As vehicles become increasingly reliant on software, cybersecurity has become a critical component of automotive safety. With the rise of connected and autonomous vehicles, securing these systems is more important than ever. Sasken, in partnership with UK-based Trustonic, is addressing the challenges posed by these emerging technologies. Together, they are embedding cybersecurity solutions into vehicles, enabling automotive manufacturers to innovate safely without compromising security. In this interview, Rajiv C Mody, CMD & CEO, Sasken Technologies, speaks to Sudhir Chowdhary on the main cybersecurity risks and how to mitigate them. Excerpts:
How vulnerable are modern vehicles to cyberattacks?
Modern vehicles are significantly more exposed to cyber threats than they were a decade ago. With over 100 million lines of code, multiple wireless interfaces, cloud connectivity, and over-the-air updates, today’s cars are essentially computers with wheels. The systems, which were once isolated, like infotainment, telematics, advanced driver assistance systems (ADAS), and powertrain, have become a part of a broader system.
Among many other incidents, one of them involved exploiting a vulnerability in its infotainment system that led attackers to access vehicle controls via a cellular connection. Although the entry point was non-critical, it created a major security and safety issue. Vulnerabilities can originate anywhere, apps, interfaces, backend services and without security at every layer, small cracks become serious threats. With development cycles becoming shorter, not all security gaps are being addressed in time. Hence, vulnerabilities persist in vehicles already on the road.
What are the major risks involved in connected vehicles?
The risks extend well beyond the vehicle itself. Apparently with vehicle-to-everything (V2X) services, data flow between the car, infrastructure, cloud and third-party apps, creating multiple points of vulnerability. A compromised, insecure OTA connectivity, or an exposed API can directly impact critical functions of the vehicle.
How can the automotive industry mitigate these risks?
Cybersecurity is not merely closing gaps in the code running inside the vehicle, rather it is a practice that needs to be adopted right from the conceptualisation phase of the product. However, early mitigation is essential, where “security by design” must be implemented from the initial phases. This includes having security controls starting from the concept and design stages.
At Sasken, we see a consistent pattern across OEMs and Tier-1s, security is often fragmented. Our approach is to assess the system holistically, not just individual ECUs, so we can identify how security breaks down across the architecture and helps customers shift from patchwork compliance to system-level resilience.
Why is a product-centric approach so important?
A vehicle’s lifecycle can span over a decade, with continuous updates, evolving features, and threats. A product-centric approach treats security as a foundational element, integrated from architecture through after-market operations. This builds technical robustness and helps with faster compliance, safer innovation cycles, and lower cost of remediation. It also helps manage third-party risks, especially in SDVs built on open and modular platforms. For companies that are getting hold of this shift, having engineering partners who understand the full product journey right from silicon and firmware to application and cloud makes a lot more difference.
What’s driving the future of automotive security?
The future lies in adaptive, intelligent cybersecurity systems. We’ll see increased use of AI for threat detection, behavioural analysis, and autonomous response. Post-quantum cryptography, secure AI model pipelines, and continuous availability of intelligence about potential vulnerabilities will become a norm. Those who take a charge to embed security by design into their projects would have a competitive edge in my opinion.