevent exploits by hardening ECUs against any type of foreign 0code.

We interviewed Karamba’s Executive Chairman and one of its cofounders, Mr David Barzilai, for our new report on the Automotive Cyber Security market which is expected to be published in end-Jun 2016. Here’s an extract of how he describes Karamba’s offerings:

 ‘’Karamba’s software is a unique proposition because it resides on externally-connected ECUs, which are the gates to the car, and it has the ability to automatically learn all the factory settings of the car ECU software. Thereafter, any foreign code or any function code detected that is not part of the factory settings clearly implies a threat. We seal the ECU software automatically and we do the detection and prevention based on this sealing automatically as well. This means that our solution does not required any developers’ attention, or changes, which is important for the industry.

Finally, Karamba’s solution does not require any updates which is also quite important for the industry because this industry is not accustomed to updates. But when you release a new version of your ECU we should be part of this ECU software as well.’’

To read the whole transcript please contact us about our upcoming report.CyberSecurity-1024x474


Symantec launches Anomaly Detection for Automotive

California, US-based Symantec Corporation announced the launch of a new software for Automotive Cyber Security called Anomaly Detection for Automotive. The software uses machine learning to analyze the normal behaviour of a vehicle’s CAN, spot security threats and neutralize them.

This launch demonstrate that Symantec is expecting substantial growth in automotive security, which constitutes a part of IoT security. The company already offers embedded security tools, code signing and managed public key infrastructure to secure.

To learn more about the market status of the Automotive Cyber Security market, together with our forecast for adoption and the outlook for leading companies read our report:

Automotive Cyber Security Market Forecast: the secure Connected Car

For a detailed Table of Contents or Sample Pages contact us on:

(+44) (0)20 3286 4562, info@auto2xtech.com or visit auto2xtech.com


Automotive cyber security and privacy: the new frontier for Connected Cars

Over the next decade, as automobile-driving progresses from Connected and Assisted to highly and fully-automated, the protection of the vehicle’s augmented ‘’attack surface’’ will become a top priority for carmakers and regulators. Thus, vehicle safety will expand from passive and active to yet another dimension, that of security against cyber threats, which also includes data privacy.

This is because holistic safety, security and privacy are incremental features for consumer acceptance of these new automotive technologies. They are also paramount for the viability of OEMs’ investment and critical for the transition towards more autonomous and eventually self-driving cars.

Additionally, as V2V and Vehicle-to-Infrastructure communications expand, another segment in the Automotive Cyber Security market will be unveiled, one that also needs to be addressed now.

We assess that in the wake of the recent car hacks by cyber security researchers and US Senator Markey’s report on the vulnerability of modern vehicles to malicious attacks, Automotive Cyber Security will unfold as the key topic in OEMs and suppliers’ agenda for the immediate future.

Moreover, we expect that the competitive landscape will alter significantly from its current status through M&A, the formation of new partnerships, and new investments. Consequently, new business models and opportunities will arise.

The key challenges here are how quickly the level of security and privacy in Connected Cars will rise to sufficient levels to avoid having vulnerable vehicles. Furthermore, how the cost of embedding cyber security solutions to new vehicles will affect OEMs, consumers and other key automotive stakeholders.

’The expansion of the vehicle’s attack surface means that many OEMs will have to rely more on automotive cyber security companies with expertise in this field, since most Tier-1s’ expertise is also limited. The outcome will be the formation of new partnerships, M&A and further investment in the Automotive Cyber Security market.’’

What this report delivers:

Our report identifies the drivers that will fuel growth in the Automotive Cyber Security market over the next decade and provides a roadmap of adoption for Cyber Security solutions for Connected Cars.

Additionally, it delivers an insight into the evolution of the market landscape, drawing conclusions from a panel of industry experts and our in-house expertise.


Analysis of the current market landscape and the opportunities it presents:

  • demand vs supply, OEM-fitment, recent hacking events, regulatory status in 2014/15
  • investment, M&A and partnerships in the Automotive Cyber Security market

Identification of the drivers of growth during the forecast period to help you understand what will drive future changes in cybersecurity technology:

  • proliferation of Connected Cars and Connected-to-the-car devices (Internet-of-Vehicle)
  • enhanced demand for penetration testing and product evaluation from OEMs
  • increasing role of cloud technology and network architectures
  • Government regulation and standards (SPYAct, SAE International, etc.)

Forecasts for the period 2015-2025:

  • Automotive Cyber Security Forecast 2015-2025: Roadmap of adoption in US and W.Europe
  • Hardware Vs. Software-based Automotive Cyber Security solutions and Services
  • Forecast of Cost of Automotive Cyber Security Solutions Per Vehicle for OEMs ($)
  • Drivers of growth and restraints of adoption over the next decade
  • Global & Regional Connected Car Forecast 2015-2025
  • Forecast of cars equipped with Over-The-Air (OTA) Update Capability 2015-2025
  • US V2V & V2I Communications Penetration Forecast 2015-2025

Understand the competitive landscape by reading the 4 exclusive interviews with representatives from the leading companies with the Automotive Cyber Security market:

  • Arilou Technologies
  • Cisco Systems
  • SBD
  • TowerSec

Identify the leading companies within Automotive Cyber Security by reading the 14 company profiles together with their service and product portfolio of:

  • Argus Cyber Security
  • Arilou Technologies
  • BT Security
  • Cisco Systems
  • ESCRYPT Embedded Systems
  • Intel Corporation
  • NXP Semiconductors
  • Red Bend Software
  • SBD & NCC Group
  • Secunet AG
  • Security Innovation
  • Symphony Teleca & Guardtime
  • TowerSec
  • Utimaco GmbH
  • Other Leading Companies in the Automotive Cyber Security Market

Conclusions of our findings and recommendations for key stakeholders.

For more information on our Automotive Cyber Security Market Forecast: the secure Connected Car report including Sample pages and full Table of Contents, please contact us on

For more information on this report, including sample pages and full Table of Contents, please contact us on (+44) (0)20 3286 4562 or using Contact us form

Auto2x partners with Future Connected Cars USA


We’re pleased to announce that Auto2x is partnering with Future Connected Cars USA,taking place on 10-12 May 2016 in Santa Clara.

This is a three-day event that brings together key OEM decision-makers and solution providers to identify how OEMs can maximise connected car revenues from future technologies. Specific areas include fully autonomous vehicles, ADAS, V2X and predictive intelligence. Meet 250+ attendees including an entirely new audience of industry players focused on the internet of things, smart homes and cities.

Download the latest draft agenda here

Hear from 50+ speakers including major OEMs such as GM, Ford, Honda, Mercedes Benz, Toyota and many more. Through 15+ hours of networking, focused workshops and discussion groups the event will help develop and identify new business strategies to make the most of future growth.

Book your ticket to the conference today and save up to $700!
Quote additional 10% discount code I8ZMUTX

2016 Speakers include


Auto2x Automotive Consultancy

February update on car hacks, partnerships and new product launches


Researcher reveals vulnerabilities in NissanConnect EV app

An Australian researcher unveiled security vulnerabilities in Nissan Leaf’s app NissanConnect, an app that allows owners of the EV to remotely access some of its functions. The vulnerability is not life- threatening but could allow hackers to remotely send commands to the electric vehicle which could affect its battery life and even access journey and distance data. The app requires a vehicle’s VIN (Vehicle Identification Number) which the researcher was able to crack but disabling the app would eliminate security concerns for owners.


Movimento partnered with security provider Vidder to deliver a cloud-based security solution that stops potential hacks in their tracks. Movimento will incorporate Vidder’s PrecisionAccess, which is based on a new Software Defined Perimeter (SDP) architecture, into its OTA platform to prevent hacks.

New product launches

During the Barcelona MWC, Samsung launched Connect Auto, a connected car dongle which plugs directly to the vehicle’s OBD II port. The solution is secured using Samsung Knox and Tizen OS for interoperability.

Additionally, from 2017, Volvo owners will be able to opt for a digital key via a mobile app, to substitute the physical key and make car sharing easier.

Finally, Renesas Electronics announced that it will offer a beta form of its Synergy Platform DLM, a solutions that provides security capabilities to OEMs who build devices connecting to the IoT, to select customers starting April 2016 and as a standard product in Q1, CY2017

Auto2x report

To learn more about the Automotive Cyber Security market, including the market status in 2015 and our forecast on the adoption of Cyber Security solutions for Connected Cars in key geographies over the next decade read our report:

Automotive Cyber Security Market Forecast: the secure Connected Car

For more information on this report, including sample pages and full Table of Contents, please contact us on (+44) (0)20 3286 4562 or using Contact us form

Secure Over-the-Air (OTA) software updates to be key in the Automotive Cyber Security Market

Massive vehicle recalls, massive fines-is there a better way?

After the second consecutive year of massive vehicle recalls and associated fines in the US, it is evident that the automotive industry needs a better, cheaper and quicker way to detect, report and fix defects. According to NHTSA’s administrator Mark Rosekind, more than 51 million vehicles were recalled in 2015 in almost 900 separate recalls, comparing to 803 in 2014.

First major cyber security-related recall in 2015-more to follow?

Safety-related recalls, primarily the defects in Takata’s airbags and General Motors’ ignitions, contributed the most in the new record-setting recall number in the world’s second largest car market.

However, during 2015, we experienced what we consider as the first major recall due a cyber security vulnerability -even though it was exposed by white hackers rather than organised crime. In detail, Fiat Chrysler had to recall 1.4 million cars to update the software in the affected vehicles after cyber security researchers were able to remotely infiltrate a 2014 Jeep equipped with Harman’s U-Connect.

More cyber security-related vulnerabilities where report last year, namely in BMW’s Connected Drive, GM’s OnStar and Tesla, but because models from these three carmakers feature OTA updates, the vulnerabilities were fixed via remote deployment of software patches.

Security is a whole new dimension in Connected Cars driven by the increasing role of software in modern cars

But as the number of ECUs, interconnected via CAN, MOST and other IVNs, increases in modern vehicles, the role and cost of software becomes more and more important, due to its growing amount and complexity.

OTA software updates as a response to the vehicle electronics lifecycle conundrum

Thus, software management throughout its entire lifecycle becomes paramount for carmakers. This is where OTA software updates can help by providing the much-desired upgradability and by bridging the gap between the differences in software and hardware lifecycle.

OTA updates’ role to expand from functionality to security for Connected Cars

What is more, because of the increasing role of software, we expect that software-related defects will become increasingly important, both in number and magnitude. This is because the proliferation of Connected Car, connected devices, and the progression from ADAS to automated driving and self-driving cars, the attack surface of the vehicle will increase exponentially.

As a result, we expect more and more OEMs to adopt OTA software updates to fix software glitches and security vulnerabilities quickly and remotely. Identifying defects sooner and fixing them quicker and cheaper is a top priority for carmakers and regulators. And the adoption of OTA updates can eliminate software recalls and their associated warranty costs, thus preserving the OEM’s brand image and improving customer satisfaction.

As OTA become mainstream, security will be a top priority

Secure OTA software updates must provide update reliability and protection of the data transmitted to and from the vehicle. At the same time, they must meet the strictest security and safety standards. Which companies are the leaders in embedded security for Connected Cars? What are there product offerings?

To learn about secure OTA and their role in the Automotive Cyber Security market read our report:

Automotive Cyber Security Market Forecast: the secure Connected Car

For more information on this report, including sample pages and full Table of Contents, please contact us on (+44) (0)20 3286 4562 or using Contact us form

Automotive Cyber Security Market: 26 companies to watch in 2016

The acquisition of TowerSec by Harman last month and the partnership between Argus and Israeli Check Point are just a start to what we believe will be a ground-braking year for the Automotive Cyber Security market. 2016 is the year when securing the Connected Car will unfold as the top priority for OEMs and regulators.
This is because as the Internet-of-Car expands and generates increasing amounts of data, a proactive and preventing approach on cyber security will be necessary. Consequently, mandatory fitment will come sooner than expected fuelling demand for Automotive Cyber Security expertise over the next decade.

Which are the companies to watch in 2016 and why?

We monitor the developments of more than 25 suppliers of Automotive Cyber Security solutions globally, together with all OEMs, Tier 1s and key providers of Connected Car products and platforms.


Fig.1: 26 Companies to watch in the Automotive Cyber Security market in 2016

AIRMIKA Inc. (USA) NXP Semiconductors (Netherlands)
Argus Cyber Security Ltd. (Israel) OIActive (USA)
Arilou Technologies Ltd. (Israel) Qualcomm (USA)
BT Security (UK) Red Bend Software (Israel)
Cisco Systems Inc. (USA) SBD & NCC Group (UK)
Continental AG (Germany) Secunet AG (Germany)
Covisint Corporation (USA) Security Innovation Inc. (USA)
ESCRYPT Embedded Security (Germany) Symphony Teleca & Guardtime (USA)
Harman International Industries (USA) Tech Mahindra (India)
Infineon Technologies AG (Germany) TowerSec (USA)
Intel Security (USA) Trillium Inc. (Japan)
IVSG LLC (USA) Utimaco GmbH (Germany)
Lear Corporation (USA) WhiteCryction (USA)


Source: Auto2x 2016


Here are some of the key factors we assess:

  • Product/Service portfolio
  • Product/Service category: software-based, hardware-based or services
  • Product/Service target: OEMs, consumers, dealerships
  • Company structure and financials (R&D expenditure, earnings, funding)
  • Company maturity: start-up, mature, etc.
  • Location
  • Number of employees
  • Announcements of pilot programs, product evaluation or partnerships with OEMs or Tier 1s

 These factors allow us to establish the following for each company:

  • Role in the marketplace
  • Product differentiation
  • Competitive advantage
  • Outlook

Understand the role of each company in the marketplace, read about their outlook over the next decade and build your strategy to take advantage of the changing landscape in the Automotive Cyber Security Market.  Is embedding cyber security solutions in cars enough to prevent cybe-attacks or there is more to be done?

Read more in our report Automotive Cyber Security Market Forecast 2015-2025: the secure Connected Car.