Bernd Niedermeier, head of automotive market development at Tuxera, discusses why embedded storage is the next critical layer in vehicle cybersecurity
As vehicles become more defined by code and software, the nature of their vulnerabilities is changing. While perimeter security protecting external interfaces, network communications and over-the-air updates have seen significant progress, embedded storage remains a less scrutinized yet highly exposed attack surface.
SDVs process and retain massive volumes of sensitive data from event logs, AI models, vehicle identities, credentials and firmware. This data is typically stored on flash memory within embedded systems, and often its security slips through the cracks. Embedded data is a rising source of risk, particularly when data management is left to legacy file systems that are not designed for these next-generation vehicles.
A new role for flash memory
Historically, automotive storage was used for logging or basic configuration. Today, storage systems are expected to withstand high-frequency data logging, real-time analytics and frequent write/erase cycles often under constrained power and thermal conditions.
Without a robust design, storage becomes vulnerable to security threats. A sudden power loss during a write operation can corrupt entire datasets or firmware. In addition, flash wear or incomplete writes can lead to system instability and contribute to safety risks, which in turn lead to costly in-field interventions.
Insecure storage paths open doors for cyberattackers to tamper with update packages or extract valuable system data. Interestingly, even compliance-grade data encryption alone is not sufficient; it must be paired with integrity verification, secure boot/signed updates and secure key handling.
The importance of embedded resilience
To counter these risks, automotive engineers need to adopt a new standard for embedded storage that treats reliability and data integrity as central design parameters. Storage architecture must be built from the ground up with resilience at the core to ensure it is capable of handling the operational requirements of automotive environments.
Equally critical is the ability to ensure atomic write operations. In an embedded context, even a single failed write can leave a log incomplete or a configuration file partially updated, leading to inconsistencies that undermine system behavior. Ensuring that every operation either completes fully or not at all is essential to maintaining coherence.
Security must also be native to the file system. Cryptographic safeguards, including encryption for embedded data and secure key handling, help prevent unauthorized access, even in the event of physical tampering or side-channel attacks. While standards such as UN R155 and ISO/SAE 21434 do not mandate specific technical controls, these measures are increasingly expected by OEM security, audit and assurance programs as part of demonstrating effective risk management. This also includes secure erase capabilities. Simply deleting data does not guarantee it is unrecoverable from flash memory. If not properly managed, residual data may remain accessible to attackers, introducing vulnerabilities that persist beyond expected lifecycles.
Finally, any storage solution intended for mission-critical automotive applications must support functional safety requirements, such as those defined by ISO 26262. From a safety perspective, this means demonstrating predictable behavior under fault conditions, including power loss, memory corruption or unexpected system resets, and ensuring the system can transition to or maintain a safe state.
Importantly, these are not theoretical considerations. Testing in automotive-grade environments has shown that purpose-built file systems can maintain 100% data integrity after more than 15,000 hard shutdowns. Such results provide concrete evidence that storage software can contribute to system robustness in environments where reliability and determinism are mandatory.
While compliance with functional safety standards does not in itself address cybersecurity threats, safety and security cannot be treated as independent concerns in modern vehicles. A system that is resilient to faults but vulnerable to malicious manipulation is not ultimately safe. Secure systems must also behave predictably under failure conditions. As vehicles become increasingly software-defined, achieving both safety and security requires coordinated design across storage, software and system architecture.
Ensuring compliance
New regulatory frameworks such as ISO/SAE 21434, the NHTSA Cybersecurity Best Practices for Modern Vehicles and UN R155 are forcing a deeper rethink of in-vehicle system design. Rather than prescribing specific technical measures such as encryption, these frameworks require manufacturers to demonstrate that systems are secure by design, with traceability, risk management and evidence of integrity maintained throughout the vehicle’s lifecycle. The responsibility for how security is achieved and how it is proven remains with the system designer.
Even when open-source implementations are commercially supported, in many cases, the engineers responsible for integrating or modifying the code do not have deep expertise in embedded storage or file systems. This means that achieving a secure and efficient implementation that holds up under regulatory scrutiny or long-term performance demands, particularly in safety-critical environments, becomes challenging.
Engineers must now validate not just how the system performs, but how it fails and whether it fails safely. This has direct implications for the selection of storage technologies and file systems.
Why embedded storage is a strategic decision
The case for modernizing embedded storage goes beyond risk reduction. It’s also a driver for cost control, performance consistency and long-term product differentiation.
For instance, avoiding flash overprovisioning through better write management can drive significant cost reductions for manufacturers. When scaled across high-volume platforms, this can translate into lifecycle savings in the millions. Factor in reduced maintenance, extended warranties and higher reliability metrics and the ROI becomes even more compelling.
Moreover, embedded storage resilience supports more agile development. Secure file systems with predictable behavior enable faster testing, smoother OTA deployment and better root cause analysis when faults do occur. These are critical advantages, especially in an industry where time-to-market and regulatory agility matter.
Validating storage
Given these stakes, embedded storage must be fully integrated into the testing pipeline. This means validating storage performance across temperature extremes, power cycling and high-write workloads. It also means simulating fault conditions, including mid-write power loss, unexpected resets or firmware anomalies and observing recovery behavior.
Storage systems that pass compliance tests in isolation may still introduce fragility in multi-component environments. Engineers must test for system-level interactions and confirm that the storage layer does not become the weakest link in real-world conditions.
Securing the future of SDVs
As the cybersecurity landscape shifts from connectivity to persistence, the importance of secure, resilient data storage grows. The data that remains in the vehicle after the engine shuts off, for instance, logs, credentials and system images, can either support safe operations or become a target for exploitation.
For the automotive engineering community, this is a call to action. Embedded storage must be validated, reinforced and architected for long-term resilience. Not only because regulators demand it, but also because future vehicle safety, reliability and performance depend on it.
