Automation Software is Impacting Employment in the Automotive Industry
What are the key considerations in developing cybersecurity software for the automotive industry? How can automotive software reinvent the industry's safety standards?
Historically, in-vehicle cyber-security was strongly focused on hardening mechanisms for cyber-security. Technologies like end-to-end protection of communication, and protection of executable code against modification are key to this. These will remain essential technologies in the future and are simply part of best practices for cyber-security. With increased connectivity and greater market penetration of update capabilities, the attack surface of vehicle fleets increases significantly with the increasing software complexity. As there will never be systems that are 100% secure, detection mechanisms for cyber-security will gain importance to gain insights into possible breaches of security in vehicle infrastructures. Technologies like Intrusion Detection and Prevention Systems (IDPS) are essential to this. Additionally to this, of course, the UNECE regulations have put more stringent requirements on the development processes of automotive software to mandate cyber-security considerations in the development of automotive software.
What are the implications of the growing trend of software-driven vehicles (SDV) for road safety and cybersecurity? What infrastructure and technology are necessary for the efficient operation of SDVs?
Regarding safety, we have to clearly separate the aspects of classical functional safety and of safety-of-the-intended-function (SOTIF). For classical functional safety (i.e. specified by ISO26262), the base processes do exist, are established, and can also be applied to updateable systems. They are not fundamentally wrong. However, for (partially) updateable systems some key assumptions of the past do not hold anymore (e.g. the complete system is pre-validated in the lab and then the software is installed via a trusted distribution channel). As a result, aspects of the update path that were previously not safety-relevant may get a safety allocation in the future.
The software-defined vehicle trend is centered around speeding up time to market for software innovation.
For SOTIF (ISO21448) the situation is different. Qualification of Autonomous Driving software and its proof of safety still remains a challenge. SOTIF already today is looking at “safety operations” of vehicles to mandate e.g. immediate OTA update to disable functions that have been discovered to be unsafe. Although the automotive industry, in our view, does not need to reinvent safety standards, the development models to create proof of safety need to be significantly sped up. The trend towards (semi-)automatic re-certification of safety-relevant software can be observed in the market today, to allow for faster release cycles also of safety-related software.
How can we address the potential challenges and risks associated with the widespread adoption of automation software in vehicles? What advancements or developments do you anticipate in the field of automotive software in the next five years?
The software-defined vehicle trend is centered around speeding up time to market for software innovation. Almost all activities around the SDV support this value proposition. The biggest trends observable today are the transition towards cloud-based development and testing to allow for a) better scalability of developer seats and test capacities b) earlier testing especially without hardware and c) more streamlined release processes as part of globally distributed CI/CT/CD pipelines. In addition to that the Automotive software platforms commonly referred to as “Automotive Operating System (OS)” aim at reducing variants and establishing a harmonized middleware across the ECUs in a vehicle. The goal is to decouple the lifecycles of hardware, software platform, and functions.
"The automation of development, integration, and testing in the development process can be observed throughout the industry and also affects the software architectures of ECUs"
How do you see the integration of automation software in the automotive industry impacting job roles and employment in the sector?
The automation of development, integration, and testing in the development process can be observed throughout the industry and also affects the software architectures of ECUs. Modularization, packaging, and containerization aim at keeping systems partially and independently updateable. These technologies have a fundamental impact on how software for ECUs is built. As it is one of the deciding factors of how fast new software can be released, this will be a key skill for many automotive software companies. Additionally, the supply chain is fundamentally impacted. OEMs are taking more ownership of software and software is increasingly ordered directly by OEMs rather than through Tier 1s through ECU projects. As a result, automotive companies remain in a fight over talent on all tiers of the supply chain to retain their position in the market.