Cars, Hackers & Cyber Security

In this episode of the Plaxidity X automotive cybersecurity podcast, Cars, Hackers, & Cybersecurity, we explore the groundbreaking transition from Software Defined Vehicles (SDVs) to User Defined Vehicles (UDVs) and what it means for the automotive industry. Modern vehicles are no longer just machines—they are customizable digital platforms, allowing car owners to install apps, update software, and tailor their driving experience to meet their personal needs, much like a smartphone. We’ll delve into how this shift is paving the way for enhanced connected services, improved in-car experiences, and new business models for car manufacturers, who now have the potential to generate significant revenue from selling on-demand features.

But this leap forward in vehicle customization also comes with new cybersecurity challenges. As cars become increasingly software-driven, they are more vulnerable to potential cyberattacks through over-the-air (OTA) updates and third-party applications. We explore how the automotive industry can protect vehicles from digital threats, while continuing to innovate and offer a seamless, personalized user experience.

We'll also discuss how major players like Tesla and Nio are leading the charge in the UDV space, continuously rolling out software updates and refining vehicle features based on user feedback. Join us as we take a closer look at how the future of automotive technology is moving towards a more user-defined, connected, and secure world.

TIME-STAMPED SHOW NOTES:
  • (00:00) Introduction: from Software Defined Vehicle (SDV) to User Defined Vehicle (UDV)
  • (02:25) Apps are king, now in vehicles too
  • (03:04) In-vehicle connected services
  • (04:03) Software updates make cars learn new tricks
  • (05:46) The cyber security angle of the user defined vehicle
  • (07:15) Outro of Plaxidity X Automotive Cybersecurity Podcast

Contact us:
https://www.linkedin.com/company/plaxidityx/
https://www.youtube.com/@PlaxidityX
contact@plaxidityx.com 

What is Cars, Hackers & Cyber Security?

As cars become smarter and more connected, the demand for top-tier automotive cyber security has never been higher. With expert insights from PlaxidityX, a leading automotive cyber security company, we’ll guide you through the challenges and solutions protecting millions of vehicles worldwide. Whether you’re an industry expert or just curious about how cars are secured in the digital age, this podcast comprehensively looks at how cyber defenses are developed, tested, and deployed.

We don’t just talk about the technology; we talk about what it means for you—the driver, the manufacturer, the tech enthusiast. We explore how automotive cyber security solutions are applied in real-world scenarios to safeguard everything from onboard infotainment systems to critical vehicle control units.

Tune in to gain a deeper understanding of how manufacturers are staying one step ahead of hackers and ensuring a more secure, connected world.

00:01:15:08 - 00:01:18:11
Host
Welcome to cars, hackers and cybersecurity.

00:01:19:00 - 00:01:22:00
Host
Here we break down the latest in automotive cybersecurity,

00:01:22:00 - 00:01:25:15
Host
helping you stay ahead in building secure connected vehicles.

00:01:27:09 - 00:01:42:22
Host
Hi. Today we're discussing the transition from software defined vehicles to user defined vehicles, and how this shift allows drivers to customize their vehicles much like they do with smartphones, creating both new opportunities and cybersecurity challenges.

00:01:42:22 - 00:02:04:10
Host
By now, it is unlikely you have not heard the term software defined vehicle. What it means exactly is a matter of perspective. It is widely accepted, though, that the modern vehicle has an ever increasing amount of software code embedded in its components, and a lot of functions that used to be controlled by mechanical or electrical means are now controlled by software code.

00:02:04:12 - 00:02:31:21
Host
But beyond that, the software defined vehicle allows for decoupling of hardware and software. In other words, an OEM can update the vehicle functions and even introduce new ones in vehicles that are already on the road. As more and more vehicles are adopting the concept and the implications of this evolution, some would argue revolution are starting to materialize. The conversation starts gravitating into a user defined vehicle.

00:02:31:23 - 00:02:54:11
Host
What's that all about? Let's take the mobile phone as a comparison. Many of us would find it difficult to remember what phones were like in those prehistoric times before the smartphone. Back then, a phone's functions and capabilities stayed exactly the same for the life of the device. Years after the purchase date, if you wanted your phone to learn new tricks, you had to go to the store and buy a newer model.

00:02:54:13 - 00:03:19:03
Host
The modern smartphone changed all that in two important ways. First, decoupling the phone operating system from the hardware allowed the phone maker to update the system periodically by pushing over-the-air updates. OTA. Many mobile phone makers update their OS at least once a year with new functions and capabilities. Second, phone owners can install apps that are of interest to them.

00:03:19:05 - 00:03:37:23
Host
Popularized by Apple with the introduction of the iPhone App Store back in 2008. Smartphone ecosystems today sport millions of apps on online app stores. Every phone user chooses their app combination of choice, and thus no two phones are really the same. Users literally define their own experience.

00:03:39:06 - 00:03:42:07
Host
Apps are king now in vehicles too,

00:03:43:13 - 00:03:50:15
Host
similar to smartphones. User defined vehicles allow car owners to customize their user experience.

00:03:50:17 - 00:04:17:21
Host
Apple and Android users have long been able to leverage Apple CarPlay or Android Auto to mirror apps from the mobile phone into their vehicle. Infotainment system. As long as it's compatible with these platforms. But new vehicle native platforms such as Android Automotive and others promise an even more intuitive user experience, allowing users to install apps of choice directly to the vehicle infotainment system without a need to mirror them from a mobile device.

00:04:19:19 - 00:04:21:21
Host
In-Vehicle connected services,

00:04:23:05 - 00:04:48:20
Host
the software defined vehicle concept, is riding on another automotive trend. Connectivity. The combination of both is enabling a new business model for carmakers selling connected services. Research forecasts that car companies can generate $1,600 per car from selling connected car services. A car owner does not need to buy all possible features. Instead, they can pick and choose the ones they want.

00:04:48:22 - 00:05:19:01
Host
A McKinsey survey finds that connectivity preferences vary widely by regions and customer segments. For example, Chinese consumers prefer advanced technologies such as advanced driver assistance features, while U.S. and German consumers prefer comfort and convenience features such as heated seats and climate control. Consumers also want flexible payment options, as some prefer one time payment for a feature, while others want a service based subscription model.

00:05:19:01 - 00:05:21:07
Host
Software updates. Make cars learn new tricks.

00:05:22:16 - 00:05:49:01
Host
Many car manufacturers add hardware, sensors and technology into the car design to enable future services. Even before customers buy or subscribe to them. It allows them to keep innovating and offer new services. Because aftermarket enhancements aside, car hardware typically remains the same through the life of the vehicle. The average life of a car on the road is over 12 years, and many vehicles last much longer than this.

00:05:49:03 - 00:06:16:12
Host
But once the connected Steve can get software updates over the air, a new dimension of enhancement opportunities opens up. Tesla, which pioneered the Steve in 2012 with the introduction of model S, is typically updating its in-vehicle software every few months, sometimes even faster. But Tesla is not alone. Nio, which is considered by some as the Chinese Tesla, offers its own take on user defined vehicles.

00:06:16:14 - 00:06:39:14
Host
NIO sees itself as a user experience rather than a carmaker, and views its customers as users. They push at least 4 to 5 complete software updates a year, and user feedback is what's driving their features and software development process. Feedback is usually collected via the in-car voice assistant system, but also by a user workshops and from user's smartphones.

00:06:39:16 - 00:07:00:01
Host
It's then delivered directly to Neo's user advisory board. NIO experience managers are analyzing the feedback, and repeated comments are translated into vehicle improvements via OTA updates within a few months. In 2023, Nio completed ten OTA software updates, including 768 experience improvements.

00:07:01:23 - 00:07:05:01
Host
The cybersecurity angle of the user defined vehicle,

00:07:06:08 - 00:07:13:03
Host
the evolution of the STB into a udev opens up a whole new car digital experience we never had before.

00:07:13:05 - 00:07:38:11
Host
Taking a page from the rise of the smartphone. At the same time, though, it raises cyber security considerations the industry must take into account, allowing car owners to download and install digital apps is creating a new potential attack vector for bad actors. Some apps, even legitimate ones, have less than adequate cyber posture and may bring with it software vulnerabilities or weaknesses that can be exploited to hack into the vehicle.

00:07:38:13 - 00:08:08:03
Host
One should also consider the possibility that rogue apps would penetrate the app stores, and cause car owners to inadvertently inject malicious code into their vehicle. Digital apps aside, software updates to vehicles on the road are yet another channel for software vulnerabilities. Carmakers are pushing major software updates multiple times a year. Each such software stack includes new code and could also introduce new or updated software libraries, either open source or commercial.

00:08:08:05 - 00:08:30:23
Host
Maintaining the vehicle software cyber posture is becoming not only a moving target, but also a never ending task. In a way, the software development process of the UTB never ends. While traditionally design and development of vehicles and their components are done prior to the start of production, the software of the UTB will evolve and enhance for years to come.

00:08:31:19 - 00:08:37:17
Host
That's all for today's episode. Keep your engines running smooth and your cyber defense is sharp.

00:08:37:17 - 00:08:42:05
Host
Stay connected by subscribing and visiting placidity. X-Com.

00:08:42:05 - 00:08:46:05
Host
Until next time, stay safe on the road and in the cloud.