Modern vehicles and the automotive industry at large have undergone significant changes from the early days of looking under the hood to understand how a car worked. Today, vehicles are much more complex — most of which run upwards of 100 million lines of code and leverage software for everything from braking systems to communication systems all to ensure vehicles are safe, compliant and reliable for the road. As vehicles continue to modernize, understanding the emerging trends, challenges and best practices will become increasingly vital to remain competitive and trusted.
To better understand the current state of automotive software, Perforce conducted a survey in partnership with Automotive IQ of over 600 automotive development leaders around the world. The annual survey provided insights to the leading trends in automotive software development, as well as the future outlook on the innovative vehicles of tomorrow.
So, what’s top of mind for automotive software developers this year? Here are several takeaways from the 2022 State of Automotive Software Development Survey Report and considerations for the road ahead.
Though safety will always be a leading concern for automotive development professionals, with one-third (34%) reporting it is their number one top priority, the specific focus areas for safety shift year from year. One of the most significant changes from the 2021 report is the increase from 38% to 45% of respondents saying they have trouble fulfilling every ISO 26262 standard for functional safety—a complicated standard to comply with given the various safety levels and mandates for code best practices. For development teams, ISO 26262 compliance requires tests to be tracked, code to be reviewed and traceability across all steps. This only becomes more complex as the automotive industry experiences an increase in components originating in non-automotive environments. For those that need to comply with ISO 26262, 48% need to comply due to a customer requirement, a 4% increase over last year.
This year’s report also had 5% more respondents say customers expect them to comply with safety coding standards, an increase that signals customers being more in tune with the changing automotive landscape.
Further, with automotive recalls doubling in North America over the last two decades, defects are increasingly appearing in the software used inside the vehicles. The average cost of an automotive recall is about $500 per vehicle—these recalls can affect a company’s reputation and market performance. 38% of respondents had been impacted by a recall, although it is important to clarify that not all recalls relate to software or software vulnerabilities.
Security concerns increased year-over-year, indicating a positive shift in overall security awareness. For survey respondents, 48% stated their leading software security challenge was meeting regulations that require cybersecurity approval. This was closely followed by the difficulties to enforce secure coding practices, which increased by 6%, highlighting the greater number of projects and developers working in automotive software. In addition, the survey respondents experienced a 14% decrease in individuals concerned over unauthorized access to onboard/offboard systems compared to the 2021 report, confirming authentication and authorization access have become easier to address than other security challenges.
Enforcing software security is no longer optional — it is an industry and customer requirement. A single cybersecurity vulnerability can leave automotive software and embedded systems defenseless against cyberattacks — an ever-present threat. This is especially true with the rise of innovative autonomous vehicles and cutting-edge car features, leaving developers considering the importance of having the right software development tools in place to reduce risk. Today’s static analysis tools enable teams to effectively identify software security vulnerabilities and weaknesses, as well as assistance in enforcing coding standards, detecting compliance issues early in development, and speeding up reviews and testing efforts—providing peace of mind for cybersecurity concerns.