Software

BSI: Cyber security in road traffic

September 8, 2025. To mark the start of the International Motor Show (IAA), the German Federal Office for Information Security (BSI) has published a report on cyber security in road traffic in 2025, which illustrates why this is a task of growing relevance: Digital services, over-the-air updates and networked control units are increasingly shaping vehicle architectures, while the use of artificial intelligence (AI) in assistance systems and automated driving functions is growing continuously. This means that vehicles are becoming ever more connected, systems are becoming ever more complex and mobility is becoming ever more digital.

Symbolic image data security / pixabay ugoxuqu

Tags

Connectivity, Data Security, Digitalization, Mobility, Software Development

Contact info

Silicon Saxony

Marketing, Kommunikation und Öffentlichkeitsarbeit

Manfred-von-Ardenne-Ring 20 F

Telefon: +49 351 8925 886

Fax: +49 351 8925 889

redaktion@silicon-saxony.de

Contact person:

Julia Nitzschner

julia.nitzschner@silicon-saxony.de

Telefon: +49 351 8973 3865

Robert Krauße

robert.krausse@silicon-saxony.de

Telefon: +49 351 8925 886

As part of its analysis of Germany’s overall cybersecurity situation, the BSI also evaluates vulnerability and incident reports in the automotive industry. In the period from February 2024 to March 2025, 107 such reports were processed in this context, with the majority of the cases considered requiring physical access to the affected component or at least physical proximity to the vehicle, e.g. in the case of attacks via Bluetooth or Wi-Fi. In 18 reports, vulnerabilities were described that could also be exploited via the Internet. Overall, the BSI recorded an increase in vulnerabilities in manufacturer software and external applications.

According to the information available to the BSI, exploitation of the vulnerabilities mentioned with a criminal background is currently rather rare in the vehicle context. Further threats arise in connection with cyber dominance, i.e. the possibility of exerting influence through digital products that give manufacturers access to information and functions.

In addition, against the backdrop of current geopolitical conflicts, complicated supply chains increase the attack surfaces of vehicles and transport infrastructure. Furthermore, new ways of attacking AI components and vehicle sensors through manipulative inputs also entail new risks. With regard to the usually long life cycles of both vehicles and transport infrastructure, the migration to new cryptographic processes that are resistant to the potentially growing threat from quantum computers is also an important task.

BSI Vice President Thomas Caspers: “The digital attack surfaces in the automotive sector are growing rapidly. A trusting exchange of information between companies, research institutions and authorities is of crucial importance, not only for cyber security in road traffic, but also with regard to the digital sovereignty of Germany and Europe. Cybersecurity must be seen as a driver of innovation within the digitalized automotive industry – especially if the principles of security by design and security by default are consistently implemented. As Germany’s cybersecurity authority, the BSI offers manufacturers and their customers comprehensive information, assistance and exchange formats in this regard.”

– – – – – –