As vehicles become more software-defined, connected, and reliant on complex sensor architectures, automotive cybersecurity has become a core design consideration in modern cars.
Speaking at AutoSens USA, Mike Creighton, Principal Expert for Security Architecture at BMW Group, emphasised that cybersecurity today goes beyond preventing technical failures or isolated breaches. It requires meeting a growing range of regulatory, reputational, and political expectations.
Creighton emphasised that this change is partly forced by a shift in where consumers and manufacturers place value. He noted that the steering wheel, once the centrepiece of car marketing imagery, is often now overshadowed by large digital displays. Security, he emphasised, must therefore evolve to protect this growing software-defined focus.
A BMW marketing image for the MINI Aceman E
© BMW
As digital features become central to the driving experience, public perceptions of digital risks become increasingly important, with trust quickly undermined by real or perceived vulnerabilities concerning data privacy or insecure systems.
Meanwhile, the stakes have grown beyond individual consumers, with geopolitical tensions and national security concerns adding pressure on automakers to ensure their vehicles are both secure and resilient.
A More Complex Threat Surface
Modern vehicles are built from hundreds of components, many of which contain software and network interfaces sourced from a global supply chain. Each of these elements presents a potential point of vulnerability, and this complexity is prompting deeper scrutiny from both regulators and governments.
Heightened requirements to address cybersecurity are partly driven by UNECE WP.29 regulations, which mandate cybersecurity management and over-the-air software update systems in vehicles. In addition, broader national concerns around the security of digital infrastructure prompt pressure to show exactly how software is developed and protected.
However, while regulatory frameworks provide a baseline, Creighton was clear that compliance does not guarantee security. Automotive companies must demonstrate that their systems are resilient in real-world conditions, not just in theory.
This perspective is influencing how BMW and others approach vehicle software architecture. Strategies include secure boot, certificate-based communications, runtime protections, and ongoing lifecycle monitoring.
BMW’s strategy also incorporates full traceability for each software component, which allows them to pinpoint vulnerabilities. This capability is becoming critical in audits and security assessments.
Modular Architectures and a Risk-Based Approach
To manage this growing complexity, BMW has adopted a modular ‘four-brain’ architecture built around zonal controllers. These systems consolidate computing into four high-performance hubs, simplifying wiring, reducing cost, and securing the vehicle’s digital backbone.
Four Superbrains for the Neue Klasse
© BMW
Creighton described this as a key shift away from analysing risks line-by-line across countless network paths. Instead, BMW secures backbone traffic by default, reducing both risk and engineering overhead.
This architecture supports a risk-based approach: base-level protections are applied vehicle-wide, while layered defences target more sensitive systems like immobilisers or digital key services.
Open Standards for Resilience and Flexibility
To ensure resilience, Creighton also emphasised the need to avoid vendor lock-in and support open standards, especially in light of shifting geopolitical and regulatory landscapes. Indeed, closed, proprietary systems tied to a single country or supplier may become liabilities if trade restrictions or regulations change.
Creighton warned:
In today’s regulatory landscape, saying ‘we trust this one vendor’ just doesn’t cut it. Auditors want to see how your architecture works, how software is developed, and whether there’s been an independent review.
To that end, BMW is supporting open protocols like MACsec, a Layer 2 security standard that encrypts and authenticates traffic at the physical wire level. This helps ensure that all backbone traffic, even within the vehicle, is secured.
As vehicles become increasingly autonomous, connected, and intelligent, the demands on security will continue to rise. From the origins of every software component to the trustworthiness of each hardware link, automakers must be prepared to show, not just claim, that their systems are secure and resilient.
Creighton thus emphasised that cybersecurity is no longer merely a technical concern: it is a company-wide, global strategic issue that will define the trustworthiness and longevity of every modern vehicle.
More from AutoSens USA 2025:
Tags
