Search
Young caucasian man touching on-board computer screen in his car.

Securing the lifeblood of modern vehicles: OTA

As OEMs rely more on over-the-air (OTA) technology, securing vehicle systems becomes a crucial task

February 21 2025Dheeraj Rawal

The background

Software-defined vehicles (SDVs) are gaining popularity as customer demand intensifies. To meet rising expectations for exceptional in-vehicle experiences, OEMs are adopting advanced technologies, such as over-the-air (OTA) updates, for innovative features. However, digitalization brings with it increased security risks. How can brands enhance security to protect against modern threats? Find out.

Emerging vehicles are loaded with features

Modern vehicles are increasingly integrating more software as the customer appetite for a connected vehicle experience is rising. Global automotive brands cater to these demands through innovative approaches. The newer vehicles are introducing features such as advanced driver-assistance systems (ADAS) for lane-keeping assistance, connected infotainment for personalized content delivery, predictive maintenance to monitor vehicle health, and so on. 

The US-based automaker Ford, for instance, offers a solution allowing fleet owners to track real-time location, monitor fuel usage, and maintain alerts. Ford’s solution is powered by technologies such as GPS, cloud, and data analytics. This solution helps fleet owners optimize operations and enable predictive maintenance. Through this solution, Ford also offers features such as vehicle health monitoring, dealer scheduling, security, and fuel efficiency analysis.1
 

Customer experience and revenues are front and center

Amount of software content in a connected automobile

SDVs offer a range of benefits for both the OEMs and the end customer. Some of the most sought-after benefits are reduced costs, shorter time to market, a differentiated business model, increased performance, a modern user experience, improved safety, and regular vehicle upgrades. OEMs benefit through increased efficiency and newer revenue opportunities, whereas customers gain from improved user experience and vehicle performance.

With customer experience taking center stage, automakers are amping up their software investments. The SDV market is poised to reach a USD 400-600 billion valuation by 2030.2 As the software impact on the automotive industry amplifies, OEMs are considering building their software capabilities. Through software and electronics, OEMs expect to triple their revenues to reach USD 240 billion from USD 87 billion by 2030.3

The adjoining image shows a comparison of the software content amongst various devices/gadgets today.4

OTA is at the heart of modern vehicles

Of all the innovations in the automotive software industry, the capability to update software – OTA – is a game-changer. Vehicles have included software for some years now and SDVs aren’t an entirely recent innovation, but the ability to continuously upgrade and improve the vehicle features is making waves in the industry. 

The OTA update feature is changing how customers perceive their vehicles and how manufacturers increase the vehicle lifespan through continuous value addition. With OTA, manufacturers continuously upgrade certain features, enhance performance, and fix bugs. In a way, users create personalized vehicles and at the same time, benefit from the latest feature releases that make vehicles ‘relevant and modern’. Users get updates and other notifications in their cars, quite like a smartphone. Various automotive brands push such updates. 

How Tesla is using OTA

A popular electric vehicle (EV) maker, Tesla, for instance, allows users to install updates through notifications on the vehicle touchscreen. Alternatively, it also sends updates on the Tesla mobile app. 

In 2024, Tesla released several updates over the air. One such update allowed users to connect their vehicles with the Apple smartwatch. Through the Apple Watch application, users can now unlock their vehicles. They can control other features of the car such as opening the trunk and controlling the climate through the smartwatch.5

So how does OTA work?

Global OTA vehicles-in-operation - all technologies globally

OTA updates allow manufacturers to remotely deliver vehicle software updates via a wireless network. Various systems, including infotainment, navigation, engine control, safety features, performance, new functionalities, and cyber security, are upgraded or altered through OTA. OTA works through a secure cloud infrastructure, communicating with the vehicle's telematics control unit (TCU) or infotainment system. It uses technologies such as cellular networks (e.g., 4G/5G) and Wi-Fi.

The iterative approach through OTA updates allows continuous development and innovation in the vehicles, all the while also making room for customer feedback. The OTA capability enhances SDV’s value proposition. The automotive industry is heading towards an era where software is becoming more of a need than a luxury for modern vehicles. Software adoption is set to be the decisive factor for manufacturers, allowing them to have a larger share of the automotive market. 

Customer demand drives automotives towards OTA

This trend is propelled by increasing customer demand. The modern customer prefers a connected experience in the vehicle. In a survey conducted by McKinsey, about 39% of German and 55% of Chinese consumers said they would switch to another automotive brand for better connectivity. As the trend continues, more than 90% of vehicles sold by 2030 will be connected. Customers prefer features that are bundled together and contribute to a connected experience.6

Manufacturers must leverage OTA capability to offer a seamless experience and more value. As of 2024, about 24% of vehicles had OTA capability. By 2030, this number will reach 78%. Currently, 200 million vehicles globally leverage OTA, which is expected to double by 2030.

Automotives have new revenue streams with OTA

With many users willing to shell out extra money for new in-vehicle features, brands are tapping into the revenue opportunity. For instance, German automaker BMW offers an adaptive M suspension feature to its customers through a subscription model. BMW customers can pay 25 euros a month or 210 euros a year to unlock this feature. Other features, such as parking assistant, driving assistant, remote service, welcome light settings, and high beam assistant, are also available through subscription.7

Many other brands also offer subscription-based services through the OTA feature. The subscription-based model is gaining adoption and becoming a source of recurring revenue for automakers. A research study indicated automakers will make about 10% of revenues by selling additional features.8 European automaker Stellantis forecasts additional revenues of 20 billion euros from connected vehicles by 2030, whereas US-based automakers General Motors and Ford also expect USD 20 billion in additional revenue each by the same year.9

Brands must take stock of cyber security

Digital interiors of a luxury car

As OTA gathers momentum, cyber security risks need to be considered before pulling all the stops. Connectivity and software components significantly expand a vehicle's attack surface by introducing numerous digital entry points that can be exploited by malicious actors. 

Many features in SDV communication rely on Internet access, cloud services, and wireless protocols (e.g., Wi-Fi, Bluetooth, and 4G/5G). Each of these connections provides a potential vector for cyber attacks, such as unauthorized access, malware injection, and data interception. Additionally, the integration of critical vehicle controls (e.g., braking, steering, and acceleration) with software systems makes it possible for hackers to manipulate these functionalities remotely. This interconnected ecosystem magnifies the risks, requiring robust cybersecurity measures to protect both the vehicle and its users. 

Lack of the right security measures leads to vulnerabilities being exposed by hackers, causing data thefts or ransomware attack incidents. Over 95% of the attacks on automobiles in 2023 were remote, and only 5% were physical attacks – indicating that increased connectivity leads to new security risks.10

Hackers love vulnerabilities

In 2024, security researchers discovered a vulnerability in Kia’s owner portal website, which could have allowed attackers to remotely control millions of vehicles with minimal effort. 

By exploiting backend API flaws, hackers could have gained unauthorized access to vehicle commands using only a car’s license plate and vehicle identity number (VIN). Furthermore, unlocking vehicles, starting or stopping them, honking the horn, and even tracking the vehicle’s location – all without notifying the owner – was possible. The bug also exposed customer information, such as names, addresses, email addresses, and phone numbers. Additionally, hackers could add themselves as secondary users on the vehicle’s account to control key features without the owner’s knowledge.

They could potentially stalk drivers, steal car contents, or use the compromised data for identity theft. Kia quickly acknowledged the issue after it was reported and implemented a fix in mid-2024, but the incident underscored the critical need for robust security measures in connected car systems to prevent such breaches.11

Example of an OTA attack

A few years ago, researchers identified 14 vulnerabilities in BMW’s infotainment and telematics systems. These flaws could allow attackers to remotely inject malicious code through the OTA update process. After the report was published, BMW patched these vulnerabilities via OTA updates after collaborating with researchers.12

With more connectivity, there’s an uptick in cyber incidents related to vehicles, and the impact of incidents is getting larger. In 2023 alone, over a million vehicles were impacted. In a few cases, vehicles were recalled, and in some cases, companies paid ransom to get the data and access back.13

The consequences of security incidents can be severe

2023 impact breakdown, based on 295 automotive-related cyber incidents

Hackers use different methods to get vehicle access, such as API exploitation, remote code execution, malicious software update, keyless entry, relay jacking, signal jamming, supply chain attack, odometer tampering, malware injection, and vulnerability exploitation. The financial consequences of attacks can easily run into millions of dollars. 

For instance, hackers can target a fleet management company that has a vulnerability in one of its systems. They can gain unauthorized access to vehicles to manipulate functions. Such incidents lead to operational hurdles, vehicle recalls, legal and compliance issues, reputation loss, and overall financial losses to the tune of millions of dollars. The customers, in turn, encounter bad experiences, safety-related issues, vehicle theft, data breaches, and so on.

The need for cyber security in SDVs

Automotive brands must emphasize more on cyber security because future vehicles will have more connectivity. Vehicle-to-everything (V2X) communication is the next big thing. V2X technology will enable vehicles to communicate with digital infrastructures, other vehicles, networks, cloud infrastructures, devices, and more. It will use APIs, sensors, cameras, radars, IoT modules, networks, etc., essentially increasing the attack surface even further.

Cyber security considerations for automotives with SDV offerings

Encryption and secure data transfer

Encryption protects sensitive data from interception during OTA updates, crucial for maintaining trust in an increasingly connected world. Encryption avoids any type of tampering with the software update.

Authentication and access control

Multi-factor authentication safeguards vehicle systems against unauthorized access; this is essential because vehicles connect to multiple ecosystems. Multiple ecosystems require different Application Programming Interfaces (APIs), further increasing the security risks because APIs are relatively easy to hack. Including API security can protect communication endpoints, ensuring seamless yet secure data exchange critical to connected services.

Intrusion detection and prevention

Firewalls and intrusion detection systems monitor and block threats in real time; these are vital as cyber attacks targeting vehicle systems become more sophisticated. Threat intelligence platforms enable proactive defenses, helping automakers stay ahead of emerging vulnerabilities and threats.

Centralized security monitoring and incident response

The Vehicle Security Operations Center (vSOC) ensures real-time visibility into threats across fleets; this becomes critical as cyber attacks evolve into complex, large-scale operations. vSOCs are different from regular SOCs as vehicles are constantly in motion as opposed to IT infrastructure. Additionally, Endpoint Detection and Response (EDR) also offers rapid detection and mitigation at the endpoints, which is indispensable for minimizing damage in the event of a breach.

Cloud and network security

Automotive cloud security protects backend systems that manage data and OTA updates, which is critical because vehicles rely heavily on cloud infrastructure. Network segmentation reduces attack surfaces and limits breach impact, which is necessary to safeguard critical vehicle functions.

Security by design

In addition to the above security measures, automakers should also adopt the “security by design” approach. This approach allows them to place importance on security at every phase of software development or implementation. As software components are added, most vulnerabilities may not be identified unless exploited by an attacker. This necessitates organizations to carry out penetration testing and vulnerability scanning regularly. As with OTA updates, code checks are a crucial part of the release and distribution of the update. 

How automotive OEMs can benefit from T-Systems expertise

With a range of automotive and cyber security solutions, we can improve the security posture of modern vehicles. Along with building a security strategy, we also implement the right security stack for automotive organizations. Our managed services are meant to ensure operational availability, AI-based threat detection, and response around the clock. Our SOC analysts defend IT/OT systems from risks in real time through proactive threat hunts, anomaly detection, and risk mitigation. 

We also advise our automotive customers to meet compliance norms such as ISO/SAE 21434 (Road Vehicle Cybersecurity Engineering) and UNECE WP.29 (Cybersecurity and Software Updates), which are crucial for maintaining safety and customer trust. We help customers to reduce vulnerabilities, emphasize risk assessment, secure development practices, and more. These measures not only improve compliance rates, but also demonstrate a proactive commitment to safety, reliability, and resilience.

With T-Systems, automotive OEMs can now monitor and mitigate risks, manage reputation, build trust with customers through reduced security incidents, and avoid financial losses arising from cyber attacks. CISOs can improve their security ROIs with us by avoiding expensive security tools and relying on our technology and talent. Security teams can reduce their burnout by aligning their priorities with business objectives and reducing time spent on false alerts.

T-Systems is one of the leading providers of OTA solutions that allow OEMs to optimize vehicle performance and offer connected car experiences. We offer solutions that are tailor-made for customers specifically. Read more about our OTA capability in the Frost & Sullivan report here.

About the author
Dheeraj Rawal

Dheeraj Rawal

Content Marketer, T-Systems International GmbH

Show profile and articles

You might also be interested in

We look forward to your feedback

Do you have any ideas, suggestions, or questions on this topic? We cordially invite you to exchange ideas with us. Get in touch with us!

References

1 Telematics Solution, 2024, Ford Website

2 Automotive Software Trends, 2023, Deloitte

3 SDV Market Article, 2023, Boston Consulting Group

4 SDV & OTA Report, 2024, T-Systems and S&P Global

5 Apple Watch Updates, 2024, Tesla Website

6 Car Connectivity Article, 2024, McKinsey

7 BMW Subscription Article, 2024, TeamBHP

8 OTA Revenues Article, 2022, eeNews Europe

9 Connected Car Revenues Article, 2024, Forbes

10 Automotive Cyber Attacks Report, 2023, Statista

11 Vehicle Hacking Article, 2024, Wired

12 BMW News Article, 2018, BBC

13 Global Automotive Cybersecurity Report, 2024, Upstream
 

Do you visit t-systems.com outside of Germany? Visit the local website for more information and offers for your country.