Over 100 million connected car shipments projected by 2027

“Telematics applications stand at the very core of car OEMs’ intelligence strategy, producing an ever-increasing amount of data and supporting key operations including, among others, fleet management, vehicle connectivity optimisation, firmware-over-the-air (FOTA) updates, and predictive maintenance. While car OEMs partially adopt new security measures out of necessity due to compliance and regulatory requirements, the fact of the matter is that they do need to adapt V2X applications to meet the demands of the greater IoT ecosystems. OEMs are steadily starting to recognise the value of having a security-first approach in connected vehicles,” explains Dimitrios Pavlakis, Senior IoT Security Analyst at ABI Research.

Secure telematics data management can be tackled by adopting a more unified approach. Rather than simply “pushing” security to the cloud, secure telematics need to originate in the vehicle itself. Vehicle systems are evolving into a highly complex and interconnected network spanning multiple control/processing units, generating an ever-increasing amount of data, and funnelling it into one component geared for external communications: the Telematics Control Unit (TCU). Every single data point captured by vehicle systems and gateways, communicated through cellular networks, and analysed in the cloud by car OEMs and Telematics Service Providers (TSPs) originates from TCU communication modules. A simple eSIM incorporated into telematics devices is enough to secure external communications for many telematics suppliers and car OEMs.

“It is astonishing that automotive data security management rests on this unique technology when the monetisation opportunity is significantly higher,” says Pavlakis. “The concept of ‘simply embedding the TCU with an eSIM’ is merely a connectivity-enabler, not a scalable security approach.”

Many automotive market players rely very heavily on cloud security to ensure their customers and end-user data is properly gathered, stored, and managed. However, there are multiple value chains prior to the cloud, starting with identity issuance at the manufacturing stage for telematics devices, secure firmware installation and code issuance for software components, certificate management and proper ownership migration, provisioning, and onboarding, establishing trust with third-party services, streamlining in-vehicle network operations, privacy, and secure data management, among many others.

Pavlakis concludes, “There is no future scenario in the era of the software-defined vehicle that excludes the further investment of hardware, software, and network security options. Obtaining reliable telematics data and protecting vehicle communications directly contributes to data monetization and aligns with the future of V2X and intelligent vehicle processes.”

Companies leading in the space are offering telematics-specific eUICCs and embedded firmware solutions (Thales), embedded hardware security for V2X (Infineon), connectivity platforms and Vehicle SoCs (Ericsson), high-tier security connected vehicle network and data security (Blackberry), and software-defined vehicle and security architecture consulting services (Tata Elxi and Upstream).

These findings are from ABI Research’s Secure Data Management in Automotive Telematics application analysis report. This report is part of the company’s IoT Cybersecurity research service, which includes research, data, and ABI Insights. Based on extensive primary interviews, Application Analysis reports present in-depth analysis on key market trends and factors for a specific application, which could focus on an individual market or geography.