Advances in automotive technology introduce increased risk
Automotive technology is evolving at a rapid pace from infotainment systems and operational sensors to mobile app integrations and full driving automation. Modern vehicles have up to 150 electronic control units and 100 million lines of code. By the year 2030, many observers expect them to have roughly 300 million lines of software code. In comparison, mass-market personal computer software has close to 40 million.1 While each line of code and point of connectivity enhances functionality and usability, they also introduce the risk of breaches and cyberattacks.
Interconnected products and systems can be targeted by attackers who manipulate software vulnerabilities and weak links in ecosystems. In automotive, a cyberattack introduces additional risk to public safety, which is why building cybersecurity into connected products and systems is crucial to the safe adoption of modern automotive technologies.
UL can provide guidance and support to help original equipment manufacturers (OEMs) and automotive component and system manufacturers navigate complexity and develop a framework for automotive cybersecurity standards and best practices. Through expert gap analysis, training and advisory services, we help you identify and manage software vulnerabilities and cyber risk, leading to more trustworthy and secure innovations with improved market access across the globe.
Cybersecurity across automobile connectivity
We work with OEMs and component manufacturers across a myriad of connectivity compliance areas including:
- Dual-band Wi-Fi
- GPS/Global Navigation Satellite System/BeiDou
- 4G/5G cellular connectivity
- Infotainment center
- Subscription-based communications
- Vehicle to everything (V2X)
- Maintenance cellular radio system
- Tire pressure monitoring
- Remote keyless entry and ignition
- Onboard diagnostics
- Light detection and radar
Automotive Cybersecurity Training and Education
We offer courses to help product owners and automotive engineers and developers understand security processes, related standards and the impact on the automotive industry. Our expert instructors deliver training and education on the following topic areas:
- Automotive cybersecurity best practices
- Principles of risk management
- Threat modeling and analysis
Automotive Cybersecurity Advisory
Our advisory and gap analysis compare cybersecurity management systems against UNECE WP29 regulations and ISO/SAE 21434 requirements. We then provide detailed documentation to assess and design road maps and frameworks to help you work toward compliance. Our advisory services include:
- Gap analysis
- Cybersecurity management systems framework
- Software update management systems framework
- Risk management framework
- Threat analysis and risk assessment framework
- Cybersecurity incidence monitoring and evaluation
- Supply chain management
Expert understanding of cybersecurity requirements
With more than 500 international security experts, we service customers globally with our industry-leading, working knowledge of automotive standards and best practices. We serve as participants and advisers on several standards groups and industry consortiums, such as the International Organization for Standardization, the UN World Forum for Harmonization of Vehicle Regulations and more. Our insights with these groups and deep technical expertise allow us to efficiently and proactively work with you to plan, test, verify and help secure your automotive innovations from cybersecurity threats to get safer vehicles on the road.
1 Source: McKinsey, “The race for cybersecurity: Protecting the connected car in the era of new regulation,” October, 2019.