Connected Vehicles

A roadmap to flexible security and control over a connected vehicle’s lifetime

Market Overview and Challenges for Connected Vehicles

A connected vehicle is one which communicates with other devices / objects, and enables connected services, primarily through mobile networks. 

While new connected car applications are emerging at an exponential rate, current use cases fall into one of the following categories: 

  • Mobility management – e.g. real-time traffic alerts, fuel consumption data etc. 
  • Vehicle management – e.g. vehicle diagnostics and maintenance, tracking stolen vehicles. 
  • Safety – e.g. vehicle condition alerts, external hazard alerts, eCall.
  • Entertainment – e.g. high-resolution video and music streaming, WLAN hotspot. 
  • Driver assistance – e.g. autonomous driving, parking assistance. 
  • Driver well-being – e.g. fatigue detection, automatic climate control to ensure optimal driving conditions.

Despite significant advances in the status of connected car development, there are a number of security and functional requirements that are critical to successful mass market delivery. These include:  

Flexible connectivity – advanced in-car services and the trend towards autonomous driving are resulting in new communication requirements for vehicles. Ultra-reliable network connectivity is a critical success factor.

Data authenticity and integrity – the implications of data tampering, manipulation and spoofing are potentially disastrous in the context of automated mobility. It is critical to ensure the integrity and accuracy of data that is stored and transmitted.

Privacy breaches – connected vehicles collect and communicate vast swathes of data, particularly regarding a user’s location and behaviour. Vehicles must offer flexible connectivity while protecting the data stored on the vehicle and exchanged over the network.

Hacking and hijacking – if attackers can command control of a vehicle, or even an entire fleet, there is potential to remotely hijack and subsequently steal or crash the vehicle. Advanced security is required to prevent this.

Remote management – the average age of a car on the road is nearly 12 years. Beyond initial personalisation carried out post-production, it will be necessary to perform various mobile network operator (MNO) profile changes, software, firmware and application updates and upgrades during the lifespan of a connected vehicle. These must be executed efficiently and securely.

Why eSIM technology? eSIMs, sometimes referred to as eUICCs, are already being utilised by vehicle manufacturers across the globe to overcome many common security and logistical challenges associated with connected car deployments.  eSIMs are physical hardware products which support the execution of sensitive applications and combine that ability with support for Over-The-Air (OTA) remote SIM provisioning and management. It is a separate tamper resistant hardware module with its own processing power and data storage and is therefore isolated from those resources of the device, protecting data and keys stored and executed within it against hacking, tampering and unauthorised access. It is also certifiable and specified by the GSMA. 

When correctly developed, implemented and distributed, eSIM solutions are uniquely positioned to deliver the advanced security required y connected vehicles, to address hacking, privacy, authenticity, integrity and anti-piracy among other security requirements.  In parallel, the security of mobile networks has been proven over decades. A particular feature of their success has been device and network authentication, which ensures that only authorised devices are connected. This offers lower costs and reduces the risk of security breaches in connected vehicle networks.

In summary, eSIM technology can help by providing:

  • Authenticated and flexible connectivity to mobile networks. 
  • Proven remote profile provisioning and management capabilities. 
  • Advanced remote security and cryptographic services to prevent vehicles and services from attacks and to promote user privacy.
  • Soldered form factor 
  • Reduced servicing requirements and costs. 
  • Immediately available solutions with an established and security-certifiable supporting infrastructure

Why Trusted Connectivity Alliance?

The reliance of connected car deployments on evolving mobile technologies and the growing importance of security spanning all use cases, means that the existing assets of the SE industry are critical to the continued expansion of this ecosystem. 

These assets include:

  • The most widely distributed secure application delivery platform in the world.; 
  • An established IT infrastructure capable of remotely managing the lifecycle of global SIM / eSIM deployments;
  • An advanced understanding of mobile connectivity / MNO requirements; 
  • Developed trust relationships with MNOs;
  • A long established and secure process landscape.

Secure element (SE) vendors have the most extensive and proven experience in providing secure operating systems for SIM / eSIM, secure subscription and data management services, remote provisioning capabilities and a comprehensive understanding of MNO requirements, built over many decades and founded on a trusted relationship. 

These core competencies can be transferred and tailored to various IoT and M2M use cases, such as connected cars, leaving the SE industry best placed to deliver the strongest available vehicle security, as well as reduced complexity for both consumers and manufacturers.