The SDV era has arrived, and trust will decide who wins

For much of the past decade, software-defined vehicles (SDVs) have been considered an aspirational ‘end goal’ for the automotive industry, a future where vehicles behave as unified, software-orchestrated platforms, capable of continuous improvement and new revenue generation long after leaving the showroom. This future is now becoming a reality. While the industry hasn’t yet reached full SDV maturity, the commercial environment has already changed. SDVs are influencing how cars are designed, updated, sold and monetised today. What remains undecided isn’t whether SDVs will be a success, but which manufacturers will realise their full potential. Increasingly, the differentiator isn’t speed of innovation, but security and consumer trust.

From static products to evolving platforms

Over-the-air (OTA) software updates have fundamentally altered the relationship between OEMs and their vehicles. Software is no longer frozen at the point of sale; features can be updated, patched, enabled or monetised throughout a vehicle’s lifecycle, extending commercial relevance and customer engagement well beyond initial delivery. Most OEMs can now update individual vehicle domains such as infotainment, connectivity modules and selected control systems, and this capability has already altered how OEMs think about the vehicle lifecycle. Revenue models increasingly extend beyond the showroom, customer relationships become ongoing and vehicles remain commercially active over the whole vehicle lifetime.

The next phase is already underway. The industry is moving from isolated, domain-level updates towards whole-vehicle orchestration. Fully realised SDVs leverage zonal E/E architectures and centralised computing to manage vehicle behaviour by policy rather than component. A single software update can recalibrate braking behaviour, adjust suspension characteristics, modify ADAS performance and enable new features simultaneously. OEMs are at different stages of implementation, but the impact is already clear to see in investment decisions, operating models and commercial priorities.

When software risk becomes physical risk

As intelligence moves from the cloud into the vehicle itself, the security challenge changes, too. Vehicles can no longer be viewed as isolated systems—they are sophisticated computing platforms, processing sensitive data and supporting revenue-generating services in safety-critical environments. This dramatically expands the number of potential attack surfaces. Security is no longer just about encrypting communications or protecting update mechanisms. OEMs must now consider secure identity management, payments, data storage, intrusion detection, system isolation and continuous monitoring, all within vehicles that must remain safe under all conditions.

In a fully software-orchestrated vehicle, a compromised update mechanism doesn’t simply expose infotainment systems. It has the potential to cascade across multiple domains such as steering, braking and driver assistance systems. A cyber security breach may ultimately have direct physical safety consequences. This collapse of the boundary between software and safety/physical risk fundamentally changes the stakes. OTA updates are no longer simply a convenience. They can change how a vehicle behaves across an entire fleet, making robust security essential.

Meeting this challenge requires security to be designed in from the earliest stages of vehicle development. Trusted execution environments, hardware security, system isolation and secure update mechanisms are now essential components of the vehicle platform. These mechanisms can’t be retrofitted easily, which means the security architecture must be designed alongside vehicle architecture from the outset. As SDVs mature, the ability to securely deploy new trusted applications over time becomes just as important as protecting what’s already in place.

Regulatory deadlines are approaching, and core type approve requirements are becoming mandatory but, while essential, compliance alone does little to differentiate manufacturers. The OEMs that lead will be the ones that build security into the hardware, apply the same discipline to OTA updates as they do to physical recalls and prioritise update quality over update frequency.

Autonomy, adaptation and human trust

At the same time, software is playing a growing role in how vehicles behave. Advances in sensing, autonomy and in-cabin monitoring mean vehicles are increasingly able to understand both their surroundings and the driver’s state, including attention and readiness to take control. Managing the handover between human and machine safely is one of the biggest challenges of the SDV era and requires confidence in not only the technology itself, but also how people interact with it.

For more than a century, driver control has been central to the automotive model, but SDVs are beginning to shift that balance. While industry data shows that software-driven systems can outperform humans in predictable environments, public perception hasn’t caught up yet. Negative incidents dominate headlines, while successful safety outcomes often go unnoticed.

Trust, therefore, isn’t just important from a technical standpoint; it’s psychological, too. Consumers need transparency, consistency and a clear understanding of how and why systems behave as they do. Behavioural change takes time. Bluetooth adoption took years because people needed to adjust, not because the technology was lacking. SDVs call for an even greater change.

As vehicles become more centrally orchestrated, control and accountability become more complex, particularly around decisions on when software updates are applied. Responsibility can’t sit with a single stakeholder. A shared approach is needed, with clear policies, robust security and a role for drivers in deciding when updates are applied. Clear governance of OTA updates will be essential to maintaining consumer confidence. Recalls increasingly involve software changes applied at scale, making the way they are managed important for building trust.

Commercial survival in the SDV era

The economic reality is that not all OEMs will navigate this transition successfully. Delays to high-profile programmes, such as the delayed launch of the Volvo EX90 due to complex software integration issues with its standard Luminar Technologies LiDAR system, highlight the challenges that can arise when software ambition moves faster than security capability and organisational readiness.

As systems grow more complex, closer collaboration is needed across the supply chain. As seen in the smartphone industry, differentiation is likely to sit above shared, secure software foundations rather than within them. This approach allows manufacturers to focus more clearly on the customer experience, digital services and emerging SDV-as-a-service models, while maintaining the security and consistency required to operate at scale.

For OEMs betting on software-driven revenue streams, trust will be key to commercial success. Consumers who don’t trust an OEM to deliver secure, reliable software won’t pay for connected services, regardless of how advanced they might seem. SDVs are already here. The next phase of competition won’t be decided by who moves fastest, but by who builds platforms—and relationships—that people trust. Moving forwards, technical capability alone won’t be enough. Manufacturers that succeed will be those that pair innovation with strong security and lasting consumer trust.

Claire Maslen is SVP of commercial & operations at Trustonic