Search term

Automotive Product Cybersecurity
Strategies and technologies for securing connected vehicles

Automotive Product Cybersecurity

What measures protect a system against unauthorized manipulation and attacks in a resource-saving, effective and long-term manner?

The ever-increasing frequency and severity of cybersecurity incidents has significantly increased the importance of product cybersecurity in recent years, both in terms of public perception and from an economic perspective. In addition, the need for protective countermeasures has also been further increased by the constantly growing number of applicable regulations and requirements such as UNECE 155R, ISO 21434, IEC 62443, ASPICE for Cybersecurity and other industry-specific standards.

At the same time, various customer-specific cybersecurity requirements and the expansion of existing coding standards are also contributing to making the overall picture increasingly complex.

Increasingly complex system functions and the growing number of interfaces and networks are creating more and more potential threat scenarios.

The system complexity and the number of control units, functions and interfaces are increasing rapidly in the automotive industry, which inevitably leads to new potential threat scenarios. Modern vehicles are no longer isolated, mechanical means of transportation, but highly networked, software-driven platforms.

From infotainment systems and telematics devices to autonomous driving functions – the abundance and networking of electronic components requires robust cybersecurity measures. Every additional interface, whether internal bus communication (e.g. CAN/CANFD, LIN, FlexRay, Ethernet) or external connections (e.g. Bluetooth, Wifi, 5G, etc.), can represent an additional gateway for cyberattacks.

This makes it essential to plan, develop and test advanced cybersecurity mechanisms right from the start to ensure the integrity and security of vehicle data and functions and to protect both drivers and other road users from potential threats.

Cybersecurity by design – from identified risks to customized countermeasures

Product cybersecurity should be considered as part of the development process right from the start of a new or further development of a product. This is the only way to identify threatened system elements (so-called assets such as interfaces or (sub-)functions) and realistic attack paths on time and to fully assess the potential impact of damage scenarios on the road users and companies involved.

Based on this, the actual risks are determined and corresponding security goals and claims are derived and this, a cybersecurity concept specifies which security measures (security controls) are necessary to fulfill all existing requirements for securing the product against attacks and manipulation.

Some of these typical cybersecurity countermeasures are, for example:

  • Use of so-called secure flash and secure boot mechanisms to prevent unauthorized changes to the device firmware through forged updates or direct manipulation of the device memory
  • Additional authentication of messages and signals using Secure Onboard Communication (SecOC) to protect security-critical bus networks (e.g. CAN/CANFD, FlexRay or Automotive Ethernet) from manipulation by attackers
  • Use of a hardware security module (HSM) for the hardware acceleration of cryptographic algorithms and for the protection of security-critical information such as key material or private user information
  • Additional physical protection of the hardware by deliberately planning an installation location that is difficult to access, using special screws or sealing the housing to make attacks on devices more difficult and unauthorized tampering more clearly identifiable

It is important that the available measures are selected according to requirements and are combined sensibly with each other to ensure the highest possible level of security without compromising the actual functionality of the product.

Automated robustness or fuzz tests and systematic pen tests are also often necessary to ultimately prove the effectiveness of the countermeasures. In addition to the classic module, integration and system tests, these should be considered directly when planning a complete test strategy.

Cybersecurity lifecycle – a continuously protected product from production to disposal

A product must be protected against possible misuse and manipulation by unauthorized third parties throughout its entire lifecycle. This begins with the manufacture of the individual sub-components and the assembly of the system, right through to its disposal after up to 15 – 20 years of operation.

Any potential weak point within the production chain can be identified and exploited by attackers. For this reason, production planning should take cybersecurity aspects into account right from the start. Product cybersecurity must work closely with the teams responsible for IT & OT cybersecurity to establish a seamless security concept for the production process.

Fundamental questions need to be clarified here:

  • Where are security-critical data such as key material or passwords stored?
  • How can security-critical data be transferred securely between different production parties?
  • How can access to flash or end-of-line stations be restricted through appropriately secured areas?
  • How can these secured areas be protected from unauthorized access, e.g. by automated access controls?
  • In which production step are key material and passwords written into the device and at what point are specific cybersecurity functions activated?
  • What measures can be taken to effectively protect the subcomponents and products from theft and manipulation during transportation and storage?

Even after the product has been placed on the market, it must be ensured at all times that safety-relevant diagnostic access or service functions can only be carried out by authorized specialist personnel and that safety-critical diagnostic data can be stored in the system in a tamper-proof manner. This requires an authorization and role system for the necessary service functions, for example, and appropriate authentication should also be integrated into the diagnostic devices of the service teams involved.

Even for the final disposal, known as decommissioning, the necessary steps for data erasure must be planned in order to prevent misuse of the product and the reading of personal data or key material.


Whether it's an ongoing project where you need additional experts for safety-relevantcritical applications, or if you are still in the planning phase of such a project, we are the right partner for you when it comes to functional safety.

Would you like to know more about our experience and core competence in the field of func-tional safety? Then contact us at:

Share Page

Schaeffler applies cookies to secure an optimal use. With the further use of this website you accept the application of cookies. More Information

Accept