We arent joking when we talk aboutcarsas big fat data generating computer centers on wheels.
But what if we could secure cars before they leave the factory floor?
He also owns a Tesla so hes personally invested in car security.
It’s free, every week, in your inbox.
Its common to build security into the entire development lifecycle.
However, Finite State pushes security as far to the right as possible.
What are some of the most common security flaws?
Poorly written code is vulnerable to security risks or malicious activity.
Those millions of lines of code within a cars microprocessors all have their own origin.
The main developer might have pulled in the Log4j software as part of their development practice.
This jeopardizes the security of any auto server using the library.
The data is collected and stored in different places over time.
This increases the risk of impact on the vehicle software.
It didnt enable him to drive the cars.
This is where plain text passwords and secret data are placed in source code.
It provides a backdoor for product testing and debugging.
Left in the final code, an attacker can read and modify configuration files and change user access.
So, how do you secure software against vulnerabilities and attacks?
Finite States work starts at the testing phase, focusing on the final binary copy and builds.
They then share these with the clients security team.
When we think ofcybersecurity and mobilityreally, were only just beginning.
And as car automation increases, the risks only get greater.
Story byCate Lawrence
Cate Lawrence is an Australian tech journo living in Berlin.
