17 minute read
CONNECTED CAR
WILL HACKERS GAIN ACCESS TO DRIVERS’ DATA VIA EVS?
Advertisement
Cybersecurity is one of the most sought after solutions as the digital landscape increases the cyber-attack surface – and electric cars are no exception
You wouldn’t just hand someone unrestricted access to your mobile phone, would you? Nor would you be willing to hand over your keys to a stranger who plans on taking them from you.
The electric vehicle (EV) threat landscape is now mimicking that of any other technology device, thanks to their inclusion in the digital ecosystem. While this is not necessarily a problem that is unique to EVs, it seems that more electric cars are implementing technology solutions and allowing drivers to connect with more than just their phones, opening up the attack vector landscape.
Nevertheless, with the dawn of smart EV charging, hackers are on the lookout for easy ways to steal as more drivers entrust their cars to pay for electricity—a feature unique to EVs.
The use of fintech apps has provided consumers with unforeseen levels of convenience and, as EVs enter into the digital ecosystem, they too hold the power to leverage these apps. Like any other devices these days, hackers are able to connect with cars from a distance and don’t have to race to catch their target in a Fastand-Furious-like fashion (there are also no predator drones involved in the making of a suitable car-hacking environment).
EVS CAN BE TARGETED FOR FINANCIAL INFORMATION
Although it would seem that EVs are just as good a target as mobile phones or laptops, they are unlikely to pique the interest of those after a quick cash job.
“Hackers looking for a quick cash pay-out don’t tend to target vehicles, unless they plan to steal the car itself, as it doesn’t normally give them access to personal financial data,” says Andy Barratt, UK Managing Director of Cyber Security Consultancy, Coalfire.
One of the key words within this comment from Barratt is ‘data’. Now gold dust for most organisations, data is critical for hackers in getting what they want, whether that’s a much larger pay-out or tormenting an individual for monetary bail.
“However, wider integration of fintech applications into EVs could present cybercriminals with the cash-grab opportunities they’re on the hunt for”, which would explain the importance of financial security in the development of EV solutions.
COALFIRE PROVIDES CYBERSECURITY FOR THE WORLD’S INNOVATORS
The company supports the top five cloud service providers, eight of the top software-asa-service (Saas) providers, and three of the top financial, healthcare and retail organisations.
Coalfire is committed to cybersecurity for world-leading businesses and uses cuttingedge technologies to do so. Its core services span compliance, cloud security, application security, vulnerability management, as well as strategy, privacy, and risk. Barratt says: “Authentication mustn’t interrupt the driver for safety reasons, and the temptation will be to simplify these processes, unwittingly making them easier to breach.”
SECURING FINANCIAL DATA WITHIN EVS
Now, this isn’t to scare anyone intending to connect payments to their vehicles, but to ensure that the correct methods are in place to secure data that is used for EV-related services.
On the company’s side, data should only be used where it is necessary while limiting the amount of data stored. Encryption of data, two-factor authentication, and antimalware protection tools can be leveraged to enhance the security of data.
“The main security concern for an EV will be preventing access to billing systems for battery charging,” says Barratt. Fintech apps offer huge potential to streamline these processes, improve in-car experience and pave the way for innovations like ‘buy now, pay later’ and loyalty schemes,” says Barratt.
“But carmakers need to recognise that, if poorly protected, these systems could offer hackers an access route to the driver’s finances.”
The extra challenge to overcome with EVs— alongside similar problems with fintech applications—is the ability to secure carfriendly interfaces, which, if simplified, could make them more prone to cyber disruption.
Although these may seem like standard procedures when dealing with mobile phones and contactless payments, it’s important to emphasise the similarities between them, while also recognising that cars must follow suit if they want to utilise the benefits of digital.
Security is also a consideration for those using other means of transport, such as ridesharing and rentals. The industry is rapidly extending its use of fintech for various means: Uber, for example, collaborates with a fintech provider that offers consumers the opportunity to obtain an EV through the pay-to-rent model. Fintech apps are also leveraging capabilities beyond their remit to provide customers with comprehensive services. An example of this is the ability to find a suitable charging station, pay for charging at the plug, and make use of other automotive services.
According to PwC’s report, ‘Cyber readiness: are auto companies prepared to counter the risk of an attack?’, every convenience comes at a cost. Automotive manufacturers must be more proactive in dealing with cyber risks before they inevitably arise, but many firms are currently only reactive to the changes in the EV landscape from an electrification standpoint.
ANDY BARRATT, UK MANAGING DIRECTOR OF CYBER SECURITY CONSULTANCY, COALFIRE Going forward, companies will seek out more vulnerabilities in their vehicle technology, as well as in their networks. As EVs become more connected than cars have ever been, they’ve effectively entered the digital-risk landscape, which is prone to activities affecting other technology providers.
Electrification is not just a necessary process, but one that will allow automakers to futureproof their solutions and make mobility safer, physically and digitally. The PwC report expects that cybersecurity must become part of the product design phase to ensure the best use in real-life applications.
SUSTAINABLE ELECTRIC VEHICLE ADVENTURE
DRIVEN BY PROCUREMENT
WRITTEN BY: TOM SWALLOW
PRODUCED BY:
MIKE SADR
Brad Hood, Director of Indirect Purchasing at Rivian, on the benefits of a ‘blank canvas’ and how the EV manufacturer implements sustainable procurement
Anyone harbouring a passion for adventure and sustainability will no doubt have heard of the company leading the market for electrified pickup trucks.
Not only does Rivian boast sustainability credentials across its entire business, it’s also a business built with the planet at the forefront of all its activities. Yet, while there are many exciting aspects to highlight, the critical element of Rivian’s story is the
“design and development of categorydefining electric vehicles”, in the words of the company’s Director of Indirect
Purchasing, Brad Hood.
We often see the company through the consumer lens. Thousands evangelise the clean, robust, unique style of the Rivian R1T and R1S—its pioneering EVs, the pinnacle of the environmentally and socially responsible business.
Founded in 2009, the Rivian story began with a vision for sustainable mobility. As an automotive enthusiast himself, the company’s founder, RJ Scaringe, saw that the two things he lived for—cars and nature— were not compatible in the long-term. This conclusion formed the very basis of the company, which holds an integral place in the electrification of automotive.
Procurement drives a sustainable electric vehicle adventure
BRAD HOOD DIRECTOR OF INDIRECT PURCHASING RIVIAN
“He created a product that was a more sustainable alternative to the fossil-fuelburning carried out by internal combustion engine vehicles. He really wanted to facilitate a transition to more neutral energy transportation, not only for our generation, but for our kids', kids’, kids,” says Hood.
“It's a multi-generational purpose that goes beyond any one of us, which is what drives the overall culture at Rivian: we're here for something bigger than ourselves.”
Of course, there’s more to Rivian vehicles than the fact they run on electric propulsion. The company prides itself on sustainable sourcing and leveraging a circular system, right from the design stage. Its batteries can be easily removed for either recycling or ‘second life’ applications. When it comes to the interiors, vegan leather and other animal-free materials are used, with mid-life repairability in mind.
Beyond the product itself, sourcing also involves the unique procurement of oceanharvested plastics for its dunnage containers and other packaging solutions. Such actions earned the company the 2022 Excellence and Reusable Packaging award from the Reusable Packaging Association.
“We use the most sustainable products we can and when we went public, 1% of the company went to the Rivian Forever Fund,” says Hood.
“We think about how to operate responsibly within the plant. When we began the conversion of the old Mitsubishi plant to the new Rivian plant, we used some of the old steel to make tables, a mezzanine—and we even repurposed old robots as a door holder for the conference room.
“We reused things, and maybe went above and beyond. Instead of scrapping it, instead of getting rid of those materials, we thought, ‘how can we repurpose that and reuse them?’.”
INDIRECT PROCUREMENT PROVIDES THE OPERATIONAL FOUNDATIONS
As a new entrant to the automotive industry in 2009, Rivian was built with sustainability in mind. And being a new business gave the company a competitive edge to not only grow, but advance the use of new technologies and lean processes.
Hood explains that when he joined the organisation in 2018, the procurement function was significantly smaller than it is today, but this has allowed the company to take an approach that is driven by technology.
“When I joined, there were 500, 600 employees. There were about three people within our department,” Hood says. “Now, the total company size is more than 20 times that.” “At the beginning, we had a shell of a manufacturing plant. 10,000+ Now, we're fully operational, building Number of employees three different vehicles with multiple 2009 different variations Year founded in Normal, Illinois.”
BRAD HOOD
TITLE: DIRECTOR OF INDIRECT PURCHASING INDUSTRY: OIL & ENERGY LOCATION: DETROIT, USA
Brad shifted careers from manufacturing and production planning to procurement after graduating from Western Michigan University with a major in Integrated Supply Chain Management. After spending most of his procurement career in consulting, he joined Rivian at the tail-end of their stealth mode in 2018 to help build their procurement department. Rivian has experienced tremendous growth since then, which includes the indirect procurement team that Brad leads. This has proved both Rivian and Brad the opportunity to grow the procurement organisation in the same manner as Rivian talks about designing the vehicles, from a blank sheet of paper.
EXECUTIVE BIO
PROVIDING RETURNABLE PACKAGING SOLUTIONS
Essex Weld Solutions is a global company servicing customers across North America.
Our focus is the development and global supply of custom and standard automotive racking products. Essex Weld Solutions is a “Full Service Manufacturer” of custom automotive containers from bins to racks. We offer Designs, Prototypes, and high-volume production. This ensures superior quality control, something our customers expect and deserve.
FULL SERVICE CUSTOM RACK MANUFACTURER
Essex Weld Solutions began with a handful of customers and a production plant in Essex, Ontario. From the start, people were our strength. We have selected a team with a focus on integrity and trust, which is the foundation that we have built our reputation on. Keeping our customers’ needs at the center of every decision is what has led us to strive for excellence in everything we do. These values have been instilled in all our team members ensuring we all work together towards these goals.
Twenty years later, we have expanded to multiple locations across three countries. Our Canadian plants include Leamington and Essex, Ontario. We also have American plants in Laurens, South Carolina and Warren, Michigan as well as one plant in Durango, Mexico. All locations boast on-site engineering and full production capabilities so that we can provide in-house concepting, designing, prototyping, and large-scale production allowing us to be a one stop shop for our customers’ projects.
Over one-hundred years of combined experience has taught us that investing in the latest manufacturing technology is necessary to provide top quality products. Our plate and tube lasers, break presses, robotic welders, and full powder coat system allow us to maintain high standards across all locations. Our manufacturing process is monitored from concept to delivery using our own ERP system, Edata+, with real time inventory levels, production status, and barcode tracking labels. This enables us to maintain inventory of common materials at all locations and efficiently control quality and delivery timing.
Our innovative approach to the everevolving world of manufacturing means we never stop improving the service we provide our customers. As manufacturing shifts to a greater integration of robotic production lines, we have developed a Metrology team that exclusively handles the precise quality control required for those projects. These continuous improvement efforts allow us to expand our capabilities so that we can better serve our existing customers, and reach out to new ones, as their needs change, especially as the shift to Electric Vehicles continues.
The story behind sustainability Rivian entered the automotive industry at an interesting period. The company was very much undergoing its formation when major carmakers first started thinking about EVs, which, at the time, were seen as a ‘nice-to-have’.
With a passion for automotive and a desire to protect nature in all its glory, Rivian’s CEO, RJ Scaringe, set about building his dream: a vehicle with no limits and an adventurous edge that would allow drivers to explore harmlessly, reinvigorating their love for the environment.
The company first piqued interest with its two EV models. The R1T, its pickup truck model, and the R1S, which leverages the same great technology in an SUV body. In 2022, the company reached a major milestone with the announcement of it supplying electric delivery vans to Amazon—the initial quantity being 10,000, with potential for the e-commerce giant to expand this to 100,000.
Rivian cultivating a business on what was seemingly a blank canvas meant that the company worked through many challenges in its indirect procurement function to ensure that it remained true to its roots.
The solutions adopted by the company were pivotal. They allowed the team to focus on more hands-on tasks, alleviating the need for human input in the day-to-day processes.
“We had the opportunity to build an organisation that is truly best-in-class, from the ground up. We don't have to change any old behaviours; we can create new ones, and in the right manner, too. Balancing the two of those meant knowing
what we needed to do daily versus what was required to build a foundation for the future.
“This was the biggest challenge, balancing the short-term and long-term needs. There are so many day-to-day requirements, but we must be able to balance the day-to-day work, while building the foundation of the organisation we desire to build.”
Another major challenge that wreaked havoc on all supply chains—and inevitably affected Rivian—was the COVID-19 pandemic, which meant navigating a remote-working environment while scaling and taking on new team members across the globe.
BRAD HOOD DIRECTOR OF INDIRECT PURCHASING RIVIAN
These trying times meant the company had to adapt to onboarding and training the team online, without knowing when new starters would come into contact with their colleagues.
As a result of these challenges, the company adopted ‘category cards’ to create ease in the purchasing process. This is just one of the ways in which the company streamlines the onboarding process, automating indirect procurement processes to allow a smaller team to manage more purchases.
BRAD HOOD DIRECTOR OF INDIRECT PURCHASING RIVIAN we can leverage these templates. “Automatically, a quantitative proposal comes in and we can analyse that based on our previous price paid, other proposals, market intelligence,” says Hood.
“When you log in, you see the category, “We can look at that pretty quickly and you select that category, and it gives you find any outliers, identify where the best a brief description to tell you if you can quantitative values are and work with buy it from a catalogue—so we can drive our stakeholders as we incorporate the more spend to a catalogue—or it gives you qualitative aspects. These tools really allow a direction to reach out to a purchasing us to work faster.” manager or supplier,” Hood explains. While businesses would often apply
“That way, we can touch more spend the term ‘digital transformation’ to their with a smaller team, increasing the operations, it seems Rivian is beyond this, addressability of the spend and continuing ensuring that technology is embedded into to educate the rest of the organisation all processes from the earliest possible stage to drive spend to our preferred buying as part of its strategic approach to growth. channels.”
Further sourcing platforms used by the company provide further standardisation of indirect procurement processes. This includes supplier negotiation preparation, which can largely be templated—as Hood explains.
“If we are working on an e-sourcing event or an auction,
A Tour of the Rivian Plant | Go behind the scenes with founder RJ Scaringe
“It can standardise things and reduce errors but, for us, it allows us to actually promote and enrich the daily operations of those working in data-entry roles. They've now gone into more category management roles and supporting student sourcing, as well as those roles where we can marry technology and experience,” Hood explains.
LEVERAGING PARTNERSHIPS TO INTEGRATE MORE TECHNOLOGY
As the company looks to ramp up the production of EVs, technology will become an integral component in allowing the organisation to scale its operations and meet demand.
The company will continue to add value to its services sustainably, with
BRAD HOOD DIRECTOR OF INDIRECT PURCHASING RIVIAN
sourcing playing an integral role in reducing emissions down the supply chain. As the company expands its own charging network, technology will allow personnel more time to explore renewable energy sourcing, making sure that Rivian customers are charging up with clean energy.
Meeting its strategy for success hinges on its use of data in the procurement functions to standardise processes and focus on saving costs, time, and limiting negative climate impact—with the overarching aim of eliminating it. As such, the procurement team will look at supplier spend and consider whether its dollars are going towards the desired suppliers.
While much of the technology adoption and integration is carried out in-house, Hood explains that technology partners will be leveraged by Rivian to meet demands unique to its processes.
Hood says: “We understand what we want to do in theory—on a whiteboard—but how do we integrate that into the actual software that’s more commonplace?”
In trying to answer this question, the company has been able to push technologies to their absolute limits, which is a benefit to Rivian, but also the partner that supplies that solution—making Rivian a testbed ripe for procurement solutions.
