Analysis

Zero-Trust in the age of software-defined vehicles

Advancing cybersecurity in the automotive industry

As the automotive industry shifts toward software-defined features, cybersecurity strategies will become even more critical to identify, detect, and defend against cyberattacks. Learn how a Zero-Trust mindset can help automotive manufacturers incorporate cybersecurity into their software development life cycle and boost their organization’s resilience.

Evolving cybersecurity to keep up with expanding capabilities

In the past, vehicle manufacturers differentiated themselves with mechanical features such as performance and reliability. Today, consumers are increasingly looking for features defined by software, such as driver assistance features, personalized infotainment, real-time digital features and user-centered services.

As the focus of the whole industry expands from manufacturing vehicles to providing mobility services, the automotive technology stack is rapidly growing. Providing customizable mobility services is not possible with today’s coupled vehicle software and hardware architecture. Today’s automotive software development processes yield monolithic blocks of code that are built, tested, and then flashed into the electronic control units (ECUs) on the production line. Changing functionalities results in a tedious and costly process of reintegration, retesting, and reflashing for which today’s development cycle and production lines are not built.

Understanding the impact

Automotive service-oriented architecture (SOA) revolutionizes how vehicle software is built. SOA incorporates a group of components to act as middleware between applications and the operating system (OS). This middleware decouples the individual software components from the underlying hardware, enabling software portability inside a vehicle’s architecture. The adoption of a Secure SOA framework will simplify the vehicle’s development process from concept through development, to deployment, and maintenance.

The move toward software-defined vehicles is enabling a wealth of safety, comfort, and convenience innovations—and the innovations don’t stop when those vehicles leave a dealership. Through over-the-air (OTA) updates, the software that runs the vehicle can continue to evolve and improve throughout its life cycle, continuously enhancing consumers’ digital experience for years to come. As original equipment manufacturers (OEMs) shift toward a software-defined architecture, cybersecurity strategies will become even more critical to identify, detect, and defend against cyberattacks. A Zero-Trust mindset enables organizations to incorporate cybersecurity into their software development life cycle and create systems with built-in cybersecurity.

Business-drivers for Zero-Trust security

Complex internet of things (IOT) ecosystem: The increasingly global third-party landscape creates complexities as companies manage risks across a wide range of information and operational technology environments and expand to emerging markets or higher risk geographies.

Interconnected ecosystem of mobility services: Organizations are continuing to expand not only the number of business operations that are outsourced, but also activities that are considered critical services, to provide customers with a leading experience and gain efficiencies and flexibility.

Increased complexity and frequency of cyberattacks: Data breaches are often a top concern for executives who worry about the security of highly confidential information. Increasingly, cybersecurity and cyber resilience are two of the top trending topics on board agendas.

Push toward software-defined transformation: Greater use of emerging technologies, such as cloud and machine learning, and open-sourced software increase the surface area for potential vulnerabilities and the need to keep security at the heart of modernization.

Dissolving network perimeters: Organizations are moving to remote and virtual working models, increasing the need for transparent and strong approaches to identify, manage, and reduce risk. As automotive network perimeters continue to dissolve, trust should be established and constantly revalidated for each connection.

Brand, reputational, and regulatory concerns: Damage to an organization’s brand can cause as much financial setback as regulatory fines. The effort and cost of regaining customer trust and dealing with regulatory impacts after an incident can be mitigated with proactive security and privacy measures.

Automotive Zero-Trust security components

As automakers adopt new networking technologies in their connected mobility ecosystem, they also need to incorporate the protection measures to secure network traffic in these environments. OEMs should therefore consider solutions that support a wide range of secure protocols and standards for safe and legitimate communications across a vehicle’s systems.

OEMs should adhere to various industry standards and protocols, such as AUTOSAR, secure onboard communication (SecOC), media access control security (MACSec), transport layer security (TLS), internet protocol security (IPSec), that secure data at specific layers to protect communications. Secure communication with end-to-end encryption and implementing encrypted secure sockets layer (SSL)/TLS or IP virtual private network (VPN) communications provides data privacy.

Protecting connected cars requires a multilayered security approach, and implementing other defensive controls that work by blocking, segmenting, or isolating traffic will only allow the legitimate data to get to the accepted destinations inside the vehicle’s network. Network Firewalls can monitor traffic to and from networks to enable compliance with security policies, allowing authorized traffic and blocking high-risk traffic. Advanced firewalls can include features such as intrusion detection, denial of service protection, and antivirus capabilities.

Intrusion detection systems (IDS) perform deep-packet inspection of network and application traffic throughout the vehicle to provide secure end-to-end communications. Suspicious traffic is logged, and alerts are sent to the vehicle security operations center (VSOC).

It’s critical to include security engineering in the various aspects of the software development lifecycle (SDLC), including software requirements, architecture, design, coding, testing, and validation. Manual secure code reviews will enable OEMs to discover violations of secure coding standards. Code reviews are a common mechanism for evaluating the efficacy of security controls and coding constructs that are implemented to satisfy specific security requirements.

Using penetration testing, OEMs can perform a review of the running application to identify potential security vulnerabilities. Penetration tests generally combine automated tool-assisted testing and in-depth manual analysis focusing on business logic as part of the security assessment of an application or system.

As for OTA updates, a centralized code signing is required to enable firmware updates that are signed by the developer and authenticated by ECUs to avoid compromising situations.

The hallmark of secure communication is based upon a trusted and verifiable identity. This identity often comes in the form of a signed certificate. With a proper public key infrastructure (PKI),manufacturers can issue identities to the primary communication ECU and, in collaboration with their Tier 1 suppliers, to the ECUs within the vehicle. In the unlikely event of a breach of a root certificate, automated certificate life cycle management is imperative. Implementing strong user access controls and machine-to-machine (M2M) mutual authentication provides two-way verification.

A component of standards like ISO/SAE 21434, threat analysis and risk assessment (TARA), is widely used to assess automotive industry cybersecurity risks, based on an in-depth analysis of the vehicle’s architecture and software. After a broad assessment of the risks, security engineers can then select a list and sequence of required countermeasures to mitigate those risks. OEMs need to look for known and unknown vulnerabilities using catalogs as well as risk factors like time, accessibility, and equipment and determine the estimated likelihood of risk. This gives the security team ample information in order to define a “risk treatment decision” or a map of sorts to set up the required security system for the vehicle at hand.

Mitigating the risks

Vehicle attacks now pose not only a cybersecurity but also an enterprise-wide risk, threatening business continuity and the operations of organizations. Therefore, to mitigate their effects, organizations should consider implementing solutions to enhance cyber resilience and remediate enterprise risk.

Deloitte combines industry-leading strategic advisory services with deep technical capabilities and managed services to help organizations design, implement, and operate advanced cyber and strategic risk programs that build resiliency, deepen trust, and fuel performance.

Our offerings for the automotive industry include:

  • Cybersecurity management systems
  • DevSecOps
  • Vehicle cybersecurity risk management
  • Software update management systems
  • Supplier cybersecurity management
  • Vehicle cybersecurity monitoring

Learn more about our Cyber & Strategic Risk practice

Unlocking industry advantage through tech investment

Tech’s role in reshaping the future of industry is huge. Learn how it’s helping create a competitive edge for many businesses across sectors.

2025 Global Automotive Consumer Study

Tracking consumer trends in the automotive industry