Roy Fridman, CEO of C2A Security, recently joined Siddharth Jaiswal over at The Netscribes Podcast to discuss the shifting landscape of the automotive market and the implications to vehicle product security. Roy highlighted two major industry shifts driving this demand: the move away from hardware-focused automotive development towards software-defined vehicles, and the growth of the electric vehicle (EV) market.
As Roy notes, this shift to software-defined vehicles is causing a seismic change in the industry, with vehicles becoming computers on wheels coupled with a “coding explosion” – as car makers develop hundreds of millions of lines of code to address consumers’ demand. This shift emphasizes the need for greater focus on cybersecurity and new challenges in scaling development.
Fridman stresses that both internal combustion engine (ICE) vehicles and EVs are software defined, requiring a security by design methodology to develop and manage software at scale.
Even so, Roy explains that electric vehicles present three unique security challenges, the most critical of which is that EVs connect directly to the power grid at charging stations. This connection expands the attack surface beyond the vehicle and into critical infrastructure, which warrants even tougher security protocols. Yet despite the obvious security risks EVs pose to the grid, little has been done on the regulatory side, leaving the charging stations operators ‘in the dark’.
After talking about the three unique challenges of EV cybersecurity, Roy shares his thoughts on why the automotive market shouldn’t view security (only) through a threat lens, but rather its potential as a business enabler. He also gives some predictions on how the security ecosystem will evolve, identifying the two main tracks he sees bifurcating the cybersecurity market.
The episode, titled “Decoding cybersecurity for electric and software-defined vehicles,” is a quick, informative 20-minute listen. You can find it here.