Cybersecurity for the Next-Gen Mobility

Table of Contents

Cybersecurity for the Next-Gen Mobility

Automotive cybersecurity related attacks are on the rise. As per the Upstream Auto analysis, there were 409 automotive related cybersecurity incidents between the years 2023 and 2024. In this scenario, the high to massive impact on mobility assets accounts for over 60% of all incidents, out of which, 92% of the attacks were remote.

Modern vehicles are becoming increasingly advanced and complex. This allows time on the road to be comfortable and convenient. These vehicles are heavily software dependent and come with advanced features like ADAS, infotainment, or V2X connectivity. This increasing software dependency is a double-edged sword that not only enhances functionality but also makes vehicles vulnerable to cyber-attacks, making connected car security a critical concern. From remote vehicle takeovers to data breaches, real-world incidents have shown just how vulnerable connected cars can be.

Real-world examples of connected car security exploitation

While many automotive cybersecurity concerns seem hypothetical, hackers already have a history of gaining compromising access to vehicles. There are some real-life incidents which show how important it is to consider developing a cyber-resilient vehicle:

Hyundai Ransomware Attack – In Feb 2024, the Europe division of Hyundai Motors suffered a Black Basta ransomware attack, which resulted in disrupted operations.

Jepp Cherokee Hack – security researchers at the Keen Security Lab remotely hacked into a Cherokee’s infotainment system. This allowed hackers to take control of their steering, brakes, and transmission systems. This remote hack led to the recall of 1.4 million cars and led to massive vehicle security standardization efforts globally.

Tesla Model S Hack – A group of Chinese researchers took control of a Tesla Model S’s door locks, brakes, and dashboard computer from around 12 miles away. The OEM quickly issued a software update to address this vulnerability, but the same functionality that enabled this over-the-air update enabled the hack.

Cyberattack on Eicher Motors Limited – In July 2024 Hackmanac (@H4ckManac) posted on X.com that Eicher Motors Limited India has become the victim of LockBit Ransomware 3.0. This resulted in company data theft.

In 2024, Upstream’s global cybersecurity report provided a breakdown of publicly disclosed automotive cybersecurity incidences with low, medium, high, and massive impacts on mobility assets. In 2024, 60% of the incidences had a high to massive impact.

 

Upstream Security

Source: Upstream Security

 

Such an increase in cyber-attacks can occur due to several factors such as:

  • Rapid innovation in Software Defined Vehicles and Autonomous Vehicles that enables remote access
  • Increased API connectivity between OEMs, and multiple vendor applications and devices. This increases the chance of hacking
  • AI-based automation in cyber-attacks can attack quickly with fewer resources

These incidents show that secure software development is the key in making these vehicles cyber-proof. Additionally, as per the – Automotive Cybersecurity related software development market is expected to reach USD 5.3 bn by 2030. It is driven by HAD, OS and middleware, and ADAS.

 

McKinsey Analysis

Source: McKinsey Analysis

 

This shows that software development and software integration & testing are the key elements in cybersecurity related Software Defined Vehicles. There are two sub-components involved:

  • Operating Systems (OS) & Middleware – This part handles the secure communication, access control, intrusion detection, and crypto functions
  • Functional Domains – Areas like ADAS, Infotainment, and Connectivity, which fully rely on OS and Middleware, and these may need extra protection

There are several other types of security elements in vehicles apart from the software element. These are based on the communication flow – to and from the vehicle:

  • Network Security: Modern vehicles rely on in-vehicle and external communication networks (CAN, Ethernet, V2X, TCU) for OTA updates, remote diagnostics, and telematics. These interfaces must be protected against packet injection, spoofing, and man-in-the-middle (MitM) attacks that could compromise vehicle integrity or user privacy.
  • Data Security: Vehicles generate and transmit sensitive sensor and behavioral data (camera feeds, GPS logs, CAN messages). Ensuring confidentiality, integrity, and access control of this data is critical to prevent unauthorized tracking, profiling, or data leakage.
  • Control Systems Security: Electronic Control Units (ECUs) governing ADAS, powertrain, and infotainment are targets for adversarial code injection, replay attacks, or firmware manipulation. Compromising these systems can directly impact safety-critical functions like braking, steering, and collision avoidance.

Emerging Standards and Regulations

ISO/SAE 21434 and UNECE R155 lay the foundational standards for securing vehicle architecture. ISO/SAE 21434 is a comprehensive cybersecurity standard that defines engineering requirements for risk management across the vehicle lifecycle—from concept to decommissioning. UNECE R155 mandates a Cybersecurity Management System (CSMS) for OEMs and requires proof of risk assessment and mitigation for type approval. In addition to these, newer regulations like the EU Cyber Resilience Act (CRA) are broadening the scope. The CRA enforces cybersecurity requirements not only for automotive ECUs, but for all software and connected hardware sold in the EU—mandating security throughout the product lifecycle, from design to post-market surveillance.

Other key frameworks include:

  • UN R156 – Focuses on secure and traceable software updates, complementing UN R155
  • ISO 24089 – Deals with software update engineering, ensuring integrity, traceability, and safe deployment in connected vehicles
  • NHTSA Best Practices – Offers layered security guidance for safety-critical automotive systems in the U.S

Together, these standards and automotive cybersecurity certifications emphasize the need for secure-by-design systems, data protection, and robust post-market monitoring.

 

Also refer Key concepts on cybersecurity attack types, automotive cybersecurity certification, and industry standards including ISO/SAE 21434 by eInfochips.

 

The graphic below provides a comprehensive view of automotive cybersecurity layers across the vehicle development lifecycle. This shows the V-Model and is structured according to the ISO/SAE 21434 standard—from embedded hardware to secure communications and post-deployment services:

 

eInfochips LTD

Image Source: eInfochips LTD.

 

Today, many OEMs and Tier-1 suppliers are stepping up and taking measures to implement security across vehicle architecture. To support these measures, there are some famous conferences around the globe to encourage innovation, knowledge sharing, and collaboration between researchers, and OEMs

  • OEMs are integrating hardware-based security modules like HSMs (Hardware Security Modules) into ECUs. They deploy secure boot processes, encryption engines, and anomaly detection systems.
  • Tier-1 suppliers are co-developing secure software stacks and implementing intrusion detection and prevention systems (IDPS). They are also using over-the-air (OTA) update mechanisms with end-to-end encryption.

Companies are also investing in AI-based threat detection, secure gateway solutions, and real-time monitoring. Some offer full-stack security assessments. Others focus on intrusion detection, OTA update protection, and threat intelligence platforms.

Conclusion

Automotive cybersecurity is at a pivotal point, where rising connectivity, over-the-air updates, and software-defined vehicles demand robust, multi-layered defenses. From securing ECUs and networks to implementing proactive threat modeling and continuous monitoring, a comprehensive, lifecycle-based security strategy is essential. By combining regulatory compliance with innovative technologies and engineering best practices, the automotive ecosystem can drive innovation safely and confidently into the future.

eInfochips helps various OEMs and Tier-1 suppliers in designing, developing, and managing secure connected vehicles across the device, connectivity, and application layers. Our solutions cover secure boot, encryption protocols, intrusion detection and prevention systems (IDPS), OTA update security, HSM-based authentication, and secure AI model deployment. We also have expertise in OS and middleware (AUTOSAR, secure stacks), functional safety modules in ADAS, infotainment connectivity, and V2X communication, ensuring compliance with global standards like ISO/SAE 2143.

Know More:
Cybersecurity Services
Automotive Engineering

Picture of Sanskar Chopra

Sanskar Chopra

Sanskar Chopra is a Product & Practice Marketing Manager at eInfochips, focusing on the automotive solutions portfolio. With over 10+ years of experience in Product Management, Go-To-Market Strategies, and Solution Consulting, he has worked with leading Automotive and Industrial customers. He holds a bachelor’s degree in Electronics & Communications Engineering.

Explore More

View All

Talk to an Expert

Subscribe
to our Newsletter
Stay in the loop! Sign up for our newsletter & stay updated with the latest trends in technology and innovation.

eInfochips, an Arrow Electronics company, is a leading provider of digital transformation and product engineering services. eInfochips accelerates time to market for its customers with its expertise in IoT, AI/ML, security, sensors, silicon, wireless, cloud, and power. eInfochips has been recognized as a leader in Engineering R&D services by many top analysts and industry bodies, including Gartner, Zinnov, ISG, IDC, NASSCOM and others.

Headquarters
– USA, San Jose
– INDIA, Ahmedabad

Write to Us: marketing@eInfochips.com

Linkedin Twitter Facebook Youtube Instagram

Services

Industries

Insights

Explore eInfochips

©2025 eInfochips (an Arrow company), all rights reserved. | Know more about Arrow’s Privacy Policy and Cookie Policy

Download Sample Report

Download Brochure

Start a conversation today

Schedule a 30-minute consultation with our Automotive Solution Experts

Start a conversation today

Schedule a 30-minute consultation with our Battery Management Solutions Expert

Start a conversation today

Schedule a 30-minute consultation with our Industrial & Energy Solutions Experts

Start a conversation today

Schedule a 30-minute consultation with our Automotive Industry Experts

Start a conversation today

Schedule a 30-minute consultation with our experts

Please Fill Below Details and Get Sample Report

Reference Designs

EV Charging SECC Reference Design
NXP i.MX93 Reference Design
Edge Labs (Qualcomm Based Reference Design)
Camera Reference Designs
High Voltage BMS Reference Design
Camera Module
DC Fast Charger Reference Design
Multimedia Kit
Qualcomm AMR Reference Design

Insights

Blogs
Case Studies
Whitepapers
Webinars

Our Work

Innovate

Transform.

Scale

Partnerships

Device Partnerships
Click heare to know more..
Digital Partnerships
Click heare to know more...
Quality Partnerships
Click heare to know more...
Silicon Partnerships
Click heare to know more...

Company

About Us
Leadership Team
Our Clients
Partnerships
Awards and Accolades
Corporate Responsibility
iRespectYOU

Industries

Mobility
Aerospace
Automotive
Off Road
Healthcare
Medical Devices
Pharma & Life Sciences
Digital Health
Industrial
Industrial Automation
Building Technologies
Energy & Utilities
Heavy Machinery
Robotics and Autonomous Machines
Hi-Tech
Consumer Electronics
Security & Surveillance
Semiconductor
Technology
Compute and Storage
ISVs & Platforms
Aerospace
Medical Devices
Automotive
Security, Surveillance & Access Controls
Consumer Electronics
Smart Retail
Energy & Utilities
Smart Spaces
Industrial Products
Semiconductors

Products & IPs

Device
Reusable Camera Framework
e-EYE
Accessories
System on Modules
Development kits
Digital
EIC PROPEL ™
Snapbricks Devops for IoT
Snapbricks loT Gateway Framework
Snapbricks IoT Device Lifecycle Management
Snapbricks Cloud Migration Assessment Framework (SCMAF)
RPA Assessment Framework
UX Assessment Framework
Snapbricks DevOps Maturity Assessment Framework (SDMAF)
Snapbricks Cloud Optimization Assessment Framework (SCOAF)
RDM (Remote Device Management) SaaS Framework
Conxero
Cybersecurity Assessment Framework
Mobile App Maturity Assessment Framework
RPA Assessment Framework
IoT Cybersecurity Assessment Framework
Arrow Connect Framework
Quality
Snapbricks Test Automation Framework
Model Based BDD Testing Framework
Voice Assistant Quality Automation Framework
Battery Management System Testing Framework
Testbed for Avionics
Wireless Connectivity Test Automation Framework
Bluetooth Qualification Framework
Unified Test Automation framework (Web, Mobile, API)
Silicon
Verification IPs
Optix-Physical Design Framework
PerfMon- Performance Analysis Framework
DAeRT (Dft Automated Execution and Reporting Tool)
ConForum for DFT Framework
Scoreboardnetic
AMSify
Ethernet Verification IP

Services


    Device
Engineering
    Digital
Engineering
    Quality
Engineering
    Silicon
Engineering
Foundation
Services
Hardware Design
Embedded System & Software Development
Multimedia & Digital Solutions
Design to Manufacturing
Product Sustenance
Cloud
DevOps
User Experience
Full Stack
Mobility
IoT
AI & ML
Product Testing
Cloud Testing
Mobile & Web Testing
IoT Testing
Quality Process Consulting
ASIC, FPGA, SoC Design & Development
Design Verification & Pre/Post-Silicon Validation
Physical Design & DFT
Transformation
Services
Image Tuning
OS Porting & Optimization
Remote Device Management
Product Redesign
Big Data
Cybersecurity
Robotic Process Automation
Extended Reality
Blockchain
Generative AI
Intelligent Test Automation
Security Testing
UI/UX Testing
Wireless Testing
Multimedia Testing
QAOPs
Process Migration
Derivative ASICs
IP/VIP Development, Integration & Verification
Device
Foundation Services
Hardware Design
Embedded System & Software Development
Multimedia & Digital Solutions
Design to Manufacturing
Product Sustenance
Transformation Services
Image Tuning
OS Porting & Optimization
Remote Device Management
Product Redesign
Digital
Foundation Services
Cloud
DevOps
User Experience
Full Stack
Mobility
IoT
AI & ML
Transformation Services
Big Data
Cybersecurity
Robotic Process Automation
Extended Reality
Blockchain
Generative AI
Quality
Foundation Services
Product Testing
Cloud Testing
Mobile & Web Testing
IoT Testing
Quality Process Consulting
Transformation Services
Intelligent Test Automation
Security Testing
UI/UX Testing
Wireless Testing
Multimedia Testing
QAOPs
Silicon
Foundation Services
ASIC, FPGA, SoC Design & Development
Design Verification & Pre/Post-Silicon Validation
Physical Design & DFT
Transformation Services
Process Migration
Derivative ASICs
IP/VIP Development, Integration & Verification
Privacy Policy

Our website places cookies on your device to improve your experience and to improve our site. Read more about the cookies we use and how to disable them. Cookies and tracking technologies may be used for marketing purposes.

By clicking “Accept”, you are consenting to placement of cookies on your device and to our use of tracking technologies. Click “Read More” below for more information and instructions on how to disable cookies and tracking technologies. While acceptance of cookies and tracking technologies is voluntary, disabling them may result in the website not working properly, and certain advertisements may be less relevant to you.
We respect your privacy. Read our privacy policy.