Bonum Certa Men Certa

The Car Drives You -- Part IV -- Today's Cars Come With Up to 3,000 Chips and Security Isn't of Concern

Consulting firm Deloitte Touche Tohmatsu Limited estimates that as of 2017, some 40% of the cost of a new car can be attributed to semiconductor-based electronic systems, a cost doubling since 2007. It estimates this total will approach 50% by 2030. The company further predicts that each new car today has about $600 worth of semiconductors packed into it, consisting of up to 3,000 chips of all types.
Further, internal and external vehicle communications have exploded in the past decade. In 2008, there were an estimated 2,500 data signals being exchanged among the ECUs in a luxury car. Volvo’s Antinyan says that today more than 7,000 external signals connect the 120 ECUs in Volvo vehicles, and the number of internal vehicle signals being exchanged are two orders of magnitude greater. Consulting firm McKinsey & Company estimates this information can easily surpass 25 gigabytes of data an hour.
Article from 2021 (IEEE)



Summary: The concept of software freedom inside cars has become a distant fantasy; the cars that are being manufactured nowadays disregard security and embrace unnecessary complexity

ABOUT a week ago we started this series. We looked at a consultation right here in the UK -- a misguided bit of text which characterises modifying one's own car as "tampering". Shades of "sideloading" in the context of software...



Demonising those who exercise control over a device they bought?

We then looked at what Toyota had begun doing, published Part I about the issue, and then -- several days later -- expanded in Part II and in last night's Part III. We've meanwhile, in parallel, studied just what amount of computing had crept into today's cars (gradually over the years). The data isn't entirely secret, but there are not many publications about it; more importantly, there seems to be no public debate about software freedom in that context. We wish to change that.

"The data isn't entirely secret, but there are not many publications about it; more importantly, there seems to be no public debate about software freedom in that context."Last week we wrote that in today's cars there's "not just a computer onboard but several"; a person contacted us to say "not just a computer onboard but many"...

OK, but just how many exactly? Obviously that depends on the car, but there are many overlaps across models and brands.

I am not clueless about today's cars; I did drive in the past and a decade ago I went to a car agency (that was the last time). Even in 2011 things were already starting to look grim. It was a Toyota agency.

"Most car fanatics I know consider the car a single system and ignore the many microcontrollers," an associate noted a week ago. "I have the feeling that on top of that most of the information is proprietary..."

Certainly, in my experience, the media does not inform people about the situation; I only realised how big an issue it was when supply chain woes caused price spikes and critical shortages; it was getting too hard to get all the bits to assemble new cars [1, 2].

So we decided to study a number authoritative pages about the number of processors and the nature of the tasks they perform. I already knew about the "micro" (processors) ones, which aren't exactly new and are installed at the ends/edges, but was not sure how they qualify with respect to "computer" (the components and their complexity may vary in definition).

As our associate put it, "there are many microcontrollers, I guess based on activities, and at least two full computers." There are publications[PDF] and full articles about it (not necessarily new). As our associate explained, "another site, with a comment going to a dead MIT link, suggests 50 to 70 "Electronic Control Units" in cars as of ten years ago."

That's the last time I went to a car agency. It has certainly increased a lot since then.

"That's even older" than this ("More Auto Computers Means More Complicated, Costly and Longer Repairs" according to this article from 2016), the associated noted, quoting various bits. This page says "high-end cars have as many as 100, and they’re accompanied by 60 to 100 different electronic sensors..."

And these parts are controlled by computers: "Engine control, Exhaust control, Heating/cooling, Fuel pump, Water pump, Transmission, Power steering, Brakes, Traction control, Airbags, Collison warning, Parking assist, Backup monitoring, Door and trunk locks, Power windows, Climate control, Power seats, Wipers, Charging system, Interior lighting, Brake lights, turn signals, Headlamps/daytime running lamps, Navigation, Car audio, and GPS..."

And "add side- and rear-view mirrors to that long list above," our associate noted.

"There are security/safety implications, as we covered earlier this year (in summer)..."Remember that these are all proprietary, some go decades back, but now they get connected to the Internet and more (e.g. Bluetooth connectivity with another device, which may be compromised). So some are connected less directly to the Net, e.g. their local (car) mother ship, which is in turn controlled by a bigger mother ship (vendor/government/cracker).

There are security/safety implications, as we covered earlier this year (in summer), and articles like "How a Hacker Could Hijack Your Car While You Drive" (Tom's Guide) that deal with the main question.

"It's largely ignored because, as mentioned, car fans see the vehicle as a physical object still when in reality most of it is software," our associate said. "Yes, all proprietary and restricted so as to lock out independent repair shops and mechanics. There was a lot of attention to this about 10 years ago in the various security conferences. Then a burst of information as some of the embargoes were lifted. I presume the quietness on that front means that more of the researchers are under NDAs again. Shmoocon, DefCon, and BlackHat usually have automative tracks."

We hope the conversation will be resumed and extended to the Free software world. We need to do more to highlight the dangers and tackle the problem.

"General-purpose computing is niche nowadays," our associate said, "and that niche has been shrinjing. The multinationals also appear to be aiming to eliminate it eventually. UEFI, TPM, DRM etc..."

"We hope the conversation will be resumed and extended to the Free software world. We need to do more to highlight the dangers and tackle the problem."Well, almost nobody covers these issues, so it's a vacuum we can fill in the coming weeks/months. We invite groups like the FSF (even SFC and OSI) to do the same.

More than a decade ago we still saw people saying that software was eating the world (citing famous old words), but nowadays people talk about "apps" and "clown computing" and all sorts of other nonsense. Not too long ago an article entitled "How Software Is Eating the Car" was published in IEEE Spectrum. To quote: "Predictions of lost global vehicle production caused by the ongoing semiconductor shortage continue to rise. In January, analysts forecast that 1.5 million fewer vehicles would be produced as a result of the shortage; by April that number had steadily climbed to more than 2.7 million units, and by May, to more than 4.1 million units. The semiconductor shortage has underscored not only the fragility of the automotive supply chain, but placed an intense spotlight on the auto industry’s reliance on the dozens of concealed computers embedded throughout vehicles today."

Get ready for some numbers that are more recent: "The company further predicts that each new car today has about $600 worth of semiconductors packed into it, consisting of up to 3,000 chips of all types."

"The IEEE article above speaks of "7,000 external signals", "120 ECUs" and so on. They say "Electronic Control Unit" (as euphemism for a computer)."Up to 3,000.

As our associated noted, "security has to be part of the design process, but it hasn't been, thus we end up with not just CAN but with everything integrated with it."

The IEEE article above speaks of "7,000 external signals", "120 ECUs" and so on. They say "Electronic Control Unit" (as euphemism for a computer).

In the next part we'll continue this discussion. One growing concern is, the lobbyists of car-making giants are trying to pass new laws mandating all sorts of things which eventually take "old" or "dumb" cars off the road (even if some manufacturers produce new alternatives that opt out of this whole mess).

Recent Techrights' Posts

Brett Wilson LLP is Downsizing, Apparently Closing Down the Oversized and Overpriced Office
Address changed 13 hours ago
The United States Lost Freedom of Speech
independence refers to a condition, not an activity
 
July 8 as "D-Day" for Microsoft, Mass Layoffs Planned
Microsoft's grip on the market has slipped for a long time
GNU/Linux Leaps to 6% in Thailand
Can we expect 10% by year's end?
SLAPP Censorship - Part 128 Out of 200: Making Laws Work for Britain, Not Oversensitive Americans Looking for 'Revenge' by Lawfare
The SLAPPs are intended to protect corporations (employers like Microsoft)
EC Looking for Input on Digital Networks Act Until Next Month
New initiative
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 04, 2026
IRC logs for Saturday, July 04, 2026
Gemini Links 05/07/2026: Ragebaited and Removing Lines in Emacs
Links for the day
Links 05/07/2026: "Tesla Slams Into Crowded Cafe" and "ChatGPT [Turned] Into a Sociopath"
Links for the day
BRICS and Windows: All-Time Lows
Expect many more Microsoft layoffs in years to come
Do No Evil, Do Not DDoS
Sites that attract DDoS attacks because of their message are sites that are difficult to debunk or debate
France is Winning the Race Against Windows
France instructs, then orders, government agencies to adopt GNU/Linux
Not 2.5% and Not 2.5 Billion Dollars for "Hey Hi"; 2 Waves of Microsoft Layoffs Rumoured This Month, July 8th, Then July 22nd (Just Before 'Results')
People there join unions, knowing they will be terminated silently or otherwise
Microsoft Double Trouble With Slop
What does Microsoft even sell at this point?
Based on US Government Sites, GNU/Linux Has Reached About 8% "Market Share" in Desktops/Laptops
Culled to exclude mobile platforms, GNU/Linux would likely be above 8%
TheLayoff.com is Deleting Comments About IBM Offshoring
Meanwhile, rage-baiting Internet trolls and sometimes trolls who paste in LLM slop are immune from censorship
American Independence Needs Independent Media
The American regime's hostility towards media is an international problem
Techrights Was Always a Community Platform
Techrights is about whistleblowers
Phenomenal Growth for GNU/Linux in Afghanistan
This is impressive because for many years it was registered at near 0%
Daniel Pocock Pursuing Complaint in the United States Against Software in the Public Interest (SPI) et al
It seems like the only people who don't support him are those whom he criticises
Gemini Links 04/07/2026: Busy Squirrel, Independence Day Celebrations, PalmOS Programming
Links for the day
Canonical/Ubuntu is Breaking CP (cp) to Help Microsoft Turn Coreutils Into Proprietary Software for Windows
What we could do reliably in the 1970s (before GNU) we cannot do in 2026?
Free Software Has No Kings or CEOs
The kingdom is a cross-border phenomenon, so national flags and other such symbolism overlook the core problem [...] Free Software can help lead us out of the current imbalances
IBM Replacing the People Who Built IBM With Cheaper and Younger Staff, According to IBM Insiders
This is a very common sentiment in IBM
For USA 250 Microsoft is Messing With Our Minds (2.50%) to Distract From Mass Layoffs
The slopfarms contribute to this noise
"Defective by Design" Turns 20
DBD is still as relevant as ever (probably more relevant than ever before)
A Bicycle for the Feeble Mind, or How Computers Got Worse for Productivity (Intentionally)
Many of us still adopt and champion the "workstation" mentality
Links 04/07/2026: Microsoft Tax Haven (Evasion) Tactics, Tobacco Bans, and More
Links for the day
Links 04/07/2026: 2026 Old Computer Challenge and Trying Gopher
Links for the day
SLAPP Censorship - Part 127 Out of 200: Lawsuits by Americans Filed in the UK a Burden on British Taxpayers, No Way to Recover the Funds When Americans Lose Their Cases
Are Garrett and Graveley 'pulling a 4Chan'?
Links 04/07/2026: USMCA (Covering Software Patents) Might Not be Renewed, Slop Bros Try to Pay Weird Al to Endorse Their Scheme
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 03, 2026
IRC logs for Friday, July 03, 2026
Gemini Links 03/07/2026: Mindfulness Practice and "Slop Is Killing the Human Spirit"
Links for the day
Links 03/07/2026: Openwashing of Slop in "Linux" Clothing and "Happy Birthday, America"
Links for the day
John Been (reallinuxuser.com) May Have Crossed Over to the 'Dark Side' of LLM Slop
It 'smells' like it, a scanner seems to concur
Who or What is "Nadeko"?
Fijxu's services make life a lot easier for Free software sticklers
10 Years Since the World Lost Ian Murdock
My wife and I still use Debian, as does this site
No, Microsoft is Not Laying Off 5,000-6,000 But a Lot More
There are "buyouts", "PIPs" (silence layoffs), pink slips, and future waves, not counting subsidiaries and contractors
The Cyber Show's Andy and Helen Confronting 'Upgrades'
the latest from Andy and Helen
statCounter Sees Almost 1 in 10 Desktops or Laptops in Egypt as GNU/Linux Workstations
10% "market share" (for GNU/Linux) was nearly attained last month
The March of GNU/Linux in the Russian Ally, Belarus
record high for GNU/Linux in Belarus
Being Prevented From Accessing One's Own System Means Getting Locked Out, Not Security
a metaphor
Technology is Getting Objectively Worse and Less Reliable
Something went horribly wrong
FOSS Force 2026 Independence Drive Lacks Independence From GAFAM's 'Linux' Foundation
We're not trying to 'bash' FOSS Force
News That Matters, News That's Exclusive, and News LLM Slop Will Never Get Right
Churning out blog posts just for quantity's sake was never our goal
3/4 (Three-Quarter) of Requests Seen by statCounter (Originating From Desktops/Laptops) Deemed to be "Linux" in San Marino
74% Linux, it says...
The Linux Foundation Does Not Work for Linux, Definitely Not for Free Software
works for its biggest sponsors, i.e. companies like Microsoft, IBM, and others
Independence and Software Freedom
Much work remains to be done
The European Patent Office's (EPO) Crisis Week Ends Today, the Rest of the Year Will be EPO Staff on Strike
The outcome of the two-day meeting won't change the fact that EPO staff is on strike for the whole year
European Patent Office (EPO) Series: Operation Monte Titano: Micro-State Diplomacy
On 28th May 2026 EPO President António Campinos paid a visit to the Most Serene Republic of San Marino where he was received with full diplomatic honours
Links 03/07/2026: Slop "Isn’t Replacing Lawyers", "App Fatigue"
Links for the day
Statement on This Week's DDoS Attacks
DDoS attacks are not a "badge of honour". They are a nuisance.
Skinnerboxes as Health Problems and Impediments (Against Happiness)
skinnerboxes are a form of addiction
Costa Ricans' Adoption of GNU/Linux Reaches New Highs
Windows is doing poorly in general
British Women Don't Want to Work for American Men Who Attack American Women
"[g]reeting clients and preparing beverages"
Mass Layoff Event on June 30 at Red Hat? Let Us Know...
We are looking for more Red Hat whistleblowers
Gaming on Windows is in Trouble, XBox is Practically Dead Already
It seems increasingly clear that Microsoft wants to get rid of XBox
New Record for GNU/Linux in the World's Largest Muslim-Majority Population (287,983,025)
Will Indonesians leave GAFAM behind?
SLAPP Censorship - Part 126 Out of 200: Becoming More Aggressive Against Us Only Proves Us Right
the police involved
IBM Red Hat Kicks Out the Community, Promotes Slop
It has gotten so bad
The Register MS Covers "AI" Because It Gets Paid to
A lot of noise "in the news" about "AI" is paid-for trash
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 02, 2026
IRC logs for Thursday, July 02, 2026
Gemini Links 02/07/2026: OpenBGPD, Newt and OpenBSD, Indieweb Theme for Ghost
Links for the day