Europe Sub Menu Opened
Americas Sub Menu Opened
Asia & Pacific Sub Menu Opened
India & Middle East Sub Menu Opened

Africa
Automotive

Why Cybersecurity Is the New Horsepower in Software-Defined Vehicles

favorite page unfavorite page
favorite page

Today’s cars are basically computers on wheels. Software powers features like lane-keeping, adaptive cruise control, smartphone integration and with over-the-air updates, manufacturers can fix bugs or add new features without a trip to the dealership. As we move toward software-defined vehicle and self-driving vehicles, software isn’t just part of the car—it is the car.

The automotive software boom has created entirely new feature sets and functionality. Tesla has pioneered the use of Over-the-Air (OTA) updates to securely enhance vehicle functionality and performances, while Audi is deploying cellular Vehicle-to-Everything (C-V2X) communication to improve road safety.

These breakthroughs are part of a broader digital transformation, where vehicles are evolving into sophisticated, connected systems—integrating technologies like OTA, V2X, sensors, cloud, and edge processing. This shift is not just about convenience or personalization; it’s about embedding intelligence and autonomy into the driving experience. However, with this transformation comes a new frontier of risk: cyber threats targeting the vast software and electronic architecture within modern vehicles.

Cybersecurity is integral to automotive quality. Recognizing this, standards like ASPICE have introduced a dedicated “Cybersecurity Engineering Process Group” to ensure that security is embedded into every stage of vehicle development.

As vehicles evolve into rolling data centers, cybersecurity has become as critical as horsepower or fuel efficiency. According to McKinsey, modern cars can contain over 100 million lines of code, and by 2030, software will account for up to 30% of a vehicle’s total value. This digital transformation—driven by autonomous, connected, electric, and shared (ACES) technologies—making vehicles high-value targets for cyberattacks. “Cybersecurity is becoming a new dimension of quality for automobiles,” McKinsey notes, emphasizing that vulnerabilities in connected systems can compromise not just data, but human lives.

Reinforcing this urgency, IBM’s Cost of a Data Breach Report 2024 reveals that the average cost of a data breach in the transportation sector exceeds $4 million, and a third of organizations are increasing their application security budgets by more than 5% to mitigate these risks. Delays caused by late-stage vulnerabilities can push vehicle launches back by up to a year—costing millions in lost revenue.

With the UNECE WP.29 regulations mandating cybersecurity and over-the-air (OTA) update capabilities for market access, Original Equipment Manufacturers (OEMs) and suppliers must now embed security into every layer—from chip to cloud. In this high-stakes environment, robust cybersecurity isn’t just a risk mitigator—it’s the foundation of trust, compliance, and profitability in next-generation mobility.

Core Challenges Faced by Automotive Leaders

  • Complexity of Software-Defined Vehicles (SDVs): Transitioning from hardware-centric to software-defined architectures, along with a higher degree of connectedness, increases system complexity. This creates additional threat surfaces and vulnerabilities, requiring new development paradigms and toolchains to be safe and secure.
  • Fragmented Toolchains and Ecosystems: Disparate tools, lack of standardization across suppliers, and internal development team makes it deploy security tenets consistently. .
  • High Cost and Risk of Autonomous Vehicle/Advanced Driver Assistance System (AV/ADAS) Development: The autonomy features make intensive use of connected features and often exposed the core vehicle computing brain to software components residing outside the vehicle. Developing autonomous and ADAS features is capital-intensive, with long validation cycles and high safety requirements.
  • Data Management from Edge to Cloud: Data being the fuel for the new economy, the connected vehicle becomes a good source of revenue. Managing and analyzing massive volumes of sensor and vehicle data across the lifecycle—from development to post-sale—enhances the risk of cyberattack.
  • Sustainability and Regulatory Compliance: Meeting global emissions, safety, and security regulations while innovating is a critical aspect of design, development of operation of vehicle.

Strategic Steps to Strengthen Cybersecurity in SDVs

To ensure that the weakest link in the system doesn’t become a gateway for malicious actors, automakers and their technology partners must adopt an integrated approach to cybersecurity—embedding defense mechanisms during vehicle design, development and throughout its operational lifecycle. As threat surfaces and vectors evolve, both in-car and out-car infrastructures must be agile, predictive, and responsive.

Here are five strategic steps to address cybersecurity challenges while enabling scalable, secure SDV development:

1. Build a Flexible and Intelligent Security Infrastructure (In-Vehicle and Beyond)

  • Challenge Addressed: Fragmented systems, growing attack surfaces, and lack of real-time protection.
  • Solution: Robust E/E architecture  to consolidate compute domains (cockpit, ADAS, telematics) with embedded security. Extend this with chip-to-cloud cybersecurity engineering to ensure secured personalisation, updates, and  autonomy.
  • Outcome: A unified, integrated design approach and intelligent infrastructure that supports secure feature deployment, as well as predictive and real-time threat identification and mitigation.

2. Continuously Scan for Emerging Threat Vectors and Regulatory Shifts

  • Challenge Addressed: Rapid evolution of cyber threats surfaces and compliance requirements.
  • Solution: Integrate AI-driven threat intelligence and regulatory monitoring into the vehicle  lifecycle. Use the SDVerse Automotive Marketplace to access up-to-date security validated third-party components, cybersecurity monitoring and compliance tools.
  • Outcome: A proactive security posture that evolves with the threat landscape and ensures global regulatory compliance.

3. Implement an Intelligent Response Management System

  • Challenge Addressed: Delayed detection and response to breaches, leading to financial and reputational damage.
  • Solution: Deploy a proactive and reactive response system using behavioral analytics, anomaly detection, and automated containment protocols. Integrate with cloud-based incident response platforms.
  • Outcome: Rapid breach containment, reduced downtime, and minimized financial impact.

4. Accelerate Secure SDV Development with Reference Frameworks

  • Challenge Addressed: High cost, complexity, and time-to-market for AV/ADAS features.
  • Solution: Adopt a cost-effective AV/ADAS reference framework that includes pre-validated security modules, simulation environments, and compliance checklists.
  • Outcome: Faster, more secure development cycles with reduced R&D overhead and improved feature reliability.

5. Enable Secure Collaboration Across the Ecosystem

  • Challenge Addressed: Disconnected toolchains and vendor lock-in.
  • Solution: Use the SDVerse Automotive Marketplace to foster secure, modular collaboration between OEMs, Tier-1s, and software vendors.
  • Outcome: A scalable, interoperable ecosystem that accelerates innovation while maintaining rigorous security standards.

Operationalizing Cybersecurity: The Role of SOCs and Industry-Adapted Solutions

While strategic frameworks and secure-by-design principles lay the foundation for cybersecurity in Software-Defined Vehicles (SDVs), operational execution is equally critical. A dedicated Cyber Defense Team and Incident Response Team, together forming a Security Operations Center (SOC), are essential to monitor, detect, and respond to threats in real time. These teams ensure that the strategic steps—like continuous threat scanning, intelligent response, and chip-to-cloud protection—are not just theoretical but actively enforced across the vehicle lifecycle.

The encouraging news for automakers is that many of these cybersecurity models are already mature in adjacent industries such as mobile, cloud, and IoT. The challenge lies in contextualizing and adapting them to the unique demands of the automotive domain—where safety, real-time responsiveness, and regulatory compliance are non-negotiable.

At Wipro, we recommend collaboration with a robust ecosystem of partners, to bring proven capabilities and solution blocks tailored for the SDV era, including:

  • In-Vehicle Platform Security: Secure boot, Engine Control Unit (ECU) hardening, Hardware Security Module (HSM) and domain isolation.
  • Cloud and Edge Security: Secure data pipelines, encrypted OTA updates, and cloud-native threat detection.
  • Data and Identity Management: Role-based access control, digital twins, and secure credentialing.
  • Dedicated SOC for Automotive: Real-time monitoring, threat intelligence, and incident response tailored to vehicle platforms.

We recommend a Connected Automotive Security solution that is built on a ‘Secure-by-Design’ philosophy—that delivers a high-assurance, chip-to-cloud security framework. It leverages advanced cryptographic techniques, AI-driven threat analytics, and a broad partner ecosystem to enhance digital customer experiences while ensuring the safety and integrity of vehicle operations.

Cybersecurity: The New Engine of Automotive Innovation

As vehicles evolve into intelligent, software-defined platforms, cybersecurity is no longer a back-end concern—it is the engine of trust, safety, and innovation. Although the convergence of AI, cloud, and edge technologies has unlocked unprecedented personalization and performance, it has also expanded the attack surface. To navigate this complexity, automakers must embed continuous vulnerability assessments, proactive incident response systems, and predictive threat intelligence into every layer of the vehicle lifecycle.

AI is now at the heart of this transformation, enabling real-time threat detection, adaptive user experiences, and secure data management. These capabilities not only protect users but also create new revenue streams and brand differentiation. In this high-stakes environment, a robust, multilayered cybersecurity strategy is essential for sustainable growth, regulatory compliance, and customer loyalty.

Cybersecurity is the new horsepower accelerating us toward the future of mobility.

About the Authors

Ritesh Kulkarni
Sr. Partner, Automotive - Wipro Consulting 

Ritesh Kulkarni leads the Automotive Consulting practice in Wipro. With over 30 years of consulting and industry experience in the automotive and Industrial sectors, he focuses on strategy deployment, digital transformation and value chain innovations and has worked across the full value chain with global automotive OEMs and suppliers.

Dr. Swarup Mandal
Global Head Automotive, Wipro Engineering

Dr. Swarup Mandal has over 30 years of experience in the automotive industry. He has built and led large teams that deliver technology and engineering solutions to help global clients succeed in this sector. He has filed 12 patents in the automotive engineering domain and has contributed to the formulation of technology standards, including those published by ISO/SC7 work groups.

X

popup-image