Ford regularly works with security researchers, suppliers and other vehicle manufacturers to protect customers, products and enterprise. Ford learned from a supplier that a security researcher discovered a vulnerability in the Wi-Fi software driver supplied for use in the SYNC 3 infotainment system available on some Ford and Lincoln vehicles.... Read more →

BMW Motorrad is introducing BMW iFace—a face recognition system that makes the previous ignition key superfluous and complements the existing Keyless Go technology. BMW iFace was developed in cooperation with Professor Dr Gerhard Lesjöh, head of the institute for ophthalmology at the University of Munich. The system offers facial recognition... Read more →

Hitachi Astemo, Trend Micro and its subsidiary VicOne have expanded their collaboration to provide security solutions for connected cars, aiming for commercialization by 2025. Hitachi Astemo’s division that develops in-vehicle components for connected cars has been working with Trend Micro on the joint development of security solutions for connected cars... Read more →

A team led by Raymond Borges Hink at the Department of Energy’s Oak Ridge National Laboratory (ORNL) has developed a method using blockchain to protect communications between electronic devices in the electric grid, preventing cyberattacks and cascading blackouts. The work is summarized in a new technical report from ORNL. The... Read more →

With electric vehicles becoming more common, the risks and hazards of a cyberattack on electric vehicle charging equipment and systems also increases. Jay Johnson, an electrical engineer at Sandia National Laboratories, has been studying the varied vulnerabilities of electric vehicle charging infrastructure for the past four years. Johnson and his... Read more →

At the recent G7 summit in Upper Bavaria, the BMW Group provided a shuttle service, initiated by the German government. As well as the latest series-production models, the fleet of shuttles also featured three examples of the new BMW i7 xDrive60 (electric power consumption combined in WLTP cycle: 19.6 –... Read more →

Software République, an open innovation ecosystem for intelligent, secure and sustainable mobility launched one year ago by Atos, Dassault Systèmes, Orange, Renault Group, STMicroelectronics and Thales, has presented its first milestones. These include: Creation of a “GIE” (Groupement d’Intérêt Economique, or economic interest group) to develop Software République’s activity and... Read more →

Ford and ADT Inc. will invest in a new joint venture called Canopy that combines ADT’s professional security monitoring and Ford’s AI-driven video camera technology to help customers strengthen security of new and existing vehicles across automotive brands. The combination of our technologies and our deep security experience creates a... Read more →

Israel-based Karamba Security, a leading developer of endpoint protection for connected devices, has secured $10 million in new funding in an extension to its B Round financing. VinFast, a member of Vingroup, the largest private conglomerate in Vietnam, led the investment with participation from SVIC, a leading corporate VC from... Read more →

Israel-based automotive cybersecurity and data management company Upstream Security recently closed a Series C round which includes BMW i Ventures as a new investor. Upstream provides a cloud-based data management platform purpose-built for connected vehicles, delivering automotive cybersecurity and advanced data-driven applications. The platform utilizes connected vehicle data to secure... Read more →

Some of today’s vehicles already feature more than 100 control units. This high complexity of electrical and electronic systems and their architecture will further increase, but must remain manageable. The “Software-Defined Car” (SofDCar) project now aims to develop standardized rules and processes to ensure that electronic components of the vehicle... Read more →

Southwest Research Institute (SwRI) has developed an intrusion detection and defense system (IDS) to protect military ground vehicles against cyberthreats to embedded systems and connected vehicle networks. While developed for military vehicles, the system can also be used to scan for anomalies in passenger cars and commercial vehicles. The IDS... Read more →

Renesas Electronics Corporation unveiled an innovative automotive gateway solution with R-Car S4 system on chips (SoCs) and power management ICs (PMICs) for next-generation vehicle computers, communication gateways, domain servers and application servers. Renesas’ new solution meets the automotive industry’s high demands for high performance, high-speed networking, high security and high... Read more →

SAE International, in collaboration with the International Organization for Standardization (ISO), published ISO/SAE 21434™ Standard: Road Vehicles – Cybersecurity Engineering. The standard helps the industry define a structured process to ensure cybersecurity is incorporated into the design of road vehicles, including systems, components software and connections of any external device... Read more →

LDRA, a provider of automated software verification, source code analysis and test tools, and OpenSynergy, specialist in embedded automotive software, are partnering to support and promote a defense-in-depth strategy combining hypervisor technology with secure coding techniques. Automotive connectivity is an ongoing concern, with vulnerability to attacks from bad actors being... Read more →

On 7 May, Colonial Pipeline, the largest refined products pipeline in the US that delivers nearly half of the East Coast’s fuel supply, was hit by a cybebattack, and halted all pipeline operations. (Earlier post.) In an update on Sunday, the company said that its mainlines (Lines 1, 2, 3... Read more →

Colonial Pipeline is the largest refined products pipeline in the US, transporting more than 100 million gallons of fuel daily to meet the energy needs of consumers from Houston, Texas to the New York Harbor. On 7 May, the Colonial Pipeline Company learned it was the victim of a cyberattack... Read more →

The Department of Energy's (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) and the National Energy Technology Laboratory (NETL) announced a $4-million Lab Call to address the risks of electromagnetic pulse (EMP) and geomagnetic disturbance (GMD) to the energy system. CESER, which leads DOE’s efforts to address both... Read more →

A new report by the EC’s Joint Research Center (JRC) and the European Union Agency for Cybersecurity (ENISA) examines cybersecurity risks connected to artificial intelligence (AI) in autonomous vehicles and provides recommendations for mitigating them. By removing the most common cause of traffic accidents—the human driver—autonomous vehicles are expected to... Read more →

SAE International announced a contract with a best-in-class contractor team, comprising Eonti, DigiCert and VerSprite to perform the technical development of the SAE Electric Vehicle (EV) Charging Public Key Infrastructure (PKI) project, an industry-led pre-competitive research project to strengthen EV charging system security. Public Key Infrastructure (PKI) is a system... Read more →

The US Department of Energy (DOE) announced more than $7 million in funding for Michigan-based cybersecurity company The Dream Team LLC (DTLLC) to develop a first-of-its-kind infrastructure that protects the electric grid from cyber-attacks on electric vehicles (EV) and electric vehicle charging systems. Once developed, testing of the electric roadways... Read more →

The risk of cybersecurity incidents due to targeted, uncontrolled attacks is growing with increasing automotive connectivity and the digitalization of vehicle functions and services. In order to detect and ward off these attacks, the automotive industry needs end-to-end solutions that combine vehicle security with continuous monitoring and central security management.... Read more →

Researchers at the University of Texas San Antonio have published a review of the security and privacy risks posed by e-scooters and their related software services and applications. We were already investigating the risks posed by these micromobility vehicles to pedestrians’ safety. During that study, we also realized that besides... Read more →

DENSO Corporation (DENSO) and NTT Communications Corporation (NTT Com) will begin validating their jointly developed Vehicle Security Operation Center (V-SOC) technology for monitoring and analyzing vehicle’s security status from January 2020. The two companies are creating the technology to realize resilient security solutions for connected cars. Novel automotive technologies and... Read more →

The Ricardo and Roke partnership is launching a comprehensive vehicle digital resilience assessment and benchmarking service to help automakers and tier 1 manufacturers assure the security of their products, and to ensure that they meet international cybersecurity regulations currently under development, as well as existing legislation affecting customer data security... Read more →

SAE International plans to form an industry-led pre-competitive research project to strengthen electric vehicle (EV) charging system security, leading to a more secure implementation of Plug & Charge for ISO 15118 and CHAdeMO 2.0 protocols. The project will result in the creation a strong two-way authentication method between the EV,... Read more →

Wind River is collaborating with Xilinx on the development of a comprehensive automated driving platform that integrates Xilinx’s Versal adaptive compute acceleration platform (ACAP) and Wind River automotive software. The collaboration will provide carmakers with a flexible, high-performance compute platform for delivering safe and secure connected and automated driving vehicles.... Read more →

Israel-based Upstream Security, a cybersecurity company targeting solutions for connected vehicles, closed a $30-million Series B funding round led by Renault Venture Capital and including Volvo Group Venture Capital, Hyundai, Hyundai AutoEver, Nationwide Ventures and others. Original Upstream investors Charles River Ventures, Glilot Capital and Maniv Mobility all participated in... Read more →

The US Army Combat Capabilities Development Command (CCDC) Ground Vehicle Systems Center (GVSC) and General Motors announced a new cooperative research and development agreement (CRADA) which aims to strengthen GM’s and the Army’s automotive cybersecurity expertise over the next two years. This marks the first automotive cybersecurity partnership of its... Read more →

Physicists at the Georgia Institute of Technology and Multiscale Systems, Inc. have simulated what it would take for hackers to wreak widespread havoc in a city by randomly stranding cars. The researchers want to expand the current discussion on automotive cybersecurity, which mainly focuses on hacks that could crash one... Read more →

Cyber hacks might cost the auto industry roughly $24 billion within five years, according to a new study by Upstream Security, which specializes in cloud-based security protection. Upstream studied the impact of more than 170 documented, Smart Mobility, cyber incidents reported between 2010-2018 and projected future trends based on that... Read more →

Infineon Technologies AG is the first semiconductor manufacturer to put a Trusted Platform Module (TPM) specifically for automotive applications on the market. The new OPTIGA TPM 2.0 protects communication between the car manufacturer and the car—which is increasingly turning into a computer on wheels. A number of car manufacturers have... Read more →

The US Department of Energy (DOE) has awarded Virginia Tech a $3 million grant for research on electric vehicle charging infrastructure cybersecurity as part of a larger $80 million investment by the department on advanced technologies research (earlier post). As the world shifts to a higher production and usage of... Read more →

Continental is offering end-to-end cyber security and over-the-air software update solutions from Argus Cyber Security (Argus) and Elektrobit (EB) pre-integrated into its connected vehicle electronics products including telematics units, infotainment systems, gateways and more. More than 60 million connected vehicles will be sold worldwide per year by 2021. Automobile connectivity... Read more →

Gemalto is providing the data security and encryption technology that will help protect the software that will power Faraday Future’s first intelligent electric car, and data collected from everyday use of its cars. Alongside connectivity, security has been a key issue in both development and deployment, especially given the complexity... Read more →

Delphi Automotive PLC signed a commercial partnership agreement with BlackBerry Limited under which Blackberry will provide the QNX operating system for Delphi’s autonomous driving system. Delphi and BlackBerry QNX will collaborate to bolster software performance and safety in their operating system to advance autonomous driving technology. Delphi’s fully integrated automated... Read more →

Ricardo plc and Roke Manor Research Ltd have signed a memorandum of understanding (MoU) to develop solutions that will make autonomous and connected transport robust against cyber attack. Providing and assuring cyber security is a fundamental requirement if the benefits of future connected and autonomous vehicles (CAVs) are to be... Read more →

The UK government has issued new guidance on vehicle cybersecurity. The 8 principles—each with more detailed sub-principles—in the guidance set out how the automotive sector can make sure cybersecurity is properly considered at every level, from designers and engineers, through to suppliers and senior level executives. The government is also... Read more →

The NIO US team took First Place at the DEF CON 25 2017 Car Hacking Village, beating out 10 other teams in the third annual “Capture The Flag” (CTF) security event. Based in Silicon Valley, NIO US is a start-up developing autonomous electric vehicles. (Earlier post.) DEF CON is one... Read more →

Kaspersky Lab and AVL Software and Functions GmbH will work together to develop advanced, embedded security technologies for next generation automotive system development. A steadily increasing number of vehicle features—such as remote diagnostics, telematics and infotainment—are using communication channels between vehicles and the cloud or other infrastructure. While the data... Read more →

Honda Research Institute (HRI), a Honda R&D subsidiary, and Boston University have agreed to begin joint research in the area of data security and privacy for artificial intelligence (AI) research. Honda intends to develop Cooperative Intelligence: AI that cooperates with people which will 1) empower: expanding the potential of people;... Read more →

HARMAN International and Airbiquity, a provider of connected vehicle services, announced the first automotive grade end-to-end intrusion detection system (IDS) for connected vehicles at TU-Automotive Europe 2016 in Munich, Germany. With the increasing dependency on software to power vehicle systems and features, cybersecurity has become a threat to connected vehicles... Read more →

The US Department of Transportation's National Highway Traffic Safety Administration (NHTSA) has released proposed guidance for improving motor vehicle cybersecurity. The proposed cybersecurity guidance focuses on layered solutions to ensure vehicle systems are designed to take appropriate and safe actions, even when an attack is successful. The guidance recommends risk-based... Read more →

At the VDI Kongress in Baden-Baden this week, Infineon Technologies AG and cyber security company Argus will demonstrate an integrated cyber security solution for connected and autonomous vehicles. The system is based on an Infineon AURIX multicore microcontroller with the Intrusion Detection and Prevention System (IDPS) and remote cloud platform... Read more →

In a study funded by GM, the NSF, and the US Department of Homeland Security, a team at NYU and George Mason University have reported vulnerabilities in MirrorLink that could allow a hacker access to a vehicle through a smartphone, even if MirrorLink is disabled. The team presented their findings... Read more →

Digital security provider Rambus and Movimento, leading provider of over-the-air (OTA) software lifecycle and data management for the automotive/IoT sectors, have partnered to deliver secure, convenient and personalized OTA vehicle updates critical to safety and performance in the era of the connected car. The Rambus CryptoManager platform adds a layer... Read more →

Visa Inc. is making the Visa Token Service available to auto manufacturers, helping to pave the way for easy and secure car-based commerce. To further advance car-based commerce, Visa is also offering a range of related digital payment solutions, including new standards for Bluetooth (BLE) and QR codes that could... Read more →