The Ultimate Guide to Automotive Cybersecurity

At its core, cybersecurity is the practice of protecting digital systems, networks, and data from unauthorized access, attacks, or manipulation. And in modern vehicles, that includes a wide range of technologies. As cars become increasingly connected, features like advanced driver-assistance systems (ADAS), infotainment platforms, over-the-air (OTA) updates, and vehicle-to-everything (V2X) communication introduce new vulnerabilities. These innovations enhance the driving experience but also create more entry points for potential cyber threats. Automotive cybersecurity ensures that all these systems, no matter how complex or connected, remain protected, allowing vehicles to operate safely, reliably, and intelligently in an increasingly digital and connected landscape.

• Jeep Cherokee Hack (2015)
  Security researchers remotely accessed a Jeep Cherokee via its infotainment system, taking control of key functions like the brakes, engine, and steering. This high-profile demonstration led to a recall of over 1.4 million vehicles by Fiat Chrysler and signalled an urgent need for automotive cybersecurity standards.

• Tesla Vehicle Exploits
  Hackers have repeatedly identified vulnerabilities in Tesla models, including the ability to manipulate the autopilot system, unlock doors remotely, and interfere with the vehicle’s charging process. While Tesla is known for rapid patching, these incidents reveal the ongoing nature of cyber threats even in advanced vehicles.

• EV Charging Infrastructure Risks
  With the expansion of electric vehicles, new attack vectors have emerged. Hackers could potentially exploit vulnerabilities in charging stations to access user data, manipulate billing systems, or even compromise vehicle software through connected infrastructure.

• EV Charging Infrastructure Risks
  With the expansion of electric vehicles, new attack vectors have emerged. Hackers could potentially exploit vulnerabilities in charging stations to access user data, manipulate billing systems, or even compromise vehicle software through connected infrastructure.

As vehicles become increasingly defined by software and connectivity, the surfaces exposed to cyber threats multiply. Below are the primary attack vectors that represent critical risk areas in today’s connected and autonomous vehicle ecosystems:

1. Electronic Control Units (ECUs)

Modern vehicles rely on dozens of ECUs to manage everything from steering and braking to climate control. These units communicate via protocols like CAN and Ethernet, which often lack built-in security. Attackers can exploit this with methods like message spoofing or bus injection to manipulate vehicle behaviour.

2. Telematics & Infotainment Systems

These systems connect vehicles to the outside world, handling everything from navigation and calls to vehicle tracking and diagnostics. Vulnerabilities in software, Bluetooth, or mobile connectivity can give attackers a way into more sensitive in-vehicle systems if not properly isolated and secured.

3. V2X Communication 

With the growth of connected infrastructure, V2X enables cars to exchange data with traffic systems, other vehicles, and more. While essential for future mobility, this real-time data exchange also introduces risks such as spoofed messages or denial-of-service attacks if not protected by strong authentication and encryption.

4. OTA (Over-the-Air) Update Systems

OTA updates enable remote software improvements and patches. However, if compromised, these systems could be used to inject malicious code directly into the vehicle. Secure update mechanisms, code signing, and firmware integrity checks are essential to mitigating this risk.

5. Insecure Supply Chain

Vehicles today are built using components and software from dozens of suppliers. A vulnerability introduced at any stage, whether through third-party code, outdated firmware, or compromised hardware can persist into production and become a hidden point of exploitation.

With increasing connectivity and reliance on software, protecting vehicles from cyber threats is critical. Here’s a rundown of the most important cybersecurity regulations and standards that the automotive industry needs to follow to keep vehicles safe, secure, and compliant.

1. UNECE WP.29 UN R155 – Cybersecurity Management Systems (CSMS)

Starting in July 2024, every new vehicle sold in adhering countries must comply with the UNECE WP.29 UN R155 regulation. This requires automakers to implement a Cybersecurity Management System (CSMS) throughout the vehicle’s lifecycle. The regulation ensures that manufacturers continuously monitor and manage risks, keeping vehicle systems safe from emerging cyber threats. It’s all about building security into every step, from production to disposal.

2. UNECE WP.29 UN R156 – Software Update Management Systems (SUMS)

Software updates are critical for keeping vehicles safe and up to date, but they also introduce new risks. To counteract this, UNECE WP.29 UN R156 sets out requirements for Software Update Management Systems (SUMS). These guidelines ensure that updates, especially over-the-air (OTA) updates, are secure and do not inadvertently create vulnerabilities in vehicle systems. In a world where software can be easily patched, it’s essential to make sure updates are delivered safely and without disruption.

3. ISO/SAE 21434:2021 – Cybersecurity Engineering for Road Vehicles

Think of ISO/SAE 21434 as the blueprint for securing vehicles from the ground up. This standard covers everything from the design phase to decommissioning, providing comprehensive guidance on cybersecurity risk management throughout the vehicle’s life. Whether it’s a simple sensor or a complex autonomous driving system, this standard ensures all aspects of a vehicle’s electrical and electronic systems are built with cybersecurity in mind.

4. ISO 24089:2023 – Software Update Engineering for Road Vehicles

As vehicles become smarter, they rely more on software. With ISO 24089:2023, automakers get clear guidelines for managing software updates across the vehicle’s life. The focus? Secure OTA updates that protect against cyber threats while keeping vehicle software in top form. The idea is simple: update software without compromising safety or security.

5. ISO/PAS 5112:2022 – Auditing Cybersecurity Engineering

Just because cybersecurity measures are in place doesn’t mean they’re being followed correctly. That’s where ISO/PAS 5112:2022 comes in. This standard provides detailed guidance for conducting audits of Cybersecurity Management Systems (CSMS) across the entire automotive supply chain. These audits ensure that every link in the chain is secure, from design to manufacture, and helps identify any gaps that could leave vehicles vulnerable.

1. Implement Security by Design

Cybersecurity must begin at the concept and design phase. This includes embedding secure coding practices, robust encryption, secure boot mechanisms, and intrusion detection across both hardware and software layers. Vehicles and their components must be designed, built, and validated with cybersecurity in mind from day one.

2. Secure the Supply Chain

With numerous third-party vendors and global sourcing of hardware and software, ensuring a cyber-resilient supply chain is non-negotiable. OEMs and Tier 1s must enforce cybersecurity standards across all suppliers, including secure software sourcing, component traceability, and tamper-proof delivery protocols.

3. Define Clear Roles and Responsibilities

Establish dedicated roles, points of contact, and communication protocols for vehicle cybersecurity. OEMs and Tier 1s must define who owns what aspects of cybersecurity and document these in internal policies and external contracts.

4. Conduct Regular Security Audits and Risk Assessments

Cybersecurity is not a one-time process. Routine penetration testing, code audits, and vulnerability assessments should be performed to identify and remediate emerging threats throughout the vehicle lifecycle.

5. Ensure Safe and Secure Software Updates

Implement robust mechanisms for OTA updates that ensure updates are verified, compatible, and do not interfere with certified safety functions. Software integrity, rollback mechanisms, and update traceability must be part of the compliance framework.

6. Establish Incident Detection and Response Protocols

OEMs must be capable of detecting and reacting to cyber threats in real time, including attacks targeting vehicle systems, ECUs, backend services, or connected devices. An end-to-end incident response plan should include containment, communication, root cause analysis, and mitigation timelines.

7. Promote Industry and Government Collaboration

Cross-industry cooperation is essential for sharing threat intelligence, harmonizing standards, and accelerating compliance. Participation in working groups, governmental advisory panels, and global cybersecurity initiatives helps ensure proactive alignment with future regulations.

8. Maintain End-to-End Lifecycle Monitoring

Security does not end at SOP (Start of Production). OEMs and suppliers must support ongoing monitoring, patching, and attestation of cybersecurity through the entire product lifecycle—up to the vehicle’s end of life—just as is expected in aviation or defence-grade equipment.

9. Create a Comprehensive Incident Response Strategy

OEMs and Tier 1s must prepare for breaches with a detailed response strategy. This includes predefined protocols for isolating affected systems, notifying stakeholders, securing data, and restoring system integrity—along with a communication plan to reduce reputational risk.

10. Embed Cybersecurity into Legal and Contractual Agreements

To meet regulatory requirements and ensure accountability, cybersecurity measures should be reflected in contractual terms, including service level agreements, software ownership rights, testing permissions, and compliance checkpoints. This clarity ensures all stakeholders are aligned on expectations and obligations.

1. CSMS

A Cybersecurity Management System (CSMS) is an organizational framework that governs how cybersecurity risks are identified, assessed, mitigated, and monitored throughout the entire vehicle lifecycle — from concept design and development to production, post-sale operation, and decommissioning. It ensures that cybersecurity is not handled ad hoc but is embedded into company-wide processes and technical workflows.

Why is CSMS Essential?

As vehicles become more connected, autonomous, and software-driven, they face a growing number of cybersecurity threats — from remote exploits of infotainment systems to targeted attacks on ECUs and cloud services. A CSMS helps ensure:

• Compliance with international regulations such as UNECE WP.29 R155 and ISO/SAE 21434
• Systematic risk management, reducing the likelihood of cyber incidents
• Traceability and accountability across teams and suppliers
• Long-term resilience, including the ability to detect, respond to, and recover from attacks

Core Elements of a CSMS

1. Governance and Responsibility

1. • Define roles and responsibilities for cybersecurity at organizational and project levels
   • Ensure management commitment and resource allocation for cybersecurity efforts

2. Risk Assessment and Treatment

1. • Perform Threat Analysis and Risk Assessment (TARA) for vehicle systems
   • Implement controls based on severity, likelihood, and impact of identified risks

3. Security by Design

1. • Integrate cybersecurity from the concept phase onward
   • Apply secure coding practices, security testing, and architectural safeguards

4. Supply Chain Security

1. • Require suppliers and partners to conform to agreed cybersecurity practices
   • Verify the integrity of software and hardware components throughout the supply chain

5. Incident Detection and Response

1. • Establish procedures to monitor for, detect, and respond to security breaches
   • Include escalation paths, containment actions, and lessons learned documentation

6. Update and Patch Management

1. • Enable secure and traceable software updates (including OTA mechanisms)
   • Ensure updates don’t compromise system safety or violate regulatory approvals

7. Audit and Continuous Improvement

1. • Conduct periodic internal and external audits to verify system effectiveness
   • Refine policies and practices in response to emerging threats and audit findings

CSMS and Regulatory Compliance

A CSMS is not only a best practice — it’s increasingly a legal requirement.

• UNECE WP.29 R155 mandates that vehicle manufacturers demonstrate the presence of a CSMS as part of type approval in many markets
• ISO/SAE 21434 provides the standard for implementing and managing cybersecurity risks in road vehicles
  Both require a lifecycle-based approach and alignment between technical and organizational safeguards.

CSMS in Practice: Beyond Initial Compliance

Effective CSMS implementation requires long-term thinking:

• It must span cross-functional teams, including engineering, legal, IT, and product management
• It should support security attestation at the level of ECUs, subsystems, and overall vehicle architecture
• It must extend beyond SOP into operational monitoring, threat intelligence integration, and end-of-life security planning

2. SUMS

A Software Update Management System (SUMS) is an organizational framework that governs the processes and procedures for managing software updates in vehicles. It ensures that software updates are applied securely, reliably, and in compliance with regulatory requirements throughout the vehicle’s lifecycle.

Importance of SUMS

SUMS plays a critical role in: 

• Maintaining Vehicle Safety and Performance: Ensuring that updates do not compromise vehicle functionality.
• Enhancing Cybersecurity: Protecting against vulnerabilities that could be exploited through outdated software.
• Regulatory Compliance: Meeting international standards such as UNECE Regulation No. 156 and ISO 24089.

Core Components of SUMS

1. Governance Level: Establishes top-level directives, setting the foundation and vision for software update management within the organization.
2. Organizational Level: Defines specific processes, including:
   • Document management
   • Privacy management
   • Configuration management
   • Change management
3. Project Level: Focuses on the execution of software updates, encompassing:
   • Generic Project Processes: Planning and tailoring activities for each software update project.
   • Infrastructure Processes: Ensuring the infrastructure supports safe and secure software updates.
   • Vehicle Processes: Managing safety and cybersecurity risks associated with software updates in the vehicle.
   • Software Update Package Processes: Verifying and validating software update packages.
   • Software Update Campaign Operations: Overseeing the preparation and execution of software update campaigns. 

Regulatory Framework

UNECE Regulation No. 156 mandates that vehicle manufacturers implement a SUMS to manage software updates effectively. Key requirements include:

• Systematic Approach: Developing a structured process for software updates.
• Risk Management: Identifying and mitigating risks associated with software changes.
• Compliance Verification: Undergoing regular assessments to ensure adherence to the regulation. 

ISO 24089 complements UNECE R156 by providing detailed guidance on software update engineering, covering aspects such as update planning, development, and deployment.

Certification and Continuous Improvement

Manufacturers must obtain a Certificate of Compliance for SUMS from an Approval Authority, valid for three years. Continuous improvement is essential, requiring: 

• Regular Assessments: To maintain certification and adapt to evolving standards.
• Feedback Integration: Incorporating internal and external feedback to enhance SUMS processes.
• Notification of Changes: Informing Approval Authorities of significant modifications to the SUMS that may affect compliance.

3. What Is TARA in Automotive Cybersecurity?

TARA (Threat Analysis and Risk Assessment) is a structured methodology used to analyze potential cybersecurity threats and evaluate the associated risks within automotive systems. It is a core requirement under ISO/SAE 21434 and is essential for meeting UNECE WP.29 R155 compliance.

 Purpose of TARA

• Identify assets within the system (e.g., ECUs, infotainment, telematics modules)
• Determine threats that may compromise these assets
• Assess attack feasibility and impact
• Prioritize risks based on severity and likelihood
• Define risk treatment actions to reduce vulnerabilities to acceptable levels

Key Steps in a TARA Process

1. Asset Identification
   • Determine what needs protection (e.g., vehicle data, communication interfaces, hardware units)
2. Threat Scenario Definition
   • Define potential attack scenarios (e.g., spoofing GPS, remote ECU access)
3. Attack Path Analysis
   • Map how an attacker could exploit vulnerabilities to reach a target asset
4. Impact Assessment
   • Evaluate the consequences of a successful attack (e.g., safety, financial, legal, operational)
5. Likelihood and Feasibility Rating
   • Determine how likely it is for the attack to occur based on attacker capability and system exposure
6. Risk Evaluation and Ranking
   • Combine impact and feasibility to quantify risk severity and prioritize mitigation
7. Mitigation Planning
   • Propose countermeasures, such as authentication, encryption, intrusion detection, and secure boot

Why does TARA Matter?

• Helps embed cybersecurity early in the vehicle development lifecycle
• Ensures that critical systems receive stronger protections
• Provides a traceable and auditable approach to risk-based design
• Supports regulatory compliance and type approval in major automotive markets

Standards and Guidelines

• ISO/SAE 21434: Provides guidance for performing TARA at system, component, and software levels
• UNECE WP.29 R155: Requires TARA to demonstrate cybersecurity risk management for type approval.

4. Security Operations Center (SOC)

A Security Operations Center (SOC) is a dedicated facility responsible for the continuous monitoring, detection, analysis, and response to cybersecurity threats in real time. For OEMs and mobility providers, the SOC ensures comprehensive visibility across connected vehicle fleets, cloud-based applications, and backend infrastructure.

Key Functions:

• Real-time alerting and incident response coordination
• Threat intelligence integration
• Log aggregation and forensic analysis
• Detection of anomalies in OTA updates, telematics data, and ECU communications

5. Penetration Testing (Pen Testing)

Penetration testing involves simulating real-world cyberattacks to identify and assess potential vulnerabilities within vehicle systems and digital assets.

Testing Types:

• Black-box: No prior knowledge of the system
• White-box: Full system access and documentation
• Grey-box: Partial knowledge, simulating internal threats

Scope Includes:

• Electronic Control Units (ECUs)
• Infotainment and telematics systems
• Cloud-hosted APIs and mobile applications

Penetration testing contributes to regulatory compliance (e.g., ISO/SAE 21434) and the strengthening of cybersecurity defense layers.

6.  Fuzz Testing

Fuzz testing, or fuzzing, involves sending invalid, unexpected, or random inputs to software components in order to uncover weaknesses such as crashes, memory corruption, or unexpected behavior.

Primary Use Cases:

• Communication stacks (e.g., CAN, LIN, Ethernet, Bluetooth)
• ECU firmware and interfaces
• Gateway and diagnostic protocols

Fuzz testing is especially valuable during early development stages to reduce security defects before production.

7. Intrusion Detection and Prevention Systems (IDS/IPS)

IDS and IPS technologies provide continuous monitoring and protection against unauthorized or malicious activity within in-vehicle and cloud-connected systems.

• IDS (Intrusion Detection System): Detects and alerts on suspicious activities
• IPS (Intrusion Prevention System): Takes proactive measures to block or isolate threats

Automotive Applications:

• Detecting anomalies in CAN/Ethernet traffic
• Preventing remote exploits and unauthorized diagnostics
• Protecting over-the-air communication channels

8. Functional and Technical Security Concepts

Security must be embedded at both the architectural and implementation levels. This is achieved through a combination of functional and technical security measures.

• Functional Security: Defines high-level system security objectives, ensuring systems behave securely under both normal and fault conditions
• Technical Security: Encompasses detailed measures such as cryptographic algorithms, secure communication protocols, authentication mechanisms, and key lifecycle management

These concepts support a layered, resilient defense strategy throughout the vehicle lifecycle.

9. Software Composition Analysis (SCA)

SCA tools identify and monitor the open-source and third-party components used within automotive software, helping teams maintain a secure and compliant software bill of materials (SBOM).

Key Benefits:

• Detection of known vulnerabilities (CVEs)
• License compliance verification
• Version tracking and update management

As vehicle software becomes increasingly modular, SCA is essential for maintaining visibility and security across the development supply chain.

 Understanding the Difference

• Functional Safety (guided by ISO 26262) is the discipline that ensures a system responds safely to hardware or software faults. It’s about preventing or mitigating hazards caused by unintended failures in automotive electronics (e.g., a malfunctioning brake ECU).
• Cybersecurity (governed by ISO/SAE 21434) addresses protection against intentional, malicious attacks that could compromise the vehicle’s functions, data, or user safety — such as hackers disabling steering remotely or injecting false sensor data.

Where They Intersect

Despite their different origins, functional safety and cybersecurity are increasingly interdependent in software-defined vehicles (SDVs) and connected systems:

Aspect	Functional Safety	Cybersecurity
Goal	Prevent hazards from system failures	Prevent harm from intentional manipulation
Trigger	Faults (e.g., hardware or software failure)	Attacks (e.g., intrusion, spoofing, tampering)
Standard	ISO 26262	ISO/SAE 21434
Risk Origin	Accidental	Intentional
Mitigation Strategy	Redundancy, fault tolerance, safe state design	Encryption, authentication, intrusion detection

Why Does Integration Matter?

• A cybersecurity breach can lead to safety hazards. For example, if a hacker disables braking functions via a compromised ECU, the vehicle’s safety is at risk  even though the component hasn’t failed in the traditional sense.
• Likewise, a faulty software update (functional issue) that lacks integrity checks (cybersecurity gap) could open the door for malicious exploitation.

Examples of Overlap

• Secure Boot: Ensures that only verified software runs on a safety-critical ECU, addresses both cybersecurity (tamper protection) and safety (reliable function).
• Intrusion Detection for Safety Functions: Monitoring CAN traffic for abnormal messages can prevent cyber-induced malfunctions in ADAS or braking systems.

A Unified Development Approach

Modern automotive development increasingly requires co-engineering of safety and security:

• Joint hazard and risk analysis (HARA + TARA)
• Coordinated verification and validation strategies
• Shared safety-security architecture principles
• Cross-domain teams and tools

Functional safety and cybersecurity are not isolated silos — they are complementary disciplines that must work together to ensure trust in next-generation vehicles. Addressing both simultaneously is essential to meet regulatory compliance and deliver safe, secure mobility experiences.

AI/ML techniques enhance cybersecurity throughout the software development lifecycle (SDLC) by:

• Threat Detection: ML models detect anomalies in network traffic, such as sudden changes in ECU behavior or external communication patterns.
• Vulnerability Prediction: AI tools analyze codebases to predict sections likely to contain vulnerabilities.
• Fuzzing Optimization: AI-enhanced fuzzers generate smarter, more targeted inputs to find vulnerabilities faster.
• Adaptive Security: In runtime environments, AI helps systems adapt to evolving threats by learning from behavior patterns.
• Test Case Prioritization: ML can identify the most security-critical test cases based on historical defect patterns, optimizing validation efforts.

As the automotive industry transitions toward software-defined, connected, and autonomous vehicles, cybersecurity is no longer optional—it’s fundamental. Protecting vehicle systems, data, and users from evolving cyber threats requires a proactive, lifecycle-wide approach rooted in standards like ISO/SAE 21434 and UNECE WP.29.

Whether it’s securing in-vehicle networks, safeguarding over-the-air updates, or building resilient architectures from the ground up, cybersecurity must be engineered with the same rigor as functional safety.

At the core of trusted mobility lies a simple truth: a connected vehicle is only as strong as its security. The time to act is now—by embedding cybersecurity into every layer of development, operation, and beyond.

Acsia helps secure connected vehicles by aligning software development with ISO 21434 and UNECE WP.29 standards. The company enables OEMs and Tier-1s to embed cybersecurity from component to vehicle level, ensuring compliance, safety, and resilience against evolving threats.

• Threat analysis, risk assessment (TARA), and CSMS compliance
• Secure ECU design, OTA updates, and in-vehicle communication
• Penetration testing, vulnerability assessment, and remediation
• Cloud and API security for backend systems and services

Learn more