Market Research Report
OEM Cyber Security Layout Report, 2020
|Published by||ResearchInChina||Product code||980085|
|Published||Content info||130 Pages
Delivery time: 1-2 business days
|OEM Cyber Security Layout Report, 2020|
|Published: December 25, 2020||Content info: 130 Pages||
Research into automotive cyber security: server and digital key are the ports vulnerable to attacks, for which OEMs have stepped up efforts in cyber security.
With advances in the CASE (Connected, Autonomous, Shared, and Electrified) trend, cars are going smarter ever with functional enrichment. Statistically, the installation rate of telematics feature to new cars in China is over 50% from January to October of 2020, a figure projected to rise to 75% or so in 2025. In terms of functionality, intelligent cockpit and advanced automated driving become trending, and the features such as multi-modal interaction, multi-display interaction, 5G connectivity, V2X, OTA and digital key finds ever broader application alongside the soaring number of vehicle control codes and more port vulnerabilities to safety threat.
Currently, the automotive cyber security events arise mainly from attacks on server, digital key, mobile APP, OBD port among others.
Server acts as the most important port for cyber security, which is exposed to the attack by hackers on operating system, database, TSP server, OTA server and the like, thus issuing in data tampering, damage and vehicle safety accidents. Most tools of assault on servers are remotely accessible with lower costs, while the data storage over servers is of paramount importance, all of which lead to often a rather high share of attacks on servers.
Digital key, as the second port that matters most to cyber security, is a common media subject to vehicle intrusion and theft. In 2020, there will be 300,000 Bluetooth digital key installs in China, coupled with an installation rate at about 4%, with such more functionalities besides lock/unlock & start as account log-in, key sharing, vehicle trajectory record, and parcel delivery to cars, which has ever more implications on vehicle safety.
The smarter a car is, the more vulnerable to security attacks will be. Amid the intelligence trend, all OEMs, whatever Mercedes-Benz, BMW, Audi, VW, Toyota, Honda or Hyundai, have varied exposure to security attacks.
In March 2020, key encryption approaches of OEMs like Toyota, Hyundai and KIA were reported to have limitations with a possibility of intrusions and thefts largely due to the vulnerabilities of TI's DST80 encryption system employed by them. A hacker just stands near the car that packs DST80 remote control key, using the inexpensive Proxmark RFID reader/transmitter for the 'identity theft' of the key and thus getting the encrypted information.
To address serious challenges in automotive cyber security, the OEMs are sparing no efforts in security improvement in many aspects:
The automakers from Europe and America are pushing ahead with cyber security construction roundly with technical superiorities, with a tightened control on information security management inside the company apart from improvements in cyber security protection of telematics. As concerns team construction, the majority of European and American OEMs as usual set up either an independent cyber security division or a subsidiary to ensure information security during a vehicle lifespan.
Mercedes-Benz, for instance, has such actions for cyber security in the three below:
Also, the time-honored Chinese automakers follow suit, such as Dongfeng Motor, SAIC, GAC and BAIC that all prioritize the security stewardship during their life cycle. As concerns its overall deployment, SAIC, for example, incorporates its subordinates into the group's cyber security protection and management system and applies the data encryption software (GS-EDS system) with one accord for data safety as a whole; secondly, SAIC builds a cloud platform independently and a proprietary cloud computing center delivering cloud-based security services; last, SAIC founded SAIC Lingshu Software Co., Ltd in charge of developing basic technology platform and sharpening software R&D competence.
In addition to security enhancement, OEMs are vigorously seeking for external collaborations on vehicle, communication, platform, data, and application, to name a few.