Security analysis of Software-Defined Vehicles (SDVs): cyberattack entry points you can try. 🚗🛜🌐🤖🔥

A group of security researchers from EPITA - School of Engineering and Computer Science (France) presented their comprehensive survey and taxonomy of cybersecurity challenges in software-defined vehicles earlier this month.

The research is well-structured, highly organized, and practical. Some conclusions may not be new to you if you work in automotive cybersecurity (such as OTA being a major threat), while others may come as a surprise.

Did you know that back in 2015, hackers remotely unlocked 2.2 million BMW, Mini, and Rolls-Royce cars by forcing them to downgrade from 3G/4G to insecure 2G networks and exploiting unencrypted HTTP requests? 😉

More details:

Advancing Security in Software-Defined Vehicles: A Comprehensive Survey and Taxonomy [PDF]: https://arxiv.org/abs/2510.09675