Application security for automotive IoT

Connected cars have already brought internet access to drivers, but the increasing number of Internet-of-Things-based applications has brought with it a number of vulnerabilities. This graphic, by an application protection company called Arxan, illustrates some of the most glaring attack points on a connected vehicle: mobile apps (presumably if they connect through a smartphone to car communications channel), OBD2, and infotainment systems.

Safety and reliability is a concern for any car owner, but for someone leasing a vehicle, this typically means turning it into the dealer when something breaks down. Concerning safety from a digital standpoint, however, the dealer may not have such a quick fix. Arxan mentions safety in their page related to points on the graphic, including protecting apps for automotive IoT technologies like the mobile apps listed as the first attack point.

OBD2 ports are the second vulnerability, and these have been around in cars since 1996. While that may seem like an advantage given the twenty years car manufacturers have had testing and using such ports, this 20-year window actually opens up the door to hacking modern day connected cars.