Converging on a zero-trust blueprint to close the security and safety gaps in the automotive software industry

Today’s vehicles are more software than metal. High-performance computing (HPC) and in-vehicle networks have become central to all aspects of the driving experience, from body control, driver assistance, infotainment, and powertrain systems. There is a customer expectation that a vehicle’s capabilities can be updated over the air with a centralized electric/electronic (E/E) architecture that will redefine today’s release cycles.

Indeed, software-based features and services are projected to be a $640 billion market by 2031, growing from about 9%, or $181 billion, of OEMs’ current annual revenue to 22%, according to Capgemini Research Institute.

As vehicle software content and connected services grow, so does code complexity and the need for the entire automotive ecosystem to grapple with a new set of risks. Whether a hacker takes over a driver assistance function, tampers with a software update, or exploits software vulnerabilities of keyless entry, the number of malicious attacks will only rise.

The zero-trust blueprint proposes that automakers and suppliers prioritize addressing digital identity, the hardware-based root of trust (RoT), and explicit cryptography-based authentication and authorization of all interactions, including app-level micro-segmentation. Hardware and software developers must be granted least-privileged and just-in-time access without dependencies on the network and cloud infrastructure.

The zero-trust blueprint developed by Capgemini, Arm, and NetFoundry provides a next-generation foundation to accelerate innovation in software and the transition to new digital business models in the automotive industry. By design, it solves the key challenges and addresses critical vulnerabilities in securing connectivity from the edge and cloud to in-vehicle systems and applications. The blueprint abstracts out infrastructure complexity and brings cloud-native agility, scalability, and seamless mobile connectivity to connected vehicles with a standards-based design and open-source components.

The zero-trust blueprint helps automotive OEMs and their ecosystems continue their focus on developing autonomous driving while implementing secure, scalable systems to monetize applications and new connected vehicle services. Trust and security will pave the way for the future of mobility.

Please fill up the form to download the whitepaper