Challenges in Implementing Vehicle Information Security Engineering

The automotive industry is undergoing profound transformations, continuously advancing towards the "Four Modernizations"—intelligentization, electrification, connectivity, and shared mobility. This evolution relies heavily on in-vehicle controllers, whose core functionality depends on the software they run. Thus, the concept of the Software-Defined Vehicle (SDV) has shifted from a trendy term to a critical component in the industry.

However, developing software for in-vehicle controllers is complex. ETAS's recent white paper, The Five Major Challenges of Automotive Microcontroller Software Development, identifies key obstacles: high task integration, complex calibration processes, time-consuming testing and debugging, limitations in scalability and flexibility, and overarching cybersecurity requirements.

As vehicles become "smarter," controllers require extensive information exchange, forming localized networks within the vehicle. When these local networks interact, they create larger network clusters. Moreover, when a vehicle connects externally, it becomes a mobile network terminal, part of the Internet of Things (IoT). This integration exposes vehicles to sophisticated cyber threats, making the security of sensitive vehicle data critical.

Vehicle cybersecurity refers to the protection of electronic and electrical systems, components, and functionalities from threats, as defined by regulations.

Vehicle information security has reached a regulatory enforcement phase. Vehicles exported internationally must comply with UN regulations R155 and R156. In China, the Provisions on Automotive Data Security Management (Trial) have been effective since October 1, 2021, with the General Requirements for Automotive Data effective from August 23, 2024, and the Technical Requirements for Whole Vehicle Information Security set to take effect on January 1, 2026.

This regulatory landscape highlights the increasing importance of vehicle cybersecurity, driven by the rise in security incidents, including:

• Toyota Data Breach (May 2023): Misconfiguration in cloud systems exposed data of 2.15 million Japanese car owners, including device IDs and vehicle location data.
• NIO Battery Data Tampering (May 2023): Criminals altered battery data to enable damaged batteries to function as new.
• Qualcomm Chip Vulnerabilities (October 2024): Serious vulnerabilities in 64 chipset models exposed vehicles to remote hacking threats.

Upstream's 2024 Global Automotive Cybersecurity Report indicates a significant rise in automotive security incidents over the past five years.

Information Security Threats to Vehicles

Vehicles face internal and external cyber threats. Internally, threats often originate from compromised ECUs with malicious software. Externally, vulnerabilities arise through connections like OBD diagnostic tools, debugging ports, OTA updates, Bluetooth, and Wi-Fi.

Modern cyberattacks are increasingly sophisticated, targeting vehicle systems, IoT devices, and smart mobility platforms. The distribution of cybersecurity incidents highlights that any connection point can be a potential vulnerability.

Despite growing awareness among OEMs and software suppliers, engineering robust vehicle cybersecurity remains challenging.

Interpreting Information Security Requirements

Accurate requirement analysis is the first step in software development. Challenges include:

• Limited Awareness: Automotive professionals often lack cybersecurity expertise, unlike their counterparts in the IT sector.
• Complexity in Verification Requirements: For example, verification (signing) is required during software updates and controller power-ups, yet many engineers struggle with its application.
• Chip-Specific Constraints: Understanding the security features of different chips demands in-depth study of technical manuals, which is often overlooked.

Case Study:

A project required hardware-based true random number generation (TRNG). However, engineers reused a software-based solution from a previous project, leading to security flaws during software upgrades.

Development Challenges

• Inconsistent Software Architectures: Reusing code from other projects without adapting it to new architectures introduces security vulnerabilities.
• Debugging Complexity: Debugging secure software requires specialized tools and licenses, increasing costs and complexity.
• Quality Control: Manual coding, often necessary for project-specific functions, heavily relies on the developer's expertise.

Testing Challenges

• Test Case Design: Testers may lack the technical depth required to design effective security tests.
• High Equipment Costs: Security testing requires specialized hardware and software, along with extensive configuration knowledge.
• Dependency on Development Environments: White-box testing for security functions demands coding skills and familiarity with specific software interfaces.

Additional testing challenges include conducting Common Weakness Enumeration (CWE) assessments, static code analysis, and penetration testing—even for MCU-level controllers. Attack vectors like CAN bus denial-of-service (DoS), message spoofing, and replay attacks highlight the growing complexity of in-vehicle security testing.

As vehicles become more connected, cybersecurity regulations continue to evolve. However, significant challenges persist in implementing effective vehicle information security, including difficulties in requirement interpretation, development, and testing. Overcoming these hurdles requires ongoing efforts, industry collaboration, and technological advancements.

References:

• ETAS White Paper - The Five Major Challenges of Automotive Microcontroller Software Development
• GB 44495-2024 - Technical Requirements for Whole Vehicle Information Security
• Toyota Data Breach Source
• NIO Data Tampering Incident
• Qualcomm Vulnerability Report
• Upstream 2024 Global Automotive Cybersecurity Report