Connected vehicles: The road to cyber safety

The connected ecosystem of vehicles

The world today has evolved into a networked entity and the mobility ecosystem is undergoing a dynamic transformation. Passenger cars are being incorporated with a myriad of features, bringing the future home for their owners.

Features such as starting the vehicle remotely, monitoring tyre pressure, door locking and unlocking, and climate control with the help of a remote have been around for a few years now. Today, however, there are a host of new-age features on demand for mobility customers – like geographical information system (GIS)-based functionalities, connectivity to road traffic systems, and exponentially multiplying interfaces between smartwatches, cars and mobile devices, cloud-based application support systems – emerging due to technological and other advancements. Moreover, some new features such as real-time traffic flow help you avoid the crowd, while some apps help update your contacts about your arrival time. GIS enables street-level views which help you recognise your surroundings while driving, while integrations with other apps provide you updated parking slots, thus saving the hassle of scouting for parking or paying a premium. Electric vehicles (EVs) have integrated services that help you recharge your car at the nearest EV charging station while minimising charging time. Vehicle telematics has further enabled the introduction of many new services – such as collision detection, road safety, recognition of driver behaviour and tracking of vehicles. These, in turn, are finding new use cases – both for fleet owners and personal drivers – thus enhancing car ownership and usage experience for all.

India’s supply chain has undergone significant change, fuelled by heavy vehicles. India’s cargo manufacturers are increasingly offering personalised services in order to stay relevant in a highly competitive market. This is also being increasingly driven by consumers who need real-time tracking of consignments, changes due to traffic and optimisation of upcoming routes. Fleet managers are invested in increasing the on-road utilisation of their vehicles for a faster turnaround. Trucks, trailers and heavy cargo are pre-fitted with diagnostics, which not only predict issues in advance, but are also able to work out improvements in the performance of entire fleets through centralised route optimisation customised for geographical areas, drivers and specific consignments.

All of the above examples point to multiple entities connected through multiple interfaces, enabling data to pass through different stakeholders. This involves authentication of data, ensuring data validation, data control and visualisation.

Changing the narrative: From one-to-one to one-to-many

The one-to-one ‘individual–vehicle’ or ‘individual–vehicle–services dealer’ relationship is undergoing a significant change. In the present scenario, this relationship has transformed into a more complex ecosystem comprising multiple entities – such as third-party aggregators, data or services providers, cloud providers, internet service providers (ISP) and access control services, GIS providers, mobile services, charging stations, banks, payment portals, and power suppliers.

The physical infrastructure composed of roads, highways, bridges, weigh stations, fuel pumps, service centres, traffic lights etc., has been superimposed with data networks inside and outside the vehicles, interfaces with public networks through traffic cameras, radio frequency identification (RFID), EV charging points, smart licence plates, Wi-Fi access points in the vehicles, and interfaces with multiple third-party integrators for public utility services.

While the legacy brick-mortar infrastructure has well-established rules regulations, compliances (like traffic markers and signals, tolls), and also measures for remediation, the digital layer of the connected vehicle infrastructure is not under the ambit of clear compliances and regulations for cybersecurity, yet. Data generated from vehicles now undergoes various processes with multiple stopovers. Similar to how vehicle owners ensure safety and awareness at certain points while driving, it is imperative to have checkpoints in order to secure vehicle data.

While vehicle exporters to Europe are now mandated to be certified for cyber safety through the UNECE R155 certification, India is on the threshold of mandating cyber safety certification with a finalised draft of AIS-189 and AIS-190 regulations.1

This is crucial considering the increasing incidents of cyberattacks globally. What may be of immediate concern is the existing difference in the readiness and skills of cyber criminals to attack any system of value, and the availability of such exploits in the underbelly of a digital universe. Here, the lack of cybersecurity awareness in an innocent (unsuspecting) consumer of connected services often results in unfavourable consequences. Therefore, it is of immediate importance for consumers of connected mobility to ask for cybersecurity certification for their cars in India when they decide on a new purchase. This would make the connected universe much safer than what it is today.

Although vehicle manufacturers, service providers, sensor manufacturers, application and content creators are collectively enhancing a consumer’s experience through connected services, they are also actively contributing towards the growth of the auto sector. However, as customers become more demanding and technology gets more intrusive, addressing aspects related to safety and the possible risks associated with such connected features is crucial, in order to avoid possible cyber or driving-related crises. In addition to that, establishing the right checks, taking stock of balances, making investments and leveraging the latest technologies to make connected vehicles more secure will help make the auto sector fit for future.

Contact us

Sundareshwar Krishnamurthy

Sundareshwar Krishnamurthy

Partner and Leader, Cybersecurity, PwC India

Aniruddha Kadkol

Aniruddha Kadkol

Executive Director, Cybersecurity, PwC India

Follow PwC India

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Hide