28,79 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Fachliteratur
- Sprache: Englisch
Enhance your automotive IoT design and development knowledge by learning vehicle architectures, cybersecurity best practices, cloud applications, and software development processes
Key Features
- Explore modern vehicle architectures designed to support automotive IoT use cases
- Discover cybersecurity practices and processes to develop secure automotive IoT applications
- Gain insights into how cloud technologies and services power automotive IoT applications
- Purchase of the print or Kindle book includes a free PDF eBook
Book Description
Software-defined vehicles, equipped with extensive computing power and connectivity, are unlocking new possibilities in automotive Internet of Things (IoT) applications, creating a critical need for skilled software engineers to lead innovation in the automotive sector. This book equips you to thrive in this industry by learning automotive IoT software development.The book starts by examining the current trends in automotive technology, highlighting IoT applications and key vehicle architectures, including the AUTOSAR platform. It delves into both classic and service-oriented vehicle diagnostics before covering robust security practices for automotive IoT development. You’ll learn how to adhere to industry standards such as ISO/SAE 21434, ASPICE for cybersecurity, and DevSecOps principles, with practical guidance on establishing a secure software development platform. Advancing to the system design of an automotive IoT application, you’ll be guided through the development of a remote vehicle diagnostics application and progress through chapters step by step, addressing the critical aspects of deploying and maintaining IoT applications in production environments.
By the end of the book, you’ll be ready to integrate all the concepts you’ve learned to form a comprehensive framework of processes and best practices for embedded automotive development.
What you will learn
- Explore the current automotive landscape and IoT tech trends
- Examine automotive IoT use cases such as phone-as-a-key, predictive maintenance, and V2X
- Grasp standard frameworks such as classic and adaptive AUTOSAR
- Get to grips with vehicle diagnostic protocols such as UDS, DoIP, and SOVD
- Establish a secure development process and mitigate software supply chain risks with CIAD, RASIC, and SBOM
- Leverage ASPICE and functional safety processes for industry standards compliance
- Understand how to design, develop, and deploy an automotive IoT application
Who this book is for
This book is for embedded developers and software engineers working in the automotive industry looking to learn IoT development, as well as IoT developers who want to learn automotive development. A fundamental grasp of software development will assist with understanding the concepts covered in the book.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Seitenzahl: 489
Veröffentlichungsjahr: 2024
Ähnliche
Building Secure Automotive IoT Applications
Developing robust IoT solutions for next-gen automotive software
Dr. Dennis Kengo Oka
Sharanukumar Nadahalli
Jeff Yost
Ram Prasad Bojanki
Building Secure Automotive IoT Applications
Copyright © 2024 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Group Product Manager: Preet Ahuja
Publishing Product Manager: Suwarna Rajput
Book Project Manager: Ashwin Kharwa
Senior Editor: Roshan Ravi Kumar
Technical Editor: Irfa Ansari
Copy Editor: Safis Editing
Proofreader: Roshan Ravi Kumar
Indexer: Tejal Soni
Production Designer: Nilesh Mohite
Senior DevRel Marketing Executive: Rohan Dobhal
First published: August 2024
Production reference: 1070824
Published by Packt Publishing Ltd.
Grosvenor House
11 St Paul’s Square
Birmingham
B3 1RB, UK
ISBN 978-1-83546-550-9
www.packtpub.com
To my loving wife, Mai, for your support and patience, and to my wonderful children, Mia, Elina, and Alyssa, for your joy and inspiration.
– Dr. Dennis Kengo Oka
To my late father, Eshwarappa Nadahalli, who provided me with boundless love and care throughout my childhood.
– Sharanukumar Nadahalli
To my family. First and foremost, my wife, Stacie. Then, to my four “presidential” daughters: Madison, Reagan, McKinley, and Kennedy.
– Jeff Yost
To my son, Aakash, and daughter, Aaradhya, who are my constant teachers, bringing new lessons and joy into my life each day.
– Ram Prasad Bojanki
Foreword
In their book, Dr. Dennis Kengo Oka, Sharanu Nadahalli, Jeff Yost, and Ram Prasad Bojanki provide a comprehensive overview of developing secure automotive internet of things (IoT) applications, addressing the intricacies and increasing importance of this field as vehicles integrate into the IoT. Understanding the convergence of automotive and IoT domains coupled with cybersecurity is crucial as modern vehicles evolve into sophisticated, interconnected systems.
The development of software-defined vehicles (SDVs), electric vehicles (EVs), connected vehicles (CVs), and increased vehicle automation has led to enhanced features and use cases as well as expanded attack surfaces. For instance, recent API attacks have highlighted vulnerabilities that could potentially affect entire vehicle fleets, underscoring the critical need for robust cybersecurity measures both in the vehicle and the cloud.
This book provides an in-depth exploration of the end-to-end development of automotive IoT applications. It examines current and future automotive technologies, vehicle architectures, and real-world automotive IoT use cases. The authors also address cybersecurity topics and provide insights into standards and methodologies such as ISO/SAE 21434 and secure software development life cycle. Further, the book delves into the complexities of the automotive software supply chain and related cybersecurity risks.
The authors tackle many topics that are often overlooked but highly relevant in everyday work. For example, they provide guidance throughout the different development phases of an automotive IoT application, including system design, vehicle architecture and cloud integration, software component development, deployment, and maintenance within a DevSecOps framework. The book also discusses related aspects such as Automotive SPICE (ASPICE), functional safety, and embedded hardware and software technologies.
For system designers, software developers, security process owners, and practitioners, this book serves as an excellent guide to building secure automotive IoT applications. It offers practical guidance and actionable insights using workflows, tables, diagrams, and illustrations to help you get started. Also, it eases the transition for software engineers from other industries into the automotive sector. Whether your company is in the early stages of developing automotive systems or cloud applications for IoT use cases, this book is an invaluable resource for navigating the complex landscape of automotive IoT.
Dr. André Weimerskirch, VP Product Integrity
Contributors
About the authors
Dr. Dennis Kengo Oka is an automotive cybersecurity expert with over 15 years of experience. He has a Ph.D. in automotive security from Chalmers University of Technology in Sweden. He has worked for Volvo, Bosch Group, and held the role of head of engineering and consulting Asia-Pacific. Some highlights of his career include security research for remote diagnostics and over-the-air updates, co-launching the ESCRYPT automotive security practice in Japan, and standardizing cybersecurity testing. Dennis is on the advisory board for Block Harbor, and with over 70 publications, including his book, Building Secure Cars: Assuring the Automotive Software Development Lifecycle, he is also a frequent speaker at international automotive and cybersecurity conferences.
I would like to express my gratitude to the staff at Packt for their guidance throughout writing this book. My deepest thanks to my co-authors Ram, Sharanu, and Jeff for the amazing collaboration. I would also like to thank my parents, Sven and Etsuko, and my siblings, Alex and Linda, for their unwavering support and encouragement, and for providing an escape to appreciate what truly matters in life.
Sharanukumar Nadahalli is a software engineering manager at Panasonic Automotive Systems of America with over 16 years of experience in the automotive industry. He has held various roles, including SW developer, technical leader, product architect, project manager, and technical manager. Before that, he worked in embedded system software development for over a year. Sharanu is an enthusiastic learner currently focusing on cybersecurity. Sharanu earned a Stanford lead certification from the Stanford University Graduate School of Business. He also holds a master’s degree in general business from Clayton State University, Georgia, and a bachelor’s degree in computer science from Visvesvaraya Technological University, India. Sharanu has also served as an area director in Toastmasters International and remains an active member.
I want to thank Jeff Yost for providing me with the opportunity to work on this assignment. I also thank Ram, Dennis, and Packt for the great collaboration and guidance. I would like to thank Steve Barron for giving me a leadership opportunity at Panasonic Automotive and my mentor, Don Turner, for persistently guiding me on various topics. I also thank my mother, Kalawathi, and my wife, Nagaveena, who always support me in going the extra mile in all things.
Jeff Yost is an engineering manager at Panasonic Automotive Systems of America. He is a 20-year veteran in embedded development and has been in automotive for over 5 years. He has spent most of his career in software but also had a stint as a product line general manager. Jeff enjoys working with teams and developing new products. He graduated with a BSEE from Missouri Science and Technology University before moving to the desert of Tucson and earning a master’s degree in electrical and computer engineering from the University of Arizona. He has 3 US patents and developed many industry-leading products. After enjoying 20 years in the beautiful Pacific Northwest, he relocated to the golf cart community of Peachtree City, Georgia, where he bikes to work daily.
I want to thank a few people who allowed me to get started in the automotive industry. Specifically, I thank Paul Beets who hired me within about two days of first seeing my resume and I thank Steve Barron who put a lot of trust in me in allowing me to lead the software activities on a large and critical program. I also thank my wife, Stacie, for her encouragement and support in all things.
Ram Prasad Bojanki is a seasoned software development professional with over two decades of experience, with a particular focus on the automotive industry for 15 years. Most recently, Ram led the charge at Panasonic North America, Smart Mobility, where he spearheaded the entire lifecycle of the OneConnect Cloud Platform (IoT), from conceptualization and development to delivery and operational management. This experience highlights his well-honed abilities in designing and developing complex products and platforms across diverse environments, including both embedded systems and cloud technologies. He holds a Bachelor’s in Electronics and Instrumentation Engineering from Andhra University, India.
I am deeply grateful to Jeff and Sharanu for extending the invitation to co-author this book, and to Dennis for his invaluable collaboration. My heartfelt thanks also go to my wonderful wife Jeevani and my loving parents Satyanarayana and Lakshmi for their unwavering support.
About the reviewers
Jean Paul Talledo Vilela is a senior technology implementer at VTTI, where he designs, develops, and integrates various transportation technologies for applied automotive research. He also interfaces directly with sponsor technical and management teams to support research development and delivery goals. Some of his current design work includes ADS system integration for SAE Level 4/5 vehicle automation, connected vehicle-to-everything (C-V2X) technology deployment for the work zone, intersection scenarios, and cybersecurity and secured message transactions for V2X communications. In addition, Jean Paul provides technical oversight, quality assurance, and mentoring to developing engineers and strategic research projects.
Dr. Krishnendu Kar is a digital IoT leader who holds a Ph.D. in mechanical engineering from West Virginia University and an MBA from Simon School, University of Rochester. With a decade at General Motors, focusing on vehicle control and diagnostics, he transitioned to IoT 5 years ago, specializing in product development as well as coding AI, computer vision, the AWS cloud, device, and mobile app development for smart home IoT products. At Kidde, he leads the execution of smart home products. He authored Mastering Computer Vision with TensorFlow and created iOS apps Nity: DashCam & AI Map and Stretch Tracker. He enjoys an active lifestyle, engaging in running, home improvement, and social networking.
Balaji Balasubramanian is a passionate engineering professional with over 15 years of experience across different fields, including xEV design and development, automation, and machine learning. Currently, he works for Tata Consultancy Services as an assistant consultant. He handles different roles, ranging from vehicle-level simulation, energy management strategies, eVCU, and BMS software development. He describes himself as purpose-driven and an active member of ASAM, CoE : xEV design and development. In his free time, he codes for data analytics and machine learning algorithms on sports and IoT device data. He received a master’s degree in power electronics from IIT Madras and a bachelor’s degree in electrical and electronics from TCE, Madurai.
I’d like to thank my family and friends for their constant support.
Table of Contents
Preface
Part 1: Introduction to Automotive IoT
1
Automotive Technology Trends
Overview of current automotive trends
CASE
SDV and SOA
Mobile apps and the cloud
Modern software development
Standards and regulations
Introduction to automotive IoT
Automotive IoT
Automotive IoT use case examples
Data management for automotive IoT use cases
Summary
References
2
Introducing Automotive IoT Use Cases
Enhanced driver experience and safety
Connected car services
Advanced driver-assistance systems
Personalized in-car experience
Phone as a key
Optimized fleet management
Real-time vehicle tracking and telematics
Driver performance monitoring
Predictive maintenance
Connected mobility revolution
Smart parking solutions
Vehicle-to-Everything (V2X) communication
Connected supply chain and manufacturing
Summary
References
Part 2: Vehicle Architectures
3
Vehicle Architecture and Frameworks
The scale of vehicle architecture
Distributed architecture
Centralized zonal domain architecture
A central computer with multiple domain-specific SoCs
A central computer with a single SoC
Standard frameworks to support vehicle architecture and IoT
A high-level overview of the domain controller
Summary
References
4
Vehicle Diagnostics
UDS
UDS message structure
DoIP
DoIP message format
DoIP example message flow
Diagnostic communication workflow in Classic AUTOSAR
Diagnostic service management in Adaptive AUTOSAR
Reflecting on the application of remote diagnostics
Summary
References
5
Next Wave of Vehicle Diagnostics
Technical requirements
Needs beyond UDS
SOVD
REST
SOVD example, demo, and details
Example of a diagnostic message using UDS and SOVD
Example of an SOVD interface as part of applications on the server side
SOVD documentation and demo
SOVD and UDS comparison
Summary
References
Part 3: Secure Development for Automotive IoT
6
Exploring Secure Development Processes for Automotive IoT
An overview of security threats and the need for security and secure development processes
New cybersecurity threats
Examples of recent attacks
Simplified threat model of automotive IoT ecosystem
ISO/SAE 21434 and ASPICE for Cybersecurity
ISO/SAE 21434 Overview
ISO/SAE 21434 organizational-level requirements
ISO/SAE 21434 project-level requirements
ASPICE for Cybersecurity overview
ASPICE for Cybersecurity – security activities
NIST Cybersecurity Framework, ISO 27001, SOC 2, and OWASP
NIST Cybersecurity Framework
ISO 27001
SOC 2
OWASP
DevSecOps and agile development
V-model
Agile
Scrum
DevSecOps
Summary
References
7
Establishing a Secure Software Development Platform
Activities in the SSDLC
TARA/threat model
Requirements review
Design review
Code review
Static application security testing
Vulnerability scanning
Fuzz testing
Dynamic application security testing
Interactive application security testing
Penetration testing
Project inventory
Project information and risk level
Cybersecurity assurance level and activities
Example project inventory
Practical steps for establishing a secure software development platform
Purpose and need
Overview of the secure software development platform
Requirements, policies, and compliance
Vulnerability management
AppSec tooling
Common AppSec tooling and test approaches
SAST
SCA
DAST
Fuzz testing
Penetration testing
Summary
References
8
Securing the Software Supply Chain
Software supply chain and distributed development
Overview of the software supply chain
RASIC, vendor security assessments, and CIADs
RASIC
Vendor security assessments
CIADs
Managing risks with OSS
Security vulnerabilities
License compliance
Operational risk
SBOM
SBOM formats
Executive Order 14028
NTIA
OpenChain
Secure software supply chain risk management
Identifying the risks
Assessing the risks
Mitigating the risks
Summary
References
Part 4: Automotive IoT Application Life Cycle
9
System Design of an Automotive IoT Application
System design process overview
UXDD
Use case – remote diagnostics
System components
Vehicle telematics gateway
Vehicle cloud platform
End-user mobile device
Gateway design considerations
GNSS receivers
Wireless communication
Wired communication
CAN
Sensors
SIM/eSIM
Gateway hardware
Cloud design considerations
Device management
Connectivity management
Remote diagnostics applications
Classic vehicle ECU diagnostics
Service-oriented vehicle diagnostics
Regulatory compliance
Build versus buy
Summary
References
10
Developing an Automotive IoT Application
Cloud backend deployment and service models
Deployment models
Service models
Server-based and serverless computing
IoT application architecture
Cloud device gateway
Edge computing
Stream processing
Device management
OTA solutions
Telemetry datastore
Rule engine
Application Programming Interface (API) gateway
Connectivity management
IAM
Vehicle telematics gateway
Remote diagnostics application
Predictive maintenance
Development process
Summary
References
11
Deploying and Maintaining an Automotive IoT Application
The DevSecOps life cycle
The plan stage
CI
The code stage
The build stage
The test stage
CD
The release stage
The deploy stage
The operate stage
The monitor stage
Summary
References
Part 5: Automotive Software Insights
12
Processes and Practices
Introduction to processes and practices
ASPICE
SWE.1 – Software Requirements Analysis
SWE.2 – Software Architectural Design
SWE.3 – Software Detailed Design and Unit Construction
SWE.4 – Software Unit Verification
SWE.5 – Software Integration and Integration Test
SWE.6 – Software Qualification Test
Functional safety
Vocabulary
Risk classification system
Development process
Additional automotive processes and practices
DFMEA
5 Whys root cause analysis
Fishbone
A-B-A testing
Summary
Reference
13
Embedded Automotive IoT Development
Embedded software development
Electrical engineering
Schematics/block diagrams
Datasheets, errata, and application notes
Device drivers
Hardware Abstraction Layer (HAL)
Additional aspects of embedded development
Automotive-focused aspects
Power state management
Operating systems
Hypervisors
Development tools
Life cycle management tools
Software development ecosystem
You and your customers
You and your co-suppliers
You and your suppliers
Summary
References
14
Final Thoughts
Agile
Agile+ASPICE
Automotive embedded testing
Types of testing
Security
Summary
References
Index
Other Books You May Enjoy
Part 1: Introduction to Automotive IoT
This part introduces the reader to automotive IoT by first giving a background on the current automotive landscape and trends, followed by explaining the changes happening in various technologies used in the automotive industry, and then finally doing a deep dive into a couple of automotive IoT use cases that will be referenced throughout the book.
This part has the following chapters:
Chapter 1, Automotive Technology TrendsChapter 2, Introducing Automotive IoT Use Cases1
Automotive Technology Trends
The automotive industry is drastically changing. With technology advancements in other industries, including software development methodologies and frameworks, network connectivity, Internet of Things (IoT), and cloud infrastructure, the automotive industry is evolving to deploy novel solutions that make use of these new technology advancements. To utilize these new technology advancements, automotive IoT applications are now being developed and deployed in the automotive industry.
To set the stage and better understand the context, we will first review the current automotive industry trends. We will then give an introduction to automotive IoT and describe the overall ecosystem. We will also provide some example use cases for automotive IoT that explain the end-to-end communication flow.
This chapter will help prospective and existing automotive IoT engineers and managers to better understand the underlying automotive technology trends that are driving automotive IoT development.
In this chapter, we are going to cover the following main topics:
Overview of current automotive trendsIntroduction to automotive IoTOverview of current automotive trends
Welcome to the wonderful world of automotive! Writing a section on automotive trends is always challenging since trends are continuously evolving. Thus, this section becomes a snapshot of the current trends at the time of this writing. Of course, we recognize that something that may be a trend in this snapshot of today may have lost steam in some time and that there may be a new trend, buzzword, or hot topic when you are reading this book.
For example, an excerpt of automotive trends from a book in the 1980s may have sounded something like the following:
“There is a new in-vehicle communication protocol called Controller Area Network (CAN) that will revolutionize communication between Electronic Control Units (ECUs). CAN offers several benefits including reduced complexity of in-vehicle networks, improved scalability, and reduced weight and cost of the wiring. Using CAN allows ECUs to communicate with low latency and high reliability, making it possible to develop new and more advanced features. For example, using CAN it is possible to increase the vehicle performance and fuel efficiency by improved interaction between the engine control unit and the transmission control unit. Another example is the improved safety and performance of the Anti-lock Braking System (ABS) thanks to better communication between the ABS, the engine control unit, and the traction control system. Besides internal vehicle technology advancements, we are also going to see new cars equipped with Compact Disc (CD) players to enhance the user experience, allowing drivers and passengers to listen to their favorite music on the go. For example, the latest CD player system includes a CD changer that allows for up to 6 CDs to be preloaded, and the driver can select which CD to play using buttons on the dashboard.”
The only thing missing from this excerpt is the trend of launching a new line of cars that can transform into robots (although these cars were from a toy line called Transformers).
Fast forward to 2024, and the automotive trends have drastically changed. There are several noteworthy trends that we would like to discuss and it would not be possible to include all of them, so we will focus on the most important trends and those that will have a major impact in the automotive industry, causing disruption to the status quo. While technical improvements to vehicle systems are continuously being developed, equally important are the advancements made to improve the user experience and growing beyond the fundamental transportation use case of vehicles to provide end-to-end mobility and entertainment solutions.
We will cover the following automotive trends in the rest of this section:
CASESDV and SOAMobile apps and the cloudModern software developmentStandards and regulationsCASE
The term Connected, Autonomous, Shared, Electric (CASE) appeared a few years ago to describe the future of mobility and has been a main driver for leading several of the current automotive trends.
Connected
Most vehicles today contain several connectivity interfaces allowing the vehicles to communicate with external entities. In recent years we have seen the addition of support for wireless communication such as Wi-Fi, Bluetooth, vehicle-to-everything (V2X), 5G, Ultrawide Band (UWB), and so on. The Connected trend allows vehicles to interact with various services on the internet, smart devices, and other vehicles. As such, connectivity plays an integral role in supporting a large number of use cases including software updates over the air, remote diagnostics, remote keyless entry, multimedia playback, safety warnings, mobile apps, and more.
Autonomous
SAE J3016 [1] defines six levels of automation from 0 to 5 for Autonomous vehicles. While features to support drivers with some level of autonomy (Levels 1-2) have been around for decades, such as adaptive cruise control or lane keep assist, more advanced features are continuously being developed. For example, there are many vehicles under development supporting Levels 3 and 4, where the vehicle can take control of steering, braking, and acceleration, allowing the driver to be engaged in other activities. For Level 3, the driver may be asked to take over control in situations where the vehicle is unable to make certain decisions but in Level 4 the vehicle is fully capable of self-driving within a certain area (however, the driver is still able to manually take control of the vehicle if needed). Level 5 is a fully autonomous vehicle with no pedal or steering wheel (that is, the driver is not able to take manual control), and not restricted to any specific areas.
Shared
The concept of Shared mobility allows for new use cases and services to be provided for vehicles. Advancements in connectivity, software development, cloud, and mobile apps have paved the way for a plethora of new shared mobility services. An example is ride-hailing services such as Uber and Lyft, where a user can request a ride from a driver using a smartphone app. It allows users who do not own a car or who are visiting a city to easily get around. Another example is car-sharing services, where a user can use a smartphone app to rent a car by the hour or day. It is a convenient and cost-efficient way to get around since a user can typically find a nearby parked car participating in the car-sharing program.
Electric
The Electric trend has given birth to Electric Vehicles (EVs), which have gained enormous traction in the past few years. EVs provide many benefits over traditional internal combustion engine vehicles, including no harmful emissions during driving and improved user experience due to electric motors providing a smoother and more comfortable ride. As such, many governments are setting ambitious targets for EVs. For example, the USA has the goal of EV sales making up 50% of automobile sales by 2030 [2], the EU wants 55% of new cars to be EV by 2030, and 100% by 2035 [3], and Japan has set a target of EV sales being 100% of automobile sales by 2035 [4].
SDV and SOA
More recently, new terms such as Software-Defined Vehicle (SDV) and Service-Oriented Architecture (SOA) have overtaken CASE as the new trends. Let us understand them more in detail.
SDV
SDV has gained popularity in recent years as the main new trend in automotive technology. The term however also brings some ambiguity with it since its concept is based on the more generic word software. It is important to note that software for vehicles has been around for many decades, starting with simple ECU software to perform functions such as engine control and fuel injection. For example, in the 1970s, ECU software was small and often written in assembly language. Fast-forward to the 2020s, and ECU software is extremely different: much larger codebases, often using the C and C++ programming languages, more advanced functionality, and greater complexity. Using a generic term such as software may lead one to ask what the term SDV actually entails, since software for vehicles has been around for more than 50 years.
One interpretation is that it is not only software running on ECUs controlling simple vehicle functionality. SDVs promote a shift from relying on hardware to relying on software for its functionality. That is, the value comes from removing the dependence on hardware when designing the software, and shifting to a software-first approach where the software architecture and functionality are designed first and then the specific required hardware is defined. One additional consideration is that the hardware specifications contain room in terms of performance for improving the software and adding new functionality in the future. In particular, connectivity is a prerequisite to allow for Over-The-Air (OTA) software updates and configuration changes to the vehicle functionality over time. In other words, an SDV has been designed with a software-centric architecture, where software controls vehicle functionality, which allows for flexibility and the customization of functionality.
SDVs provide several benefits for the automotive industry as a whole. For example, one benefit is improved fuel economy and reduced emissions as the engine software can be tweaked continuously with minor software patches for optimal performance. Another benefit is increased safety as SDVs can use more complex software utilizing the interaction between different ECUs or software modules to provide more advanced safety features such as collision mitigation systems or driver assist systems. Moreover, since SDVs are designed with a software-centric architecture, it is possible to provide new functionality and services after the vehicle has been produced. For example, a new solution that was not considered during development can be designed and developed afterward due to the software-centric architecture nature of SDVs. Thus, auto manufacturers can equip SDVs with new functionality post-production such as autonomous driving functionality and advanced infotainment features, which could lead to improved user experience and increased value of the SDV.
SOA
SOA is another relatively new term in the automotive industry used to describe next-generation automotive software development. Previous generations of automotive software and in-network communication were designed and built using static concepts where, in general, the software and the signal-based communication approach were fixed. This allowed for robust, high-reliability, and low-latency functions and communication. The drawback was that it typically limited the functionality to more simple features. With the development of more advanced automotive software that requires more dynamic, modular, and scalable solutions, the concept of SOA is becoming commonplace.
In SOA, an automotive software application is designed to provide a collection of independent services. Each service provides a specific function, such as providing the engine speed, getting the steering wheel angle, controlling the brakes, adjusting the air conditioner, and so on. These services use a common set of protocols and Application Programming Interfaces (APIs) to communicate. This modular approach is very flexible as it allows for services to easily be updated or replaced without interfering with the rest of the system.
SOA provides several benefits, including modularity and flexibility as mentioned previously, where services can be designed, developed, and tested independently as well as updated or replaced easily on vehicles in the field without causing disruption to the existing functionality. Moreover, SOA allows for new functions to be developed and added after production using a common set of protocols or APIs. This enables scalability as new functionality developed for new vehicles can also be added to older vehicles.
With more automotive organizations applying SOA to their automotive software development, this trend will overall allow for more efficient, reliable and scalable automotive solutions to be developed and deployed.
Mobile apps and the cloud
One major scope change is that the focus for software development in the automotive industry is not only on the embedded systems in the vehicle itself. The scope is increasing and expanding to also include developing and maintaining software for mobile apps and cloud solutions to support the end-to-end ecosystem for mobility services.
Mobile apps
Besides embedded software, most Original Equipment Manufacturers (OEMs) offer a large number of mobile apps to their users. These mobile apps provide several types of features. For example, some apps provide an extension to access vehicle features remotely, that is, apps that can be used to remotely lock/unlock the car, open the trunk, or remotely start the engine.
Some apps access various data from the vehicle to provide the user with relevant information, such as driving range and fuel consumption. Some apps contain functions to provide full functionality for a certain use case. For example, for EV charging, apps can be used to check the current battery status, enable and monitor the charge level, and finalize the transaction and pay for the charging.
Other apps provide mobility services. For example, with these apps it is possible to rent a vehicle for 15 minutes or pay per hour.
The cloud
There are two main phases to consider in the context of the cloud: developmentand operations.
During development, it is important to note that more development is occurring in the cloud. Various code repositories, build environments, toolchains, and test environments are managed in the cloud. This allows for scalability and performance. To meet increasing demands as more projects are onboarded, new build environments, development toolchains, and test environments can easily be spun up, or cloud instances running in environments with improved performance can be used.
Another crucial aspect is that testing on virtual platforms allows for breaking away from the dependence on hardware. That is, it is possible to perform various functional testing and security testing on virtual platforms before hardware is available. This allows organizations to shift left and perform testing months earlier, becoming able to find and fix issues earlier and thus reducing costs.
Furthermore, automotive organizations typically offer a large number of cloud-based services during operations. The use cases provided by mobile apps typically have a corresponding backend services component hosted in the cloud. Examples of use cases include OTA updates, data analytics, and predictive diagnostics and maintenance.
Modern software development
With the development of more advanced vehicle features and mobility services, there is increased demand from users for new functionality and improved user experience. Similar to other industries such as the smartphone sector, users expect constant new features and updates. As such, there is a need to change the traditional automotive software development approaches to more agile approaches.
To support the ever-changing software requirements, automotive organizations have started to transform into software companies. In some cases, separate software development houses are established or acquired (such as Woven [5] or CARIAD [6]). In other instances, an internal software development team is consolidated from various ECU domains into one consolidated software development division (as with Bosch [7]). These software-focused departments typically follow more agile development approaches based on Development, Security, and Operations (DevSecOps). DevSecOps is an approach to establish a company culture of automation and built-in security. It requires close collaboration between development teams, operations teams, and security teams.
Furthermore, as software development approaches are changing, the software composition is also drastically changing. In the past, for many smaller ECUs, it was common that software was developed at tier 1 suppliers. As systems became more complex, software codebases grew and comprised software from third-party suppliers, tier 1s, tier 2s, and OEMs, as well as open-source software components.
End-to-end applications also span across vehicles, the cloud, and mobile apps, and as such require development using non-embedded programming languages and frameworks that are considered “new” to the automotive industry.
Thus, the deployment of modern software development approaches includes both changes in technologies, such as changes to software composition and the usage of new programming languages and frameworks, and changes in development methodologies and organizational structure.
Standards and regulations
Another important trend to bring up regarding the automotive industry is that of standards and regulations. Due to its safety-critical nature, the automotive industry is heavily regulated. With the introduction of more advanced functionality controlled by software coupled with more communication interfaces, which increases exposure and widens the attack surface, several cybersecurity standards and regulations have been introduced lately.
Figure 1.1 provides an overview of the relevant standards to help automotive organizations work in a more structured way to develop safer, more reliable and secure systems.
Figure 1.1 – Overview of relevant standards and regulations
Please note this is not an exhaustive list but rather provides an overview of standards and regulations relevant to current trends:
UN R155: This is a regulation for Cybersecurity Management System (CSMS) focusing on establishing proper security processes in the organization and performing cybersecurity activities during the product development lifecycle. It became mandatory for type approval in UNECE member countries for new vehicle types in 2022 and for all vehicle types in 2024.UN R156: This is a regulation for Software Updates Management System (SUMS). It provides requirements for establishing a secure update communication channel to vehicles, ensuring updates are stored securely on the backend and verified on the vehicle side before performing updates. It became mandatory for type approval in UNECE member countries for new vehicle types in 2022 and for all vehicle types in 2024.ISO/SAE 21434: This is a cybersecurity engineering standard for the automotive industry released in 2021. It provides numerous requirements for security on the organizational and project levels for the entire product lifecycle. It can serve as a backbone to fulfill the requirements of CSMS for UN R155.ISO 24089: This is a software update standard for the automotive industry released in 2023. It can help automotive organizations fulfill requirements for establishing SUMS in UN R156.ISO/PAS 5112: This provides guidelines for performing audits of organizational requirements for ISO/SAE 21434 and was released in 2022.ISO 8475 and ISO 8477: To provide additional guidance on activities and requirements defined in ISO/SAE 21434, there is currently ongoing work on two new cybersecurity standards: ISO 8475, which provides guidance on Targeted Attack Feasibility (TAF) and Cybersecurity Assurance Level (CAL), and ISO 8477, which covers verification and validation activities.ISO 26262: This is the safety engineering standard for the automotive industry and applies to all safety-related systems. The first version was originally published in 2013 and an updated version was published in 2018. There is currently work ongoing on a new version.ISO 21448: This was developed to cover safety-related systems that require external input, ensuring that Safety Of The Intended Function (SOTIF) is achieved. The current version was released in 2022.ASPICE: Automotive Software Process Improvement Capability dEtermination (ASPICE) 3.1 was released in 2017 and provides a framework and a maturity model for automotive development. ASPICE 4.0 was released in 2023.ASPICE for Cybersecurity: ASPICE 3.1 was updated to include several new specific cybersecurity activities and released as ASPICE for Cybersecurityin 2021.ISO 5230: With increased usage of Open-Source Software (OSS), Open Chain published the ISO 5230 standard in 2020 to provide guidance on the management of OSS and the software supply chain.ISO 27001: Going beyond automotive development, automotive organizations also need to consider information security and establish an Information Security Management System (ISMS). ISO 27001 is not automotive-specific, but provides general requirements on how to manage information security considering people, processes, and technology. The current version of ISO 27001 was released in 2022.After providing this overview of current automotive trends to help set a baseline for you, we will now continue with an introduction to automotive IoT.
Introduction to automotive IoT
Based on the aforementioned trends, we see new automotive use cases and solutions emerging that span across the entire ecosystem of connected vehicles to backend cloud solutions, user devices, and mobile apps. This section only aims to give a brief introduction to automotive IoT, which is described in more detail in Chapter 2, Introducing Automotive IoT Use Cases.
Automotive IoT
In this book, we will refer to these use cases as automotive IoT use cases. Before going further in this book, we will outline a definition of automotive IoT as it is a relatively new term and may have different interpretations depending on your background.
Automotive IoT definition
Automotive IoT is defined as use cases and solutions with specific purposes for the automotive industry that encompass vehicles and backend solutions and/or other relevant smart devices such as mobile devices.
An overview of the automotive IoT ecosystem is depicted in Figure 1.2.
Figure 1.2 – Overview of the automotive IoT ecosystem
The automotive IoT ecosystem comprises three main entities: Vehicle, Backend Solution, and Mobile Device. The vehicle contains some communication module that provides several means of communication with external entities. Commonly supported interfaces include cellular communication such as 4G and 5G, as well as short-range communication such as Wi-Fi, Bluetooth, UWB, and Near Field Communication (NFC). The backend solution is typically hosted in the cloud and provides various functionality, for example, to send commands to and receive data from the vehicle. The backend solution also processes the collected data and offers various features to the user’s mobile device. The mobile device contains the relevant app that allows the user to access features either directly on the vehicle using short-range wireless communication such as Wi-Fi and Bluetooth, or indirectly by communicating through the backend solution to the vehicle.
Automotive IoT use case examples
Using the automotive IoT definition given previously, the following are examples of automotive IoT use cases:
Phone as a keyRemote diagnosticsVehicle managementAs shown in Figure 1.2, these use cases encompass two or three entities in the ecosystem:
Vehicle, Backend Solution, and Mobile Device (mobile app) for the phone as a keyuse caseVehicle and Backend Solution for the remote diagnostics and vehicle managementuse casesThese three use cases are briefly described as follows.
Phone as a key
The phone as a key use case allows users to install an app on their mobile device that then serves as a key for their car. This means that users can use their phone to unlock the car door to get into the vehicle and start the engine.
Remote diagnostics
The remote diagnostics use case allows an OEM to remotely collect diagnostics data periodically as well as specific log data about certain incidents, such as component failures. The collected data is then processed in the OEM backend to help with predictive diagnostics. This allows the system to give indications and foresee potential component failures, providing warnings to the driver to bring their vehicle in for a checkup or component replacement before the component fails.
Vehicle management
The vehicle management use case gives companies an overview of their fleet of vehicles to better understand the vehicle usage and maintenance required. For example, the following data and conditions may be monitored and managed: vehicle location, fuel consumption, maintenance appointment schedules, driver behavior and safety, and optimized route planning and vehicle usage. The vehicle management system could also be used to ensure compliance with regulations by offering evidence based on the data collected from the vehicles.
Data management for automotive IoT use cases
It is important to note that these use cases typically handle various types of data. For example, user identities, credentials for authentication, and relevant vehicle, backend, and mobile app data are handled in the phone as a key use case.
Likewise, log data and diagnostics data are collected from the vehicles for the remote diagnostics and vehicle management use cases. Moreover, credentials for authentication and relevant vehicle data and backend data are also handled in these use cases.
Summary
This chapter presented an introduction to the current automotive trends. Common terminology and concepts were described, including CASE, SDV, SOA, mobile apps and the cloud, modern software development approaches, and relevant standards and regulations. Moreover, we gave an introduction to the automotive IoT ecosystem and presented several automotive IoT use cases. These topics allow you to establish the solid foundation needed to consume the following chapters in the book. The journey will equip you with skills for understanding and navigating the complex landscape of automotive IoT, from evolving vehicle architectures to secure development practices and holistic application development.
In Chapter 2, Introducing Automotive IoT Use Cases, we will provide several examples of automotive IoT use cases in more detail.
References
[1] SAE J3016_201806 Standard, https://www.sae.org/standards/content/j3016_201806/[2], White House Fact Sheet on Affordable Electric Vehicles, https://www.whitehouse.gov/briefing-room/statements-releases/2023/04/17/fact-sheet-biden-harris-administration-announces-new-private-and-public-sector-investments-for-affordable-electric-vehicles/[3], European Parliament Press Release on Fit for 55 Initiative, https://www.europarl.europa.eu/news/en/press-room/20230210IPR74715/fit-for-55-zero-co2-emissions-for-new-cars-and-vans-in-2035[4], U.S. Department of Commerce Market Intelligence on Japan's Transition to Electric Vehicles, https://www.trade.gov/market-intelligence/japan-transition-electric-vehicles[5], Toyota Woven Platform, https://woven.toyota/en/[6], Volkswagen Cariad Technology, https://cariad.technology/[7], Bosch Car Software and Electronics Stories, https://www.bosch.com/stories/car-software-electronics/2
Introducing Automotive IoT Use Cases
This chapter introduces automotive IoT use cases. The integration of the Internet of Things (IoT) into automotive industry marks a revolutionary step forward, enhancing vehicle functionality and driver experience through a myriad of connected applications. These advancements not only improve safety but also transform vehicles into highly personalized environments tailored to individual preferences and needs. From predictive maintenance and optimized fleet management to advanced driver-assistance systems and enhanced infotainment, the applications of IoT in vehicles are reshaping the automotive industry. This chapter explores the multifaceted use cases of IoT within the automotive sector, highlighting how this technology is steering us toward a more connected and efficient future.
In this chapter, we’re going to cover the following main topics:
Enhanced driver experience and safetyOptimized fleet managementConnected mobility revolutionThe IoT is enhancing the range of applications within vehicles, offering significant benefits to the automotive industry. By embedding sensors, processors, and connectivity throughout vehicles, the automotive industry unlocks a treasure trove of data and capabilities. Let us explore a range of use cases that are reshaping the automotive industry for both consumers and manufacturers.
Enhanced driver experience and safety
Enhanced driver experience and safety are revolutionized by automotive IoT through features such as connected car services for remote access, Advanced Driver-Assistance Systems (ADASs) acting as a co-pilot, personalized in-car experiences for maximum comfort, and the convenience of using your phone as a key.
Connected car services
IoT allows vehicles to connect to the cloud, enabling features such as real-time traffic updates, navigation with pinpointed accuracy, and remote diagnostics. An example is a car that reroutes you around unexpected congestion or alerts you to potential mechanical issues before they become a major problem. The following figure shows how the user can configure and remotely access the connected car via a mobile phone.
Figure 2.1 – Connected car end user mobile app facilitates remote access (Tesla Model Y)
Connected car services are like superpowers for a regular car, turning it into a high-tech companion. Cars these days have their own built-in cellular connection, just like a smartphone. This allows them to connect to the internet and a wide range of services. Through a smartphone app connected to the car, we can unlock a variety of features remotely. This could include locking or unlocking the doors, checking the fuel level or battery life (for electric vehicles), and even starting the car to preheat or cool the cabin before we get in. We can also remotely check the surroundings of the car for safety by leveraging the built-incar cameras.
Advanced driver-assistance systems
A vehicle with an ADAS is equipped with sensors such as LiDAR, radar, and a camera that work together to provide features such as automatic emergency braking, lane departure warning, and blind-spot detection. These systems leverage real-time data to enhance safety and reduce accidents, as shown in the following diagram, in which a vehicle detects an obstruction in its path and not only takes a corrective action but also relays the information to other connected vehicles that are heading in that direction to slow down.
Figure 2.2 – ADAS enhanced with IoT
An ADAS greatly benefits from IoT technology, by connecting vehicles to a network of sensors and devices, and it can be enhanced in several ways:
It improves situational awareness as IoT sensors can provide the ADAS with a broader range of data about the vehicle’s surroundings. This can include information from other vehicles, weather conditions, and road infrastructure. With this data, the ADAS can make more informed decisions and react to potential hazards more effectively.IoT allows for real-time data exchange between vehicles and the cloud. This enables the ADAS to receive updates on traffic conditions, accidents, and road closures. This can be crucial for features such as adaptive cruise control and lane departure warning.IoT sensors can be used to monitor driver behavior, such as whether they are drowsy or distracted. If the system detects a potential problem, it can issue a warning or even take corrective action, such as pulling the car over to a safe location.Here are some examples of ADAS functionalities that leverage IoT:
IoT can provide Automatic Emergency Braking (AEB) with data on nearby vehicles and pedestrians, allowing it to react more quickly and effectively to potential collisionsLane Departure Warning (LDW) systems can use real-time traffic data from IoT to account for congestion and adjust lane departure warnings accordinglyOverall, ADASs and IoT are a powerful combination that can significantly improve road safety and the driving experience. As both technologies continue to develop, we can expect to see even more innovative ADAS features emerge that leverage the power of IoT.
Personalized in-car experience
IoT personalizes the in-car experience. Biometric sensors can adjust cabin temperature and music preferences based on driver identity. Connected infotainment systems offer a wider range of entertainment options and seamless integration with smartphones.
Connected infotainment systems become a seamless extension of your smartphone, having your favorite music streaming service, audiobooks, or podcasts readily available on the car’s dashboard. The system integrates seamlessly with the smartphone for safe, hands-free communication.
Personalization goes beyond just temperature and music. IoT connects your car to a wider ecosystem of services. For instance, the navigation system integrated with your calendar could learn your frequent destinations and automatically set them up before you get into the car. It automatically suggests alternate routes based on real-time traffic data, helping you avoid delays on your usual commute.
The level of personalization can be tailored to one’s preferences. Imagine having different profiles for various drivers. Parents could set specific temperature and music preferences for their children, while also having their own personalized profiles.
This personalized in-car experience with IoT is all about creating a comfortable, convenient, and even safer driving experience. It’s like having a co-pilot who anticipates your needs, adjusts the environment to your liking, and keeps you connected and informed throughout your journey. Imagine a future where your car transforms from a mode of transportation to a personalized sanctuary on wheels.
Phone as a key
The phone as a key application offers users the capability to remotely manage various vehicle functions, including starting/stopping the engine, locking/unlocking doors, manipulating the trunk, and adjusting windows. Additionally, it facilitates easy key sharing over the phone, proving particularly useful in scenarios such as fleet management, shared vehicles, and rental cars. Phone as a key systems use Bluetooth/NFC for advanced features and stronger security with encryption and remote access control. Passive keys rely on radio signals, offering convenience, but these are more vulnerable to relay attacks. Phones offer dynamic security updates, enhancing overall safety.
