Our CEO Roy Fridman sat down with Meir Dardashti, Principal at Maniv, for an insightful discussion on how the software-defined era is transforming the requirements for automotive cybersecurity. As connectivity and vulnerabilities increase, security is moving from being a cost center to an enabler of speed and innovation.
Roy argues that with software-driven products, security is not just about protecting against attacks, but about managing vulnerabilities and releasing features faster.
Here are some of the key points from the podcast:
1. Cyber attacks are still rare in autos, but vulnerabilities are increasing as vehicles depend more on software and third-party suppliers. Automakers need to identify and mitigate vulnerabilities in minutes rather than months.
2. Cybersecurity enables competitiveness by accelerating development. If security slows software releases, it hinders keeping up with pacesetters.
3. Compliance with regulations like UN Regulation No. 155 is imperative, yet bear in mind the regulatory landscape is dynamic and always changing. In addition, OEMs need to manage cyber risks over a vehicle’s 15-30 year lifetime.
4. Decisions around security controls have big cost implications in implementation times and lost opportunities. The wrong controls can lose manufacturers their competitive edge.
5. The management of the Software Bill of Materials (SBOM) has become a crucial aspect when discussing product cybersecurity. Unfortunately, connecting the SBOM to the actual risk posed to vehicles remains a significant challenge.
To summarize, cybersecurity is integral to bringing innovative software-defined products to market quickly and securely. Technology and collaboration will solve these emerging challenges more effectively than legal contracts. OEMs and tier 1s need to view security as an enabler rather than solely as a defense mechanism.
Listen to the episode on your favorite podcast app.