SDV security: what matters most — and how we build for it

HERE collects 500 million kilometers of probe and sensor data every hour. Our automated mapmaking system blends this and other data into one unified live map. This ensures the highest map quality, coverage and freshness – down to the centimeter.  
 
It's also why so many automakers trust HERE for their security and safety-critical vehicle systems. Delivering navigation value and location value that is secure, privacy-preserving, and resilient is our goal. While the goal is simple, SDV architecture is anything but.  

At IAA Mobility in Munich, where over 750 companies from OEMs to tier-one suppliers and system integrators showcased the complexity of software-defined vehicle (SDV) architecture, it became clear that the industry is evolving into an interconnected ecosystem that must collaborate to ensure safety and security. Reflecting this shift, HERE and AWS announced a partnership to reimagine automotive software development – SDV Accelerator – underscoring how even traditional competitors must work in harmony to build the software-defined future. 

In this blog, we’ll discuss the security aspects of SDV’s. Let’s start with a breakdown of key areas that are most critical from a security standpoint, and why: 

• Safety-critical components (brakes, steering, ADAS) 
  If these are compromised, people can get hurt. They need hard isolation, strict access control, signed firmware, and fail-safe modes. If something looks wrong, the car should adjust safely—every time. 

• In-vehicle networks and gateways (CAN/Ethernet) 
  These connect everything. Without segmentation and message auth, a small flaw can jump into safety domains. Gateways must enforce zones and only pass what’s verified. 

• OTA updates and the software supply chain 
  While updates fix problems and add features, they’re also a fleet-wide attack path. End-to-end signing, staged rollouts, and rollback protection reduce blast radius. 

• Identity and PKI (vehicles, ECUs, apps, users) 
  Trust runs on keys. Weak key handling means spoofed vehicles, ECUs or cloud services.   

• External and cloud interfaces (telematics, mobile apps, charging, V2X) 
  These extend the attack surface beyond the car. Lock down APIs, least-privilege access, exposure management, and continuous monitoring. Backend security matters as much as in-car security; a compromised cloud can affect a whole fleet. 

• Sensors and timing (GNSS, cameras, lidar) 
  Attackers can mislead perception without touching control systems. Use sensor fusion, plausibility checks, and authenticated data feeds where available. 

• Privacy and IVI data (location, biometrics) 
  This is personal. Encrypt it, sandbox it, minimize it, and ask for consent. We keep uses narrow and transparent. 

“At HERE, security isn’t an add-on—it’s built in from the start. We run ongoing threat analyses to stay ahead in the software-defined vehicle (SDV) space. Security and privacy guide the design of every product and service, and with secure reference architectures, we make it easy for partners to integrate HERE services with confidence,” said Alexey Sintsov, Senior Director Security at HERE.  

How OEM and driver needs shape HERE’s architecture 

Automakers and drivers may have different priorities, but both shape how we design security at HERE. Drivers care most about privacy and control of their data. OEMs focus on meeting strict regulations and ensuring systems run safely at scale. We serve both. 

• End users want privacy and control 
  Location, favorites, and trip history should only support navigation and routing. We design for strong encryption, consent flows, and data minimization (e.g., GDPR). Where we can, we anonymize and limit retention. 

• OEMs need compliance, resilience, and fit 
  Automakers must meet ISO/SAE 21434 and UNECE R155/R156, pass audits, and integrate cleanly with vehicle systems and cloud. That means secure SDKs, identity management, encrypted telematics, and dependable operations. 

• Shared priority: trust at scale 
  Millions of vehicles, many partners, one standard: confidentiality, integrity, availability. We rely on secure cloud foundations, role-based access, continuous monitoring, and third-party checks. 

The toughest challenges right now 

The shift to fully software-defined vehicles is opening new doors for innovation—and new doors for attackers. Security teams across the entire auto industry now face a growing list of challenges. This is especially the case as AI becomes part of perception and decision-making and it brings its own set of vulnerabilities. That, and all other key areas demand a layered, ongoing approach to keep vehicles safe and reliable: 

• Data authenticity: GNSS spoofing, manipulated CAN/Ethernet, or tampered map feeds can mislead decisions. HERE data and solutions enable customers to do those checks in ADAS. 

• Exploding attack surface: Virtualized ECUs on centralized compute, plus containers and third-party code. Cloud misconfigurations can still expose data or control paths. 

• API and connectivity growth: Every new feature adds endpoints. Everything must be authenticated, authorized, and watched. 

• Supply chain and lifecycle risk: Secure OTA, SBOMs, vulnerability management, and post-quantum crypto readiness are essential for frequent updates and open ecosystems. 

• Zero implicit trust: “Internal traffic is safe” no longer holds. We verify inside the car and in the cloud. 

• AI security beyond LLMs —think adversarial inputs to perception, data poisoning, and sensor-level injection. Authentication is key here. 

How we’re solving them  

At HERE, we focus on the parts of the SDV ecosystem where usability, safety, and trust meet. That means making sure map and routing data can’t be tampered with, securing the flow of information between cloud and vehicle, and giving drivers control in ways that don’t add distraction.  We build with privacy in mind, storing only what’s necessary, and we give developers secure tools so they can integrate without weakening the system. Each of these priorities helps ensure that connected vehicles remain both useful and trustworthy: 

• Trusted map and routing data  Routes, POIs and destinations must come from authorized calls and arrive with integrity checks. This prevents malicious rerouting and protects user trust. 

• Secure cloud-to-vehicle pipelines 
  We authenticate sources and protect map and traffic data so vehicles act on reliable inputs. 

• Consent without friction 
  Drivers should make key choices—like route changes—without distraction. HERE designs flows that are clear, quick, and safe for ADAS and beyond. 

• Privacy by design 
  HERE minimize personal and vehicle data in car and cloud. And we store only what’s needed. 

• Developer enablement 
  HERE’s SDKs and APIs are secure by default, with patterns that help OEMs integrate safely. This includes OTA considerations and vehicle feedback loops. 

What’s next: where innovation and partnership matter 

Looking ahead, securing SDVs will depend on strong technical foundations, constant lifecycle protection, and close collaboration across the industry. No single company can solve this alone.  HERE is proud to run an extensive partner network of independent software vendors (ISV’s), systems integrators, value-added resellers, managed service providers, resellers and distributors. “HERE has the most comprehensive portfolio of industry recognized Security, Privacy & Responsible AI certifications of any location technology company.” said Ryan Larson, VP & Chief Security Officer at HERE.

Learn more about why HERE is the trusted partner for building Secure Software Defined Vehicles in our Legal, Privacy & Security hub.