How AI, Regulation, and SDV Architectures Are Reshaping Automotive Cybersecurity
Posted: December 11, 2025
Security by Design and Continuous Assurance
When looking at how connected and software driven vehicles have become, the most important principle that defines strong cybersecurity in the automotive industry today is security by design with continuous assurance. This means moving away from the mentality of putting a band aid on the problem or adding controls afterwards. The focus must be on the design continuously. Reducing the risk of compromise starts with the software, the cloud, and the backend, so these parts are very important. A strong detection process is needed since intrusions will become more or less inevitable, along with a recovery routine that allows recovery in case of an attack. All of these building blocks must be proactive, not reactive. Security by design means making all of them proactive.
Strong identity and signing for every artefact and component are essential. Compartmentalization is also key, since SDVs and centralized architectures create a more central structure, so different domains must be compartmentalized from a security perspective. The boot process and trust are essential, along with deep defensive security mechanisms in the cloud. Continuous fleet monitoring is very important, along with patching and incident response. These are the corner blocks, especially the continuous part. The keywords are continuous and security by design, and all of these elements and more are included in that.
End to End Lifecycle, Process Strength, and Unified Safety Security View
One of the most important structural aspects today is having an end to end, risk driven lifecycle that is not only focused on security and not only reactive, but also considers safety and updates. Software in the vehicle must be updatable safely and securely whenever needed. A strong and robust CSMS is essential throughout the entire V model.
This starts early with TARA, and it also requires revisiting TARA and not forgetting to update it. Supplier security requirements are very important for OEMs, since expectations must be clear, compliance must be ensured, and the work must be verified properly from a security perspective. SBOM and vulnerability management are necessary for both in house and supplier development. Signing in CI/CD is important for accountability and integrity. Pre deployment gating matters, and fleet SOC for operations and many other aspects also belong here.
The cornerstone is a unified view of safety and security, and making sure data is unified, up to date, and reflects what goes into the car. The process side of security is more often where issues can be solved. Security breaches are less often caused by cryptographic breaks and much more often by weaknesses in process. A robust process means knowing what is being done, knowing where a change comes from, knowing what it affects, and understanding the impact not only on the security bubble but on the entire design and safety picture.
AI Opportunities for Security and Efficiency
AI is giving opportunities far beyond what was imaginable a few years ago. Some of the areas that can be leveraged for security are anomaly detection, code review assistance and code generation, although code generation is more about efficiency. Whether the code that AI generates is more secure than human written code matters less than the quality of the review, and the review can go both ways between AI and humans. Test generation and fuzzing can also be improved since AI can do much more, much faster, and with more information. Predictive maintenance is another area.
AI Threats, Model Integrity, and Safety Considerations
With AI being introduced, developers and OEMs are not the only ones with access to it. Adversaries will also use AI. It is not only about adversaries either, because safety risks are involved. Data and model integrity are very important. The AI model must not be tampered with during training or any other phase, and untrusted datasets should not be used. Then there is the adversarial part, such as spoofing of sensors or feeding wrong inputs to perception or planning systems. These are activities that an adversary might try to exploit with AI, so they need to be considered.
The provenance of the model matters. It must be known where it comes from, who developed it, which version is being used, and what vulnerabilities it has. An SBOM can help with that by tracking prompts, data and other elements in the models. Reproducible training can be helpful, along with red team results, which can even be made mandatory if security is to be increased.
There is a clear connection to safety. Whenever machine learning and AI models are used, especially for controls or HMI, they should be considered safety risks as well. Adversaries can use AI to create safety incidents, which strengthens the connection between safety and security. Defining the ODD of AI models clearly, and having safe fallback and degradation paths, is important. There must be a way to degrade from machine learning and AI functionality in a safe way if the models are tampered with or if there are security risks. Privacy and minimizing telemetry are additional concerns. These are important both in terms of risks and ways of using AI to reduce risks.
Securing the toolchain, adversarial testing with a rigorous approach, and gating deployment with clear safety and security acceptance criteria for AI models will be increasingly important.
Growing Regulatory Pressure and Operational Expectations
Across the industry, practitioners are experiencing growing pressure from regulations, regulatory expectations, and accountability in operations. These pressures are tightening and will continue to do so. With many standards now published, the focus is shifting to implementation and to demonstrating accountability across the entire toolchain.
Continuous vulnerability management, including supplier and open source exposures, is becoming essential. Incident reporting requirements are increasing. SBOMs are becoming central for understanding provenance of all software and hardware. OTA updates must be provable and secure. Fleet level detection and response allows organizations to address breaches and recover at scale.
Practical steps include creating runbooks and exercises for SOC and PSIRT teams, reviewing and completing the SBOM, maintaining automated update mechanisms connected to CI/CD, and applying risk scoring to findings. OTA requires exercises and drills, including rollout and rollback plans and safety monitoring. Supplier assurance is also important, with clear communication of expectations and verification of outcomes.
Preparing for Quantum Threats
Another topic is quantum computing. There is a risk that existing cryptography becomes obsolete or broken due to quantum computing. To prepare, organizations should modularize cryptographic technology so that it is replaceable and can be swapped for quantum suitable cryptography when needed. Quantum readiness will be crucial.
Global Approaches to Automotive Cybersecurity
Globally, different markets approach security differently. In the US, entrepreneurial and organizational culture leads to a more guidance driven approval style, faster and smaller feature development, faster commercialization, and a strong focus on OTA updates. Regulations around SBOM and incident reporting are developing quickly. There is also a stronger startup and security ecosystem.
China invests heavily in infrastructure, smart cities, and vehicle to X deployment. Data localization rules and in country operations create a more controlled environment that allows national response to cybersecurity threats. China also pushes for national cryptography. Overall, it takes a centrally driven approach.
Japan and South Korea are similar to Europe, with emphasis on OEM supplier integration, disciplined processes, strong coordination, and high focus on functional safety.
In the Middle East and GCC, development centers on smart mobility, centralized infrastructure, and city level monitoring, enabling coordinated response.
Key Areas of Focus for the Future
In summary, one of the most important areas to focus on is continuous security by design. Traceability across data and security claims is essential so that changes can be addressed quickly. Signing logs, SBOMs, fuzz coverage, and red team reports should link to security claims.
Crypto agility will matter because vehicles will remain in service for many years. Backend and data pipeline security are critical, as they represent major attack surfaces. Safety and security should be reviewed together throughout all phases, including OTA.
Incident response drills across the organization, including drivers and dealers, and the ability to stage OTA updates and rollbacks are essential. These areas are key to staying ready for what is happening in the market.
