Cyber security testing must be thoroughly ingrained in each phase of the development cycle to reduce the risk of security vulnerabilities being found and exploited in the field. Historically, many OEMs and suppliers treated security as a mere afterthought, rushing last-minute penetration tests only before a vehicle’s release. This leaves weaknesses in place, ultimately threatening the security of vehicles because underlying vulnerabilities may not be discovered until far too late to fix without significant cost or schedule disruption. By contrast, a continuous approach to security verification ensures that every development step is scrutinized with malicious threats in mind. We will explain this continoues approach and provide examples from our day-to-day work on car cyber security.
