IT security challenges for continuously connected near-autonomous vehicles

Connected cars are becoming more prominent and will be the standard for cars in the near future. These vehicles are equipped with advanced functionalities such as near-full autonomous driving capabilities, and over-the-air updates. However, cars that are always connected to the Internet also raise the question of security. In this paper, we analyze the current challenges of IT security in continuously connected near-autonomous cars. In this study, we conducted 10 qualitative interviews with security experts from consulting, manufacturing, and software engineering, and we conducted desk research on case studies of failing security in connected cars. Additionally, we surveyed the general public on understanding and awareness concerning the risks of connected cars. Based on 351 minutes of recorded audio and 100 survey responses, we discuss the challenges and potential improvements for IT security in automotive and the awareness about the possible vulnerabilities. Furthermore, we provide an analysis of security breaches based on five p ublished cases. As a result of our findings, w e e mphasize t he need for better and integrated IT security in connected cars. The improvement of security is a joint effort by manufacturers, governments, and car users. We recommend that manufacturers need more IT security expert knowledge to further develop appropriate security measures, governments need to regulate the IT security of cars, and car users need to become more aware of the possible threats that come with continuous online connectivity of their cars.