It's a massive step towards improving vehicle cybersecurity.
Cars are becoming more connected than ever, with advanced navigation systems that can provide real-time traffic information to help you avoid traffic jams, high-tech infotainment systems providing access to online streaming services, and apps that let you control some car functions with your smartphone. While this makes driving safer and more convenient, the increasing reliance on services that connect to the internet makes cars more vulnerable to malicious hackers who want to steal your data and/or remotely control your car.
Hackers have already demonstrated how security flaws in security software for the Mercedes E-Class could be exploited to remotely control various vehicle functions and even start the engine before the software was patched.
To prepare for the future of self-driving cars with even more connected technology, Toyota and Nissan are joining forces to form a joint venture of ninety companies to protect connected cars from cyberattacks. According to Nikkei Asia, Toyota and Nissan are teaming up with technology companies such as Microsoft Japan, Trend Micro, NTT Communications and Sompo Japan Insurance, as well as parts manufacturers such as Denso and Panasonic. Companies in the consortium will check software for security flaws and collaborate to share information on cyberattack trends and hacking methods.
Every month, thousands of software vulnerabilities are detected around the world. As part of the partnership, flaws in automotive software will be extracted and updated once a week.
Each company will then check the software they use to make sure it doesn't contain any of the discovered security flaws. As well as improving car security and preventing cyberattacks, the partnership will help reduce costs of researching and developing security software, as well as reduce the time it takes to develop software patches.
In Japan, it costs car companies between 200 million and 300 million yen ($1.8 million to $2.7 million) a year to outsource software research. For now, the consortium is aimed at the Japanese car market, but this is a massive step towards improving cybersecurity in connected cars.