In the context of the release of technical dividends such as intelligent driving, electrification, and AI cockpit and the continuous tightening of regulatory requirements, open source software has become a necessary part of automotive software development, and it is also a key factor in the introduction of vulnerabilities, accounting for about 30%-50% of vehicle vulnerabilities. He proposed that safety components should be standardized, and improving the reuse rate of safety components will greatly reduce development costs.
Wang Bo, head of information security development of FAW-Volkswagen Co., Ltd., said that information security should not become a burden on product development, but should be transformed into the core competitiveness to enhance product value. Enterprises need to focus on active security technologies such as scenario-based security services, privacy protection design, and virus Trojan scanning, and take information security testing as the last security guarantee in the development stage. Ensure the implementation of security requirements through comprehensive testing and identify potential risks in advance. At present, FAW-Volkswagen has built a test capability that integrates compliance, penetration, function, attack and defense, covering 6 major directions and equipped with more than 40 types of testing equipment.
Wang Bo | Head of information security development of FAW-Volkswagen Co., Ltd
The following is a summary of the speech:
New security challenges under the wave of technology
At present, L2 assisted driving has become the standard configuration in the industry, and L3+ high-end intelligent driving has been piloted in many regions, and the domain control integration solution integrating cabin and driving has been accelerated. 800V fast charging and longer range technology of more than 1,000 kilometers significantly improve the electrification experience, and multi-modal interaction technology driven by AI large models reshapes the cockpit ecology. However, the application of new technologies also derives new attack paths: data sample injection attacks can mislead autonomous driving decisions, camera/radar spoofing attacks destroy environmental perception, charging port identity verification vulnerabilities may cause BMS tampering thermal runaway, and GPS positioning interference directly affects vehicle navigation capabilities. Risks such as remote control of external interfaces, AI model theft, and voiceprint/face data leakage continue to escalate.
Source: Speaker material
The regulatory level shows a trend of high standards and strict requirements. The United Nations UN R155 Cybersecurity and UN R156 Software Upgrade Standards have completed the transition period, and the domestic GB 44495-2024 “Technical Requirements for Automotive Information Security” and GB44496-2024 “General Technical Requirements for Automotive Software Upgrades” will take effect for new models in January 2026. It is worth noting that the indicators of the national standard in the fields of cryptographic application, spatio-temporal data security, and compliance testing are clearly higher than international standards.
Source: Speaker material
Vehicle protection system construction
The four-layer evolution of the defense-in-depth architecture builds a protection system covering the full stack of the vehicle network. The boundary protection layer deploys TLS encrypted vehicle-cloud communication to realize two-way authentication of charging ports and near-field communication encryption such as Bluetooth. The domain control isolation layer adopts the logical isolation of hypervisor hardware partitions and VLANs, and implements the signal-level whitelist control strategy. The communication protection layer uses the SecOC protocol on the CAN bus for message verification, and Ethernet communication enables TLS two-way authentication in the vehicle. The terminal reinforcement layer relies on the HSM hardware root of trust to achieve secure boot, and the debugging interface is strengthened with OTP passwords.
Source: Speaker material
Scenario-based security experience is implemented, and perceptible active safety functions are developed. The driver/maintenance mode enables APP permission management and real-time privacy protection. Multi-passenger rides trigger automatic protection of sensitive information, hiding personal data and historical trips. Synchronously integrate the virus scanning engine to achieve active security detection and eliminate malicious programs.
Source: Speaker material
Four-dimensional test defense line practical verification, build a multi-dimensional test verification network. The compliance test is strictly aligned with the GB 44495 testing standard, and the certification pass rate is maintained at 100%; Penetration testing covers 12 types of attack surfaces, including CAN/Ethernet bus and wireless interface.
Source: Speaker material
Functional testing verifies that the safety design still has high reliability protection under various working conditions; The offensive and defensive range simulates a variety of actual combat scenarios through virtualization technology. The testing capability runs through six major technical directions, integrates more than 40 types of special equipment, and greatly improves the efficiency of defect interception.
Source: Speaker material
Develop and upgrade the support system
Embed ISO 21434 safety standards into the whole vehicle development cycle. The concept stage defines security requirements and threat models, implements software and hardware collaborative protection schemes in the development stage, and performs penetration testing and code audit in the confirmation stage. The core breakthrough lies in the security shift left mechanism: relying on the Polarion+Jira+Confluence toolchain to build a closed loop of requirements management to achieve accurate matching between security activities and V-Cycle development nodes. This system supports enterprises to become the first batch of domestic vehicle manufacturers to pass the dual certification of GB 44495 and R155 CSMS.
Source: Speaker material
Breakthroughs in the standardization of security components, implementing enterprise-level standardization of eight core components such as intrusion detection systems and vehicle security communications. Unified interface specifications achieve cross-platform hardware compatibility, HSM computing power optimization technology reduces resource occupation, and shortens development cycles by 30%. All components meet functional safety requirements through GB 44495, data security and other standards, and have been reused on multi-vehicle platforms.
Source: Speaker material
Open source software full-link governance, establish a management and control mechanism covering the entire life cycle of open source software. mandatory SBOM ledger management in the supply chain; Implement dynamic vulnerability scanning in the development stage to replace high-risk components. Legal compliance strictly follows the requirements of GPLv3, Apache 2.0 and other protocols. SBOM management is integrated into the daily development process and requires timely response to security vulnerabilities.
Source: Speaker material
futureOutlook and challenges
A central computing platform poses a challenge to attack surface centralization. A REE/TEE dual-zone isolation architecture is built based on the TEE trusted execution environment, and intelligent driving and entertainment system resources are scheduled through the standardized GP API interface. Simultaneously promote the national secret algorithm replacement project, verify SM2/SM3/SM4 in key business areas, and improve compatibility and stability. In response to the threat of quantum computing, the pre-research of quantum key distribution technology in the vehicle-cloud communication scenario was launched.
Source: Speaker material
In the next three years, we will focus on three core strategies: deepen the implementation path of the CSMS system on the product side, improve the defense chain in depth from the cloud to the ECU terminal, and build a three-dimensional test network that integrates compliance testing, crowd testing attack and defense, and scenario verification. Only by transforming security capabilities into the core competitiveness of products can we be thereIntelligent networkingLeading the future in the wave of transformation.
(The above content comes from the keynote speech “Information Security Attack and Defense of Intelligent Connected Vehicles” delivered by Wang Bo, head of information security development of FAW-Volkswagen Co., Ltd., at the 4th China Internet of Vehicles Security Conference in 2025 on June 19, 2025.) )
