Customizing Your Car with UDVs – PlaxidityX Ep 1

00:01:15:08 - 00:01:18:11 Host Welcome to cars, hackers and cybersecurity. 00:01:19:00 - 00:01:22:00 Host Here we break down the latest in automotive cybersecurity, 00:01:22:00 - 00:01:25:15 Host helping you stay ahead in building secure connected vehicles. 00:01:27:09 - 00:01:42:22 Host Hi. Today we're discussing the transition from software defined vehicles to user defined vehicles, and how this shift allows drivers to customize their vehicles much like they do with smartphones, creating both new opportunities and cybersecurity challenges. 00:01:42:22 - 00:02:04:10 Host By now, it is unlikely you have not heard the term software defined vehicle. What it means exactly is a matter of perspective. It is widely accepted, though, that the modern vehicle has an ever increasing amount of software code embedded in its components, and a lot of functions that used to be controlled by mechanical or electrical means are now controlled by software code. 00:02:04:12 - 00:02:31:21 Host But beyond that, the software defined vehicle allows for decoupling of hardware and software. In other words, an OEM can update the vehicle functions and even introduce new ones in vehicles that are already on the road. As more and more vehicles are adopting the concept and the implications of this evolution, some would argue revolution are starting to materialize. The conversation starts gravitating into a user defined vehicle. 00:02:31:23 - 00:02:54:11 Host What's that all about? Let's take the mobile phone as a comparison. Many of us would find it difficult to remember what phones were like in those prehistoric times before the smartphone. Back then, a phone's functions and capabilities stayed exactly the same for the life of the device. Years after the purchase date, if you wanted your phone to learn new tricks, you had to go to the store and buy a newer model. 00:02:54:13 - 00:03:19:03 Host The modern smartphone changed all that in two important ways. First, decoupling the phone operating system from the hardware allowed the phone maker to update the system periodically by pushing over-the-air updates. OTA. Many mobile phone makers update their OS at least once a year with new functions and capabilities. Second, phone owners can install apps that are of interest to them. 00:03:19:05 - 00:03:37:23 Host Popularized by Apple with the introduction of the iPhone App Store back in 2008. Smartphone ecosystems today sport millions of apps on online app stores. Every phone user chooses their app combination of choice, and thus no two phones are really the same. Users literally define their own experience. 00:03:39:06 - 00:03:42:07 Host Apps are king now in vehicles too, 00:03:43:13 - 00:03:50:15 Host similar to smartphones. User defined vehicles allow car owners to customize their user experience. 00:03:50:17 - 00:04:17:21 Host Apple and Android users have long been able to leverage Apple CarPlay or Android Auto to mirror apps from the mobile phone into their vehicle. Infotainment system. As long as it's compatible with these platforms. But new vehicle native platforms such as Android Automotive and others promise an even more intuitive user experience, allowing users to install apps of choice directly to the vehicle infotainment system without a need to mirror them from a mobile device. 00:04:19:19 - 00:04:21:21 Host In-Vehicle connected services, 00:04:23:05 - 00:04:48:20 Host the software defined vehicle concept, is riding on another automotive trend. Connectivity. The combination of both is enabling a new business model for carmakers selling connected services. Research forecasts that car companies can generate $1,600 per car from selling connected car services. A car owner does not need to buy all possible features. Instead, they can pick and choose the ones they want. 00:04:48:22 - 00:05:19:01 Host A McKinsey survey finds that connectivity preferences vary widely by regions and customer segments. For example, Chinese consumers prefer advanced technologies such as advanced driver assistance features, while U.S. and German consumers prefer comfort and convenience features such as heated seats and climate control. Consumers also want flexible payment options, as some prefer one time payment for a feature, while others want a service based subscription model. 00:05:19:01 - 00:05:21:07 Host Software updates. Make cars learn new tricks. 00:05:22:16 - 00:05:49:01 Host Many car manufacturers add hardware, sensors and technology into the car design to enable future services. Even before customers buy or subscribe to them. It allows them to keep innovating and offer new services. Because aftermarket enhancements aside, car hardware typically remains the same through the life of the vehicle. The average life of a car on the road is over 12 years, and many vehicles last much longer than this. 00:05:49:03 - 00:06:16:12 Host But once the connected Steve can get software updates over the air, a new dimension of enhancement opportunities opens up. Tesla, which pioneered the Steve in 2012 with the introduction of model S, is typically updating its in-vehicle software every few months, sometimes even faster. But Tesla is not alone. Nio, which is considered by some as the Chinese Tesla, offers its own take on user defined vehicles. 00:06:16:14 - 00:06:39:14 Host NIO sees itself as a user experience rather than a carmaker, and views its customers as users. They push at least 4 to 5 complete software updates a year, and user feedback is what's driving their features and software development process. Feedback is usually collected via the in-car voice assistant system, but also by a user workshops and from user's smartphones. 00:06:39:16 - 00:07:00:01 Host It's then delivered directly to Neo's user advisory board. NIO experience managers are analyzing the feedback, and repeated comments are translated into vehicle improvements via OTA updates within a few months. In 2023, Nio completed ten OTA software updates, including 768 experience improvements. 00:07:01:23 - 00:07:05:01 Host The cybersecurity angle of the user defined vehicle, 00:07:06:08 - 00:07:13:03 Host the evolution of the STB into a udev opens up a whole new car digital experience we never had before. 00:07:13:05 - 00:07:38:11 Host Taking a page from the rise of the smartphone. At the same time, though, it raises cyber security considerations the industry must take into account, allowing car owners to download and install digital apps is creating a new potential attack vector for bad actors. Some apps, even legitimate ones, have less than adequate cyber posture and may bring with it software vulnerabilities or weaknesses that can be exploited to hack into the vehicle. 00:07:38:13 - 00:08:08:03 Host One should also consider the possibility that rogue apps would penetrate the app stores, and cause car owners to inadvertently inject malicious code into their vehicle. Digital apps aside, software updates to vehicles on the road are yet another channel for software vulnerabilities. Carmakers are pushing major software updates multiple times a year. Each such software stack includes new code and could also introduce new or updated software libraries, either open source or commercial. 00:08:08:05 - 00:08:30:23 Host Maintaining the vehicle software cyber posture is becoming not only a moving target, but also a never ending task. In a way, the software development process of the UTB never ends. While traditionally design and development of vehicles and their components are done prior to the start of production, the software of the UTB will evolve and enhance for years to come. 00:08:31:19 - 00:08:37:17 Host That's all for today's episode. Keep your engines running smooth and your cyber defense is sharp. 00:08:37:17 - 00:08:42:05 Host Stay connected by subscribing and visiting placidity. X-Com. 00:08:42:05 - 00:08:46:05 Host Until next time, stay safe on the road and in the cloud.