3 Secure E/E architecture: domain separation and secure gateways
Network domains need to be isolated so that network components such as interfaces, the infotainment system, and safety-critical systems remain separate and therefore protected. Firewalls block any attempt by unauthorized external parties to send commands to individual devices or to the entire network. An intrusion detection system (IDS) reports anomalies in the network communication, allowing extensive prevention measures to be rolled out across the entire vehicle fleet.
4 Securely connected vehicle: protecting the interfaces
The vehicle is connected to the outside world via a number of interfaces. Secure communication protocols protect the connection to the cloud, a firewall shields the vehicle network, and vehicle-specific certificates protect firmware updates.