Open source software features in connected vehicles bring added responsibilities for manufacturers
In the same way that original equipment manufacturers (OEMs) are responsible for issuing a recall for a malfunctioning piece of hardware they, along with their suppliers, will be responsible for software vulnerabilities in connected cars over the course of a vehicle’s lifetime.
Automotive manufacturers across the globe have been developing ways to address cybersecurity when building their connected cars. In the UK, government officials have released key principles that manufacturers must follow if they have any influence on the manufacturing supply chain.
But, auto manufacturers rely on hundreds of independent vendors to supply them with hardware and software components. Software from each vendor is likely to be a mix of custom code written by the vendor, along with proprietary code and open source software code. With tens of millions of lines of code networked throughout the car, OEMs are finding it increasingly difficult to track and manage the source for each piece of software in use.
With cybersecurity incidents continuing to rise, vehicle manufacturers need to adopt a…
