Trinitytec 2022-11-11 01:54:04 阅读数:920
Today, new car buyers are focusing more on the "digital cockpit ecosystem experience" than on traditional features like horsepower and fuel economy.The automotive industry has made it a requirement of limited consideration to provide this experience through a fully connected in-vehicle infotainment (IVI) system consisting of a touchscreen display, voice commands, and integrated infotainment features.
End consumers are increasingly expecting an experience connected to their "digital ecosystem".The "digital cockpit" is the core of the in-vehicle infotainment system and is becoming the main differentiator for major OEMs and their car brands.
IVI is a combination of vehicle systems used to provide the occupants of the vehicle with audio and video interfaces and control elements—touchscreen displays, button panels, voice commands, and more.
The following is a brief description of the components or modules that make up the "Digital Cockpit":
According to a recent analysis by industry research firm Frost & Sullivan, "connected cars" will account for nearly 86 percent of the global auto market by 2025.In the same year, the IVI market is expected to reach $42.7 billion.
However, it is true that the IVI system itself, in conjunction with third-party applications, creates a large number of vulnerability threat points for cybercriminals.OEMs and Tier 1 suppliers of IVI systems in the automotive industry must work hard to ensure that the embedded code within these systems meets safety-critical standards.Doing so helps avoid recall costs and business reputational impact.
It can be said that a connected vehicle is a four-wheeled computer connected to the Internet through an IVI system.In addition, since the IVI system is part of the in-vehicle network, hackers can use the system to control the driver's smartphone, obtain personal information, manipulate vehicle safety-critical system functions, program system updates, etc., creating many vulnerable threat points..Therefore, IVI system development practices must adhere to coding standards and guidelines.
Additionally, two recent initiatives are expected to benefit the IVI system, the ISO/SAE 21434 standard and the United Nations Economic Commission for Europe (UNECE) WP.29 regulation.The two standards complement each other and prepare the automotive industry for a new generation of connected cars.
ISO/SAE 21434 builds on its predecessorBased on ISO 26262, excluding software development and subsystems.ISO/SAE 21434 focuses on the cybersecurity risks inherent in the design and development of automotive electronics.The automotive software security standard ISO/SAE 21434 provides a structured process to ensure that cybersecurity issues are considered throughout the life cycle of an automotive product.
Unlike ISO/SAE 21434, the WP.29 regulation recognizes the responsibility of OEMs to manage cybersecurity risks throughout the supply chain.
OEMs and their Tier 1 suppliers need to take steps to avoid the negative impact of vulnerabilities in their IVI embedded software, as attacks could threaten the privacy and safety of drivers and passengers.Cybersecurity incidents can be costly and time-intensive, and can lead to vehicle recalls, ultimately with the worst impact, loss of reputation and loss of organizational efficiency.
Static Application Security Testing (SAST) software testing methodology examines and analyzes application source code, bytecode, and binaries for coding and design to discover security in IVI system softwareVulnerability.The working mechanism behind SAST relies on static analysis tools that check for design and coding flaws.
If you're ready to experience for yourself how Klocwork can help ensure the quality of your embedded software, sign up today for a 10-day Try it for free.
"Original content, please indicate the source"