skip to Main Content

Dynamic Cybersecurity for Connected Vehicles

Oct 13, 2022

Why do software-defined vehicles provide a superior platform to prevent, detect, and counter cyberattacks?

Passenger vehicles have experienced a tremendous increase in connectivity over the past decade, with more and more cars now being connected at all times. This trend will only continue to grow with the rollout of 5G networks, expansion of the software deployed in vehicles and increasing consumer demand for more personalization and connectivity and the beneficial capabilities they bring.

Moreover, manufacturers and OEMs need the ability to update vehicles without requiring service visits. Delivering over-the-air updates and upgrades even after a vehicle has left the manufacturer’s lot can offer significant cost savings and deliver vehicle improvements, but this leaves the vehicles’ systems open to attack.

Finally, the amount of computing capabilities in vehicles is increasing rapidly. The addition of more capable driver assistance, enhanced infotainment systems, and better safety features all bring more compute into the car. It’s not an exaggeration to say that our cars are rapidly becoming more like data centers on wheels.

Unfortunately, the inconvenient truth is that all connected systems are vulnerable to attack. By being connected to the internet, cloud, and road infrastructure, modern cars have an expanded attack surface with many potential vulnerabilities. In fact the numerous connections in modern vehicles— wireless networking, Bluetooth, and cellular data—can all be exploited by potential hackers in different ways.

As connectivity becomes our way of life, the need for better systems and security expertise for in-vehicle systems is a top concern. Automakers must protect the whole vehicle (and indeed the entire fleet of vehicles) including their network and connections to the cloud from cybercriminals attempting to steal information, extort money, or otherwise disrupt their operations. Protecting against these risks requires security expertise, constant vigilance, and the ability to act quickly to thwart cyberattacks.

Why dynamic cybersecurity is needed to address cyber threats?

Automakers must leverage modern software technologies that are proven in enterprise servers and networking as the foundation of their cybersecurity solutions. True dynamic cybersecurity requires two key vehicle capabilities: vehicle-wide visibility, dynamic vehicle configuration, and rapid responsiveness to new threats. These key capabilities are found only in software-defined vehicles, that is, vehicle architectures with a rich software framework and that allows extensibility and configurability.

Software-defined vehicles offer the promise of extensibility to respond to cybersecurity threats after shipment, and indeed deliver other valuable upgrades. With software-defined vehicles and connected car software, automakers can centrally monitor, configure, and control updates to vehicle functionality and features throughout the life of the vehicle.

One challenge posed by initial efforts to deliver software-defined vehicles is the heavy code development, validation, testing, and deployment that updates require. Typical Over The Air (OTA) updates require such complicated validation that their rollout can be slow. What’s worse, the updates themselves can be massive in size, from megabytes to even gigabytes. Downloads that large require high speed networks that may not always be available and inevitably take significantly longer to deploy across the fleet.

Sonatus is working to bring the best of both worlds by offering the benefits of software-defined vehicle extensibility while reducing or eliminating the validation burden that delays updates and by shrinking those updates to only kilobytes in many cases . Sonatus Collector, for example, allows OEMs to quickly create and deploy policies to collect a wide range of vehicle data under specific conditions and events. Dynamic reconfiguration allows new or updated data collection, network configuration, and other policies to be deployed and safely implemented in seconds. These policies can be used to rapidly identify cybersecurity threats, better target the right response, and accomplish both vastly sooner than any conventional heavyweight OTA update could achieve.

Discussions have begun at the regulatory level with The United Nations World Forum for Harmonization of Vehicle Regulations (WP.29) which adopted the new cybersecurity regulation covering the identification and management of cybersecurity risks in vehicle design, monitoring and responding to attempted and successful cyberattacks, and the use of a cybersecurity management system and data forensics systems. These discussions and others like them are helpful to bring collaborative frameworks together to share information and mitigate future threats.

There are also valuable industrial collaboration efforts underway, such as the Scalable Open Architecture for Embedded Edge (SOAFEE), an industry-led collaboration defined by automakers, semiconductor suppliers, open source and independent software vendors, and cloud technology leaders. The initiative intends to deliver a cloud-native architecture enhanced for mixed-criticality automotive applications and advocate for common standards-based firmware and security interfaces. This kind of collaborative effort can be helpful to shine a light on the critical standards needed for the success of software-defined vehicles for cybersecurity and beyond.

Identifying and responding to cybersecurity threats requires a “round-the-clock” approach. In today’s dynamic security environment, automakers cannot wait for vulnerabilities or exploits to be reported in the media; they need to resolve the issues before they become news. To accomplish this, automakers must maintain the highest level of situational awareness. This requires effective aggregation, classification, and prioritization of data from vehicle telematics, security experts, and third party threat intelligence feeds, all presented in an intuitive operations dashboard.

October is Cybersecurity Awareness Month, and a perfect time to refresh your own “cyber hygiene” habits, operations dashboards and more. Download our free white paper Dynamic Cybersecurity for Software-Defined Vehicles to arm yourself with information to protect your connected vehicles.

Our Dynamic Cybersecurity for Software-Defined Vehicles white paper includes information about:

  • How technological and regulatory advances demand making vehicle cybersecurity a top concern among automakers.
  • Why software-defined vehicles provide an optimal platform to prevent, detect, and counter cyberattacks.
  • How the application of modern in-vehicle cybersecurity measures and a cloud-based Vehicle Security Operations Center (VSOC) work together to deliver superior intrusion detection and prevention.


Sonatus is accelerating vehicle software innovation and the transition towards software-defined vehicles. The diverse products comprising the Sonatus Vehicle Platform serve as the key building blocks that allow automotive companies and their ecosystem to fast forward to the future of mobility and deliver continuous improvements in costs, capabilities, reliability, and user experience over the vehicle lifespan. Sonatus’ award-winning software platform is in mass production vehicles from Hyundai, Kia, and Genesis today and will grow to millions of cars by 2024. The company has raised more than $110 million USD with world-class automotive, technology, and venture investors including Foxconn, Hyundai Motor Group’s Kia Corporation, LG Electronics, Marvell, NEC and Translink Orchestrating Future Fund, SAIC Capital, Translink Capital, UMC Capital, and Wanxiang Group Company. Sonatus is headquartered in Sunnyvale, CA (Silicon Valley), with offices in Dublin, Paris, Shanghai, Seoul, Taiwan, and Tokyo. Sonatus is a trademark of Sonatus, Inc. For more information visit

# # #

For more information contact:

Michael Cory
Director of Marketing & Communications


Back To Top