VEHICLE

Transport networks and the hardware that underpins their infrastructures are constantly evolving, largely driven by the emergence of smart and connected technologies.

The need to reduce our reliance on fossil fuels and consider sustainability has given rise to the adoption of electric vehicles, while autonomous functions, smart sensors, infotainment, and mobile connectivity have led to transport systems that streamline logistics and improve user experience.

However, modern smart transport and mobility technologies have also introduced new cybersecurity challenges, which IOActive has researched for many years.

The Software-Defined Vehicle (SDV) now dominates the automotive marketplace. SDVs utilize hypervisors, networking, and smart technologies to provide advanced safety features, including mapping, automation and driver assistance. These features are now widely expected in new vehicles and are poised to increase in complexity and sophistication with the inclusion of next-generation technologies, including machine learning and artificial intelligence.

While appealing to consumers, modern vehicle network architectures, networked vehicles, and internet-connected hardware supported by sophisticated firmware are also attractive targets for malicious threat actors.

IOActive has distinguished itself in the automotive security space with pioneering research on automotive products. This includes investigations relating to local and remote CAN bus attacks, the widely recognized 2014 Jeep hack, commercial truck testing, autonomous vehicles, electric vehicle supply equipment (EVSE), Electronic Brake Control Modules (EBCMs), infotainment systems, vehicle motion and position sensors, and more.

Our assessments have also covered remote access, web applications, back-end APIs, and embedded systems. Our research-backed services have also allowed us to assist our clients in reaching appropriate ISO standards – ISO/SAE 21434, and ISO 24089, and UN ECE standards – R155, and R156.

IOActive is a leading, trusted provider of automotive threat analysis and risk assessment. As part of our mission, we have developed Threat Analysis Risk Assessment (TARA) solutions to support our client’s secure design goals. These solutions allow us to determine the most appropriate security solutions to protect today’s vehicles and vehicle components.

TARA is performed in compliance with the ISO/SAE 21434 standard to ensure the highest levels of cyber resilience.

We have also invested heavily in automotive research and work with top vehicle OEMs to understand the risks, threats, and business impacts facing the automotive industry, highlighting vehicle cybersecurity vulnerabilities within the broader cybersecurity community.

In-vehicle technology is a top selling point for today’s car buyers, but what was once just a connected vehicle is now increasingly feature-rich, ranging from hybrid fuel vehicles and software systems like self-driving and Advanced Driver Assist Systems (ADAS) to other communication and integration options with artificial intelligence and machine learning.

The global push to meet rising EV adoption with sufficient EV smart charger infrastructure is astoundingly challenging. Bloomberg estimates the global charging infrastructure market opportunity to be $1.9T between 2022 and 2050.

To learn more about IOActive’s Connected Vehicle Services, click here.

Related Resources / Research:

IOActive’s cybersecurity expertise allows us to assist our customers with managing current and emerging threats, safeguarding supply chains, end users, customers, and society at large.

At IOActive, we take pride in supporting our transportation clients, assisting them to identify and manage the risks to their transportation networks and products worldwide.

Through our dedication to groundbreaking research, IOActive conducts research into vulnerabilities and risk factors that enhance global security standards and protocols. That is why the Global 1000 trusts us to help protect their assets, supply chains, and customers.