Skip to main content
Empty cockpit of vehicle HUD (Heads Up Display) and digital instruments panel.

Automotive Cybersecurity

Analyze risk, mitigate threats, maintain compliance and train your team to address cybersecurity for your modern automotive innovations.

Advances in automotive technology introduce increased risk

Automotive technology is evolving rapidly from infotainment systems and operational sensors to mobile app integrations and full driving automation. Modern vehicles have up to 150 electronic control units and 100 million lines of code. By the year 2030, many observers expect them to have roughly 300 million lines of software code. In comparison, mass-market personal computer software has close to 40 million.1  While each line of code and point of connectivity enhances functionality and usability, they also introduce the risk of breaches and cyberattacks.

Interconnected products and systems can be targeted by attackers who manipulate software vulnerabilities and weak links in ecosystems. In automotive, a cyberattack introduces additional risk to public safety, which is why building cybersecurity into connected products and systems is crucial to the safe adoption of modern automotive technologies.

UL can provide guidance and support to help original equipment manufacturers (OEMs) and automotive component and system manufacturers navigate complexity and develop a framework for automotive cybersecurity standards and best practices. Through expert gap analysis, training and advisory services, we help you identify and manage software vulnerabilities and cyber risk, leading to more trustworthy and secure innovations with improved market access across the globe.

Cybersecurity across automobile connectivity

We work with OEMs and component manufacturers across a myriad of connectivity compliance areas including:

  • Dual-band Wi-Fi
  • GPS/Global Navigation Satellite System/BeiDou
  • 4G/5G cellular connectivity
  • Infotainment center
  • Cameras
  • Subscription-based communications
  • Vehicle to everything (V2X)
  • Maintenance cellular radio system
  • Tire pressure monitoring
  • Remote keyless entry and ignition
  • Onboard diagnostics
  • Light detection and radar
  • Bluetooth

Automotive cybersecurity training and education

We offer courses to help product owners and automotive engineers and developers understand security processes, related standards and the impact on the automotive industry. Our expert instructors deliver training and education on the following topic areas:

  • Automotive cybersecurity best practices
  • Principles of risk management
  • Threat modeling and analysis

Automotive cybersecurity auditing and testing

We conduct cybersecurity hardware and software testing on automotive components and systems to help customers understand their product’s exploitation risk and to validate their security measures. We also audit cybersecurity management systems for compliance with industry requirements including ISO/SAE 21434 and WP.29 to help customers understand where they are in their cybersecurity maturity.

Automotive cybersecurity advisory

Our advisory and gap analysis compare cybersecurity management systems against UNECE WP.29 regulations and ISO/SAE 21434 requirements. We then provide detailed documentation to assess and design road maps and frameworks to help you work toward compliance. Our advisory services include:

  • Gap analysis
  • Cybersecurity management systems framework
  • Software update management systems framework
  • Risk management framework
  • Threat analysis and risk assessment framework
  • Cybersecurity incidence monitoring and evaluation
  • Supply chain management

Expert understanding of cybersecurity requirements

UL has extensive expertise in cybersecurity with a global network of IoT and OT security laboratories, security experts and advisors with specialized expertise in global security standards, frameworks and best practices for the automotive ecosystem, that help companies

  • Define where they are in their cybersecurity maturity
  • Understand what they will need to do to develop secure devices
  • Manage digital identity of people and products
  • Improve internal cybersecurity capabilities and processes
  • Validate security built into their products throughout their lifecycle
  • Differentiate their products based on security in the marketplace

With more than 500 international security experts, we service customers globally with our industry-leading, working knowledge of automotive standards and best practices. We serve as participants and advisers on several standards groups and industry consortiums, such as the International Organization for Standardization, the UN World Forum for Harmonization of Vehicle Regulations and more. Our insights with these groups and deep technical expertise allow us to efficiently and proactively work with you to plan, test, verify and help secure your automotive innovations from cybersecurity threats to get safer vehicles on the road.

References

  1. 1McKinsey, “The race for cybersecurity: Protecting the connected car in the era of new regulation,” October, 2019.

Get in touch

Have questions, need specifics? Let's get this conversation started.

Help and support

How can we help?