As the automotive industry moves into the era of Software-Defined Vehicles (SDVs), software is being integrated into vehicle systems like never before. This means we need to rethink how we approach vehicle safety and security. XEPS, a leading suppiler in the electric power steering (EPS) market, recognises the importance of cybersecurity in steering systems. So we’ve embedded a cybersecurity strategy into every stage of our EPS product lifecycle from design and development to deployment and decommissioning.
Industry Trends: The Rise of SDVs and the Need for Cybersecurity
SDVs means a fundamental change in automotive architecture where software controls the vehicle. By 2030, software will account for up to 50% of a new vehicle’s value, enabling features like over-the-air (OTA) updates, advanced driver-assistance systems (ADAS) and autonomous driving capabilities. But this increased software integration expands the attack surface, making vehicles more vulnerable to cyber threats. Critical systems like steering, braking and infotainment are interconnected and vulnerabilities in one area can compromise the entire vehicle’s safety and performance.
Image Source: ET Auto
Emerging Risks and Challenges for Steering Systems
As a key actuator in the vehicle, the steering system is directly linked to vehicle control and occupant safety; any attack could have immediate and severe consequences. In Software-Defined Vehicles (SDVs) the risks look like this:
- More Interfaces and Connectivity: The steering system has to communicate with multiple domains, like the autonomous driving domain, body domain and OTA remote update systems, which means a much bigger attack surface.
- More Software Complexity: Intelligent control software offers a lot of functionality but introduces more vulnerabilities, so security design and continuous monitoring is a must.
- Supply Chain Responsibility: Steering system suppliers have to ensure that both hardware and software components are secure and reliable, to mitigate risks from the supply chain.
- Growing Compliance and Regulation: Global regulations are getting stricter, like UNECE R155 (cybersecurity regulation) and R156 (software update regulation). OEMs and suppliers have to set up and demonstrate a cybersecurity management system and software update process that complies with these regulations or they might face market access restrictions and much higher compliance costs.
- Conflict between Business Speed and Security: In a very competitive market, manufacturers have to launch new features fast. That creates a inherent tension between “fast innovation/time-to-market” and “security”. Short-sighted “release first, patch security later” practices can embed long term safety risks in the vehicle.
XEPS’s Cybersecurity Commitment: Protecting the Steering System
Knowing the importance of the steering system in vehicle safety, XEPS has a multi-layered cybersecurity approach aligned to international standards and regulations.
1. Secure-by-Design Philosophy
From the design phase, XEPS incorporates cybersecurity measures, doing threat analysis and implementing secure architecture principles. This proactive approach means security is part of the steering system, not an afterthought.
2. UNECE R155/R156 and ISO/SAE 21434 Compliance
XEPS complies with United Nations Economic Commission for Europe (UNECE) Regulations R155 and R156 which require a Cybersecurity Management System (CSMS) and secure software update mechanisms for vehicles. Our processes also align to ISO/SAE 21434, the international standard for cybersecurity risk management in road vehicles.
3. Over-the-Air (OTA) Update
To counter emerging threats, XEPS’s steering systems have OTA update capabilities to deploy security patches and system enhancements in a timely manner. This is key to maintaining the vehicle’s cybersecurity posture throughout its lifecycle.
4. Supply Chain Security
Cybersecurity is a shared responsibility, XEPS works closely with suppliers to ensure all components meet strict security standards. This extends to providing customers with transparent security information to create a secure ecosystem across the automotive supply chain.
The Future: Working Together for a Secure Automotive Ecosystem
SDVs requires a collective approach to cybersecurity. XEPS is committed to working with OEMs, Tier 1 suppliers and industry associations to develop and implement security solutions to protect vehicles from emerging threats. By putting cybersecurity at the heart of steering system development, XEPS not only improves vehicle safety but also supports the overall goal of secure and sustainable mobility.
For more information on XEPS’s cybersecurity and to see our range of steering solutions visit www.xepsteer.com.
01.png)
