Emerging Security Risks in Automotive System-on-Chips (SoCs): A Comprehensive Review
Keywords:
Automotive cybersecurity, System-on-Chip (SoC), hardware security, connected vehicles, ADAS, secure automotive electronicsAbstract
The transformation of modern vehicles into highly connected and software-driven systems has positioned System-on-Chips (SoCs) as a central element of automotive innovation. Automotive SoCs combine heterogeneous processing cores, accelerators, memory subsystems, and communication interfaces to support safety-critical functionalities such as Advanced Driver Assistance Systems (ADAS), autonomous driving, infotainment, and vehicle-to-everything (V2X) communication. While this high level of integration improves performance and cost efficiency, it also gives rise to new and increasingly complex security challenges. This paper presents a comprehensive review of emerging security risks affecting automotive SoCs, encompassing hardware-based attacks, software and firmware vulnerabilities, network-oriented exploits, and systemic risks associated with over-the-air updates and AI-driven workloads. By synthesizing recent academic and industrial research, the paper identifies dominant attack vectors, shortcomings of existing protection mechanisms, and open challenges that remain unresolved. The goal is to provide both researchers and practitioners with a structured perspective on the evolving threat landscape and to outline directions for security-aware SoC design.
Downloads
References
Wolf, M., Weimerskirch, A., & Paar, C. (2021). Security in automotive bus systems. Proceedings of the IEEE, 109(3), 343–356.
Checkoway, S., et al. (2011). Comprehensive experimental analyses of automotive attack surfaces. USENIX Security Symposium, 77–92.
Sanwald, T., et al. (2020). Secure boot mechanisms in automotive ECUs. IEEE Embedded Systems Letters, 12(2), 45–48.
Eisenbarth, T., et al. (2019). On the power of power analysis in embedded systems. IEEE Transactions on Computers, 68(1), 3–16.
Tehranipoor, M., & Wang, C. (2017). Introduction to hardware security and trust. Springer.
Mangard, S., Oswald, E., & Popp, T. (2007). Power analysis attacks. Springer.
Nilsson, D., Larson, U., & Jonsson, E. (2018). Securing vehicle OTA updates. Computer, 51(7), 38–47.
Hoppe, T., Kiltz, S., & Dittmann, J. (2011). Security threats to automotive CAN networks. Automotive Safety & Security, 235–248.
Eykholt, K., et al. (2018). Robust physical-world attacks on machine learning models. CVPR, 1625–1634.
Studnia, I., et al. (2020). Survey on intrusion detection in automotive networks. IEEE Communications Surveys & Tutorials, 22(4), 2474–2509.
ISO/SAE. (2021). ISO/SAE 21434: Road vehicles — Cybersecurity engineering.
Sommer, R., & Paxson, V. (2010). Outside the closed world: IDS challenges. IEEE Symposium on Security and Privacy, 305–316.
Chattopadhyay, A., et al. (2022). Security-aware SoC design for automotive systems. ACM TODAES, 27(4), 1–29.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
