The automotive industry is undergoing a significant transformation as a result of automation and the transition to a new model of mobility and digitalization as services. The next-generation vehicles will be complex architectural in cyber-physical systems, with designs that must be revised to meet the increasing demand for advanced services, both for safety and infotainment purposes, prompting OEMs or manufacturers to develop a new framework to cover their IT suppliers. Connected cars and autonomous driving are well-known factors that come into play on this path, necessitating the development of a new design to address emerging cybersecurity issues. Modern automotive systems in vehicles will always be intra- and inter-connected, which means that the attack path will be much simplified and extended. As a result, a new framework based on a secure-by-design approach is introduced to protect the automotive system from potential attackers' vulnerabilities or threats.
In this paper, we propose a systematic approach to cybersecurity features for addressing cyber-attack vulnerabilities in modern vehicles. The major focus is on the in-vehicle network and its requirements, as well as the current most commonly used protocols (e.g., CAN, Ethernet, etc.) and their vulnerabilities, as determined by regulations such as UNECE, SAE J3061-2, and ISO 21434. We outline the proposed solutions as well as the major projects aimed at developing secure architectures. In this way, we hope to lay the groundwork for more focused analyses of the security implications of autonomous driving and connected cars.