The latest GSA/McKinsey Automotive report on cybersecurity is music to my ears. It’s so thrilling to see the world paying attention to what we have been saying at UltraSoC for at least 2 years – the risks are growing, the stakes are getting higher, and cybersecurity will be non-negotiable for automotive in the future.
Even better news, McKinsey is predicting the automotive cybersecurity market to grow from $4.9Bn in 2020 to $9.7Bn in 2030, showing an expectation that the market will move from paying lip-service to cybersecurity solutions to actually investing serious money to defend against a serious threat.
The changing landscape of the automotive value chain, moving to a much more fluid ecosystem has been apparent and well documented in recent times (cf Deloitte 2019 report), and McKinsey notes that they also see a contribution from start-ups in the cybersecurity space: “entering the market with innovative solutions, e.g., specialized threat detection applications”. I have to wonder if they are talking about UltraSoC here? For sure we are breaking new ground in this space!
The report also summarises the forthcoming UNECE WP.29 regulation, and again I’m pleased to see “Detect and Respond to Security Incidents” during the post-production phase called out at the highest level in the cybersecurity lifecycle. Our early-adopter customers have recognised that this is going to be critical in automotive markets, but there is a huge challenge in achieving this against a backdrop of a rapidly changing threat landscape while designing vehicles that are expected to be on the roads for many years into the future. The best strategies involve deploying defense in depth – layering together as many cybersecurity detection and defense mechanisms as possible– including connectivity, software, hardware and hybrid mechanisms.
This provides me with the perfect segue to tell you about progress in our Secure-CAV project where we are building a demonstrator for cybersecurity in automotive. This week we have been working with our partners, customers and prospects to prioritise the initial use-cases that we focus on. We will be publishing these in a forthcoming whitepaper but for the moment I can reveal that they cover a diverse range of items from mobile network-based attacks to attacks on the OBD II port, and having impacts that vary from data theft, circumvention of true warranty periods, through to safety incidents. These use-cases will also showcase our award-winning Bus Sentinel and recently launched CAN Sentinel cybersecurity products.