There is no doubt that autonomous driving is one of the most significant technological revolutions in the field of mobility. The vision of self-driving vehicles can be examined from various perspectives: technologically, in terms of new comfort in the vehicle, or in terms of new ways of monetization. But especially from a security perspective — and specifically cybersecurity — autonomous driving is a game-changing challenge. After all, self-driving vehicles are nothing more than data centers on wheels. Although there has been a certain degree of disillusionment in vehicle development and the automotive industry over the past decade regarding the pace of progress and the adoption rate of the associated technologies, one thing is certain: autonomous driving has the potential to turn our entire understanding of mobility upside down. Sooner or later, cybersecurity will be the key to this. Ergo, this is what this article is about.
Philipp Veronesi
Vehicles that navigate safely through traffic without human intervention are no longer the stuff of science fiction. Advances in artificial intelligence, sensor technology, and vehicle connectivity have now laid the foundation for impressive levels of automation, as demonstrated by the highly acclaimed Waymo vehicles and the regular publicity-grabbing announcements made by some OEMs.
Side note: Autonomous driving and the levels of vehicle automation at a glance
In order to establish a common understanding in advance, here is a brief overview of the classification of levels (0-5) in autonomous driving. These are based on the SAE J3016 classification, which provides the standard framework for classifying degrees of automation in autonomous driving.
- Level 0: no automation, complete control of the vehicle by the driver.
- Levels 1–2: Partial automation, e.g., lane departure warning systems or adaptive cruise control, where the driver must ensure that the systems are monitored at all times.
- Level 3: Conditional automation – in defined scenarios, the vehicle takes over the driving task, but the driver must remain ready to intervene and be able to take back control when requested.
- Level 4: Highly automated driving – the system operates completely independently under certain conditions (e.g., location and speed range), eliminating the need for human monitoring and intervention.
- Level 5: Fully automated driving in all environments and situations – without a steering wheel, pedals, or any human control responsibility whatsoever.
From the euphoria of earlier years to reality: when will fully autonomous driving finally arrive?
The idea of autonomous vehicles in normal road traffic, especially at levels 4 and 5, is extremely attractive from various perspectives. Autonomous vehicles promise more efficient mobility by calculating more efficient routes, optimizing energy consumption, and minimizing traffic jams. They can (in theory) make a decisive contribution to road safety. Inaccuracies attributable to human error – currently still the main cause of too many road accidents – could be drastically reduced thanks to the precision and reliability of automated systems. At the same time, autonomous driving is seen as a door opener for new comfort in vehicles. The entertainment industry is already on standby.
This potential has prompted car manufacturers, technology companies, and governments around the world to invest in research and development in autonomous driving.
Nevertheless, autonomous driving remains an immense challenge in terms of actual implementation – not least because of a frequently underestimated but crucial aspect: cybersecurity.
Status quo of autonomous driving in 2025
The Waymo vehicles mentioned earlier in this article (a sister company of Google) drive autonomously at level 4 in special, clearly defined pilot zones. In the jargon of automated driving functions, these are often referred to as operational design domains (ODDs). As of mid-2025, these are only located in districts of San Francisco and Phoenix. Similar zones for autonomous vehicles also exist in China and Japan. Commercial series applications for Level 2 and now also Level 3 functions, such as highway autopilot, have received type approval for public roads in Germany in accordance with applicable UNECE regulations.
Is Level 5 autonomous driving already a reality?
In 2025, vehicles that enable true fully autonomous driving at SAE Level 5 are set to be considered a technological challenge for the future.
However, while the technological basis for autonomous driving has recently been delayed due to complex challenges in the international automotive and vehicle industry, one issue is becoming increasingly important: How can these connected, highly complex systems be protected efficiently and reliably against cyber threats?
Let’s keep going.
The technology behind autonomous vehicles and its impact on cybersecurity
To better understand the cybersecurity requirements of autonomous vehicles, it is worth taking a look at their technical architecture, which differs fundamentally from that of conventional vehicles. There are three basic functional blocks:
- Perception,
- Planning,
- and Control.
In perception, various sensors detect the environment. Cameras provide visual information, radar and LiDAR detect objects and distances, ultrasonic sensors assist with close-range and parking maneuvers, and GPS and high-resolution maps are used for precise positioning.
Modern vehicles combine these different sources, known as sensor fusion, to obtain a complete and reliable overview of the environment. The large number of sensors also creates redundancy – if, for example, a camera is blinded, the radar can still detect a vehicle ahead. (Experts are continuing to discuss Tesla’s approach to autonomous driving systems, which rely exclusively on camera systems.)
The challenge: This variety of sensors also increases the attack surface in the vehicle. Every sensor and its algorithms and functions can potentially be manipulated or disrupted.
It is already widely known, for example, that camera systems can be misled by deliberately manipulating traffic signs. Lasers or strong light sources can blind a LiDAR sensor. False objects can be simulated.
GPS signals can also be falsified using spoofing attacks, causing the vehicle to determine its own position incorrectly.
At the same time, the total number of sensors installed poses certain challenges for vehicle manufacturers in the area of key management when it comes to ensuring reliable encryption of information flows to the control units involved across different manufacturers. See also the discussion of technical risks below.
These examples already illustrate a fundamental security risk of autonomous vehicles. Although the sensor technology of autonomous vehicles is highly developed, it is also susceptible to targeted interference, which can have a direct impact on road safety.
In the subsequent decision-making phase (planning), the sensor data collected is processed by a system, usually with the aid of artificial intelligence. Artificial intelligence, usually in the form of deep learning models, identifies objects (e.g., vehicles, pedestrians) and predicts their movements. This provides the basis for decisions on actions such as lane keeping, overtaking, braking, or evasive maneuvers.
This phase and the systems used are particularly relevant from a cybersecurity perspective. Starting with the training of AI systems. The consequences of dubious training for AI systems can be observed in everyday life, for example in hallucinations in chatbot outputs. The same problem can also occur in vehicle systems. In addition, compromising the algorithms that make decisions here can also have serious consequences.
Another particular challenge is that AI and deep learning models themselves become a potential attack vector due to the way they actually work. They can be manipulated by so-called adversarial AI attacks. These involve misdirecting neural networks through minimal manipulation of the input data (which is often not even detectable by humans). This can compromise subsequent decision-making and lead to dangerous misactions.
This attack scenario is particularly explosive because attacks are difficult to detect and do not require direct intrusion into the systems. This highlights the enormous importance of security in the development of AI systems. The failure to take cybersecurity into account in AI development poses an unacceptable risk.
Accordingly, these systems must be developed in an interdisciplinary manner, extensively tested, and validated to ensure that they respond correctly even in unusual situations (this is where the term “safety of the intended functionality,” or SOTIF, comes from the field of functional safety SOTIF, comes into play here – protection against unintended malfunctions).
In the vehicle control phase, the calculated decisions are finally transferred to the level of mechanical movement and physical action: steering, engine, brakes, etc.
Here, the other electronic control units (ECUs) involved in the journey are addressed. What used to be the driver pressing the accelerator or brake pedal is now replaced by electronic systems. This is referred to as the “drive-by-wire” concept.
Highly reliable, redundant systems that allow intervention in the vehicle control system are essential for autonomous vehicles. For example, dual brake control is often installed so that if one unit fails (or is compromised by an attack), the second can take over (fail-operational principle). This also changes the network architecture, as the internal networking of an autonomous vehicle is highly complex. (Experts immediately recognize the points of contact here in the interaction between Cybersecurity and Functional safety.)
In addition to traditional bus systems such as CAN (with its well-known limitations), faster automotive Ethernet networks are now increasingly being used. They transport the enormous amounts of data between sensors, central computers, and the units that convert electrical signals into mechanical movements. Established protection mechanisms that could still be used for CAN bus systems are not directly transferable to the new world of automotive Ethernet networks; other security controls must be used instead.
Historically, driving functions were divided among many small, distributed control units. However, in the course of the development toward the so-called “software-defined vehicle,” the trend is toward consolidating more and more functions in powerful domain controllers or central high-performance computers.
For example, there may be a central ADAS computer for all autonomy functions and an infotainment computer for the cockpit and entertainment. This consolidation of systems enables performance improvements (e.g., faster data processing, easier updates), but also harbors additional and new cyber risks. In the event of an incident, an exploited vulnerability in a central computer can affect more vehicle functions than the compromise of a single ECU in the past. At the same time, it can be assumed that the increasing complexity of these new “super ECUs” will be accompanied by the risk of additional vulnerabilities and threats.
However, new protective mechanisms are already widely available to address this new risk. For example, virtualization and strict partitioning are often used in security architectures to logically separate different functions (security-critical processes are separated using hypervisors).
Overall, it can be said that the more connected and software-intensive a vehicle is, the more similar its requirements become to those of IT systems. Accordingly, the concepts of “security by design” must also be increasingly incorporated into the development of vehicle E/E architectures.
In detail, what are the (technical) cybersecurity risks associated with connected autonomous vehicles?
As already mentioned, the connectivity required in autonomous vehicles creates a broader attack surface for cyberattacks, new risk factors, and a dramatic increase in the resources required for cybersecurity.
This is logical, because while conventional vehicles were largely isolated mechanical systems, autonomous vehicles communicate continuously with their environment via various interfaces and, as a rule, with other systems, often in the cloud. The increased complexity in dealing with different sensor data and signals, combined with expanded connectivity, opens up numerous gateways for cyberattacks that simply did not exist in the past.
The following is an initial overview.
Wireless attack vectors
Disruption of the sensors involved: Initially surprising for automotive engineers: In the present and future of autonomous driving, the manipulation of sensor data and signals, as described above, is a new dimension of attack that requires the utmost attention. The possibilities for manipulation are immense: from drones that project fake speed signs that look deceptively real to adversarial AI attacks.
Mobile communications and telematics vulnerabilities: Modern vehicles use mobile communications connections for telematics and infotainment services. This permanent internet connection makes vehicles targets for remote attacks. It has already been demonstrated how the mobile communications network and vulnerabilities in telematics can be used to access control units, the entire vehicle network, and critical driving functions.
Wi-Fi and Bluetooth exploits: The integration of Wi-Fi and Bluetooth interfaces, for example for smartphone pairing and workshop diagnostics, creates further attack vectors and new cyber risks. These short-range connections can be exploited by attackers in the immediate vicinity to gain access to vehicle systems or unauthorized access to data.
V2X communication as a weak point: Vehicle-to-everything (V2X) communication via standards such as IEEE 802.11p or Cellular V2X poses particular risks. The theoretically conceivable attacks are virtually limitless. Attackers could, for example, send fake position reports or warnings to cause vehicles to make incorrect maneuvers. Possible scenarios include: manipulation of traffic flow data through false traffic jam or accident reports, distributed denial-of-service (DDoS) attacks by flooding the network with false V2X messages, or Sybil attacks, in which an attacker creates multiple false identities on the network. Data transmitted via V2X can also be stolen, falsified, or altered by malicious attackers. In addition to vehicle safety risks, this opens up entirely new areas of cybersecurity, such as user privacy violations and data protection issues.
Software update vulnerabilities, e.g., over-the-air (OTA) updates: Regular updates to vehicle software, e.g., via OTA updates, are becoming a basic requirement for autonomous driving, but at the same time create new attack vectors. Insecure update mechanisms without strong encryption or signature verification can be used to inject malicious firmware into the vehicle. In the worst case, a compromised update server could distribute malware to thousands of vehicles simultaneously.
Physical attack vectors
The car is locked, right? For vehicles of the past, this usually provided a sufficient level of protection. However, with autonomous vehicles and the aforementioned multitude of control units and communication mechanisms, the risk of physical access to these components takes on a new priority. Even today, serious attacks on vehicles can be carried out by gaining physical access to certain parts of the electronics.
OBD-II diagnostic port: The OBD-II diagnostic port found in every vehicle provides direct physical access. Without adequate access controls, malware can be injected directly into poorly protected control units. This interface is particularly dangerous because it was originally designed for maintenance purposes and is often inadequately secured. At the same time, autonomous vehicles with their built-in sensors and cameras are turning the automotive world upside down. There are numerous examples of this in practice, such as when a third-party supplier replaces a windshield and the OEM-secured camera needs to be recalibrated.
External data carriers: USB ports and SD card slots on the infotainment system offer further points of entry. A prepared data carrier can introduce malware that then spreads throughout the vehicle network. This attack method highlights the overlap between traditional IT security and automotive security.
Cloud infrastructure risks
In addition to the general security requirements for IT infrastructures in the field of IT security, the constant transfer of data between the vehicle and the cloud backend requires a tamper-proof connection between the backend and the vehicle without any gaps or vulnerabilities. This applies to the execution of functions, diagnostic purposes, updates, and upgrades.
Recent hacks and cybersecurity incidents already underscore the urgent need for action in this area. A case published in early 2024 illustrates the scope of the problem: At a major automotive manufacturer, location data for approximately 800,000 vehicles and the associated customer data were stolen via a misconfigured cloud database.
Internal network attacks
If an attacker manages to gain access to the internal vehicle network (for example, via one of the entry points mentioned above), further possibilities open up.
Without additional protective mechanisms, a compromised control unit on the CAN bus can send virtually any message and thus manipulate other components. This may sound abstract, but it can cause far-reaching security risks, especially in fully autonomous systems, e.g., by simulating false speed values or sending unauthorized commands to the brakes or steering.
A well-known risk here is replay, the repetition of messages: An attacker records valid messages (such as “lock driver’s door” or “turn off engine”) and sends them again later to trigger functions without authorization.
Traditional vehicle buses such as CAN or LIN have no built-in encryption or authentication. This means that every node trusts the validity of messages on the bus – a concept that is considered outdated in the connected world, which is governed by the principles of information security. Modern approaches therefore attempt to introduce message authentication codes and segmentation to secure internal networks according to the zero trust principle (no internal system is “blindly trusted” without authentication).
Autonomous driving and new risks in the supply chain?
The multi-layered value chain of the automotive and vehicle industry (especially in the complexity of autonomous driving, where many new players are also expanding the market) represents an often neglected attack vector.
Components that are reused across multiple models and manufacturers can introduce vulnerabilities and security gaps into millions of vehicles simultaneously without being noticed. Third-party systems, components, and algorithms may unintentionally or deliberately contain vulnerabilities and malicious functions. This means that risks may only become apparent after the vehicle has been delivered.
The entire product lifecycle of hardware and software components is particularly important in terms of cybersecurity. Cyber risks or even potential attack vectors can arise during development, manufacturing, or logistics. They can also be introduced by backdoors in the software. The use of open-source software and libraries is a topic for discussion here. Or even consider a geopolitical dimension, a consideration that may have caused the US government to ban components from China and Russia in US vehicles.
Within the value chain, the clear allocation of responsibility for cybersecurity is a critical area for action. This is particularly important with regard to continuous cybersecurity activities and smooth incident management.
At the same time, against the backdrop of an economically tense situation across the industry, there is extremely high heterogeneity in the maturity levels of cybersecurity standards among suppliers, both in terms of organization and processes, but especially with regard to structured, consistent, and needs-based V&V measures.
Regulation and standardization as (effective) drivers for automotive cybersecurity in autonomous driving?
Accordingly, global regulations such as UN Regulation No. 155 (Cybersecurity Management System) and its global counterparts to UN R155 aim to professionalize the consideration of cybersecurity in vehicles and supply chains.
Particularly in the case of the increasingly differentiated technologies of autonomous driving, in which information technology systems form an integral part, these regulatory and standardization efforts are intended to serve as a binding benchmark for uniform security levels. Different approaches can be observed globally, such as the Chinese automotive cybersecurity guideline GB 44495, which places a special focus on testing.
Although OEMs and suppliers are subject to certain obligations with regard to cybersecurity, the path forward is clear: compliance should serve as a tool to promote trust in autonomous driving functions and enable innovation on a reliable cybersecurity foundation. (At the same time, experts already agree that the field of automotive cybersecurity will see further guidelines and expansions in the future, going beyond ISO/SAE 21434 Second Edition (expected in 2028).)
Final thoughts: Working together toward the future of autonomous driving
The vision of autonomous driving holds enormous potential, but it also requires immense effort, especially in the area of cybersecurity. Close cooperation between OEMs, technology developers, regulatory authorities, and all other stakeholders will be essential as we continue on the path to Level 5 vehicles. This is particularly true with regard to cybersecurity requirements. Even now, a number of players in the value chain are reaching the limits of what is feasible with established products when it comes to the necessary handling.
Based on our observations in discussions with internationally active automotive engineers and cybersecurity managers for organizations and development projects, we have derived the following general recommendations for action.
Best practices for greater cybersecurity in autonomous driving
The realization of autonomous driving is a major undertaking that goes far beyond the automotive industry. Nevertheless, given the immense importance of cybersecurity requirements today, it is essential to take the right steps now. And not just when the first self-driving car is hacked, but in all structural decisions, processes, and engineering activities that precede it, in order to systematically prevent this risk from the outset.
This includes:
Awareness at C-level and project level: Successfully raising awareness among top management is crucial to providing the necessary resources for adequate and early consideration of cybersecurity. Just as the business-critical importance of software for industry has only gradually been recognized, the same now applies to cybersecurity. Management and project decision-makers must not only understand the importance of cybersecurity in development, but also actively incorporate it into strategic decisions – even in economically challenging times.
Sound basic knowledge for everyone: With the UN R155 Cybersecurity Management System and ISO/SAE 21434, the industry has created regulatory guidelines to specify cybersecurity requirements. Now these guidelines “only” need to be implemented correctly in practice. To do this, the necessary understanding, implementation knowledge, and practical execution must be ensured throughout the company. This is the only way to guarantee cybersecurity throughout the entire lifecycle of a vehicle and its installed components and systems.
Process-based course setting for cybersecurity: At the same time, cybersecurity must never be viewed as an isolated to-do item. Instead, processes must be approached holistically. One example of this is the cybersecurity extension of the ASPICE model. Such processes then continuously ensure that cybersecurity is centrally anchored in products, development projects, and at the organizational level. Particularly with regard to new software architectures and the integrative use of AI, current development processes are often no longer viable. The additional proper consideration of cybersecurity is then often almost impossible.
Consider cybersecurity in an interdisciplinary manner in all project phases: In all phases of a development project, the right steps must be taken with regard to cybersecurity and their correct implementation must be monitored. This applies to classic developments and their critical phases (such as Item Definition in accordance with ISO/SAE 21434) as well as to off-the-shelf and out-of-context components. The application of ISO/SAE 21434 is also advisable for developments that were started before the standard was published. Verification of compliance with the required security requirements is essential.
Empower interconnected cyber risk assessments: With the right approach to the TARA methodology, which should always be viewed as a living document, much has already been achieved. In addition to avoiding pitfalls in risk assessment, consistency, cooperation, and communication should ensure that any gaps are systematically closed in a collaborative manner. Against the backdrop of autonomous vehicle systems in particular, OEMs and their suppliers are facing new requirements for cooperation. Collaborations familiar from information security, such as sharing security incidents, handling in the CVE database, processes for monitoring and incident management, etc., are more and more recognized as added value by the automotive and vehicle industry and must be put into practice now.
So, advancing technological development and sustainable cybersecurity management are clearly inextricably linked. They must go hand in hand.
Ready to make things happen?
