How Code Is Powering the Cars of Tomorrow

Historically, a car's worth was defined by its powertrain and physical body, but today, value is dictated by the software that powers it. Reports indicate that by 2026, software will comprise 50% of a vehicle's total value, and revenues from software-driven mobility services are projected to double by 2035.

This shift is driven by the rise of Software-Defined Vehicles (SDVs), which offer levels of personalization, convenience, and intelligence impossible to achieve through hardware alone. 

Software as a primary source of long-term value creation in modern vehicles

Modern infotainment systems serve as central digital hubs, supporting personalized user experiences, media, connected services and app ecosystem. By leverage cloud AI to these digital hubs, they can learn user routines and suggest destinations based on behaviour, such as your preferred food locations, restaurants, and regular stops.

Advanced AI algorithms learn driver preferences to automatically adjust HVAC (climate control), seating, lighting, and music playlists. Automakers are increasingly offering vehicle capabilities through digital subscriptions or one-time purchases. Drivers can activate features such as advanced driver assistance, heated seats, performance boosts, or enhanced navigation services through software updates without needing hardware changes. This allows manufacturers to generate recurring revenue while giving customers flexibility to enable features only when needed.

Beyond comfort and convenience, advanced AI and software are the foundation of modern vehicle safety. Advanced Driver Assistance Systems (ADAS) heavily rely on sophisticated software algorithms that combine inputs from cameras, radar, LiDAR, and ultrasonic sensors. Through sensor fusion, the vehicle processes and interprets multiple data streams simultaneously to support safe decision-making.

These systems generate real-time environmental models that enable safety functions such as automatic emergency braking, lane-keeping assistance, obstacle detection, and blind-spot monitoring.

Ultimately, software creates long-term value because it decouples functionality from static hardware. Through Over-The-Air (OTA) updates, automakers can continually upgrade a vehicle's AI models, enhance sensor fusion capabilities, HVAC performance, and update infotainment features even after the vehicle is sold.

Role of cloud-native infrastructure and OTA capabilities in reshaping automotive product lifecycles

Traditional automotive product development typically followed a fixed multi-year hardware lifecycle. Today, cloud-native infrastructure and OTA capabilities are enabling a shift towards continuous integration and deployment (CI/CD) model. This transforms vehicles into platforms that can receive new features and capabilities long after they leave the factory floor.

Traditionally, software teams had to wait for physical prototypes before testing could begin. Today, cloud-native infrastructure breaks this bottleneck through the virtualization of vehicle hardware and software components, including the use of lightweight virtual electronic control units (vECUs). These virtual development environments, supported by high-performance computing, allow engineers to perform Software-in-the-Loop (SiL) and Hardware-in-the-Loop (HiL) testing earlier in the development cycle, accelerating design and validation processes for vehicles that do not even physically exist. 

Manufacturers are establishing cloud-based data meshes capable of processing exabytes of telemetry from connected fleets. This single-point-of-truth democratizes data access across engineering, manufacturing, supply chain, and sales, allowing massive data-driven experimentation and behavioural analysis.

Linux-based containers (Red Hat OpenShift/Podman) allow software applications to be completely decoupled from the underlying vehicle hardware. Thus, engineers can rapidly develop and deploy lightweight updates to the vehicle's edge gateway without needing direct access to the target hardware

The continuous, wireless evolution fundamentally alters automotive economics and recall management. In traditional recall scenarios, software defects often required dealership visits for updates, increasing cost. With OTA capabilities, manufacturers can remotely push fixes directly to the affected ECUs.

Critical role of agile software engineering and CI/CD in accelerating automotive innovation

The shift toward SDV requires automakers to adopt agile, platform-based approaches driven by CI/CD. Traditional vehicle development relied on sequential hardware-driven processes where software integration occurred late in the development cycle, leading to delays and integration challenges. CI/CD changed this dynamic by automating software delivery, adopting a “software-first" approach that operates on a continuous platform lifecycle rather than a static, multi-year program lifecycle.

Automotive software involves vast complexity across multiple interconnected subsystems, from infotainment to powertrain control, where manual dependency management often leads to integration delays. CI/CD solves this by automatically integrating, building and testing every code change. Using cloud-based virtual engineering workbenches, engineers can build, simulate, validate software as well as facilitate SiL and HiL validation, performance testing, and integration testing long before the physical vehicle is assembled.

A unique challenge in automotive agile development is the need to maintain strict public safety and regulatory compliance while accelerating delivery. Integrating safety activities directly into DevOps workflows has led to the concept of “DevSafeOps”. CI/CD platforms are utilized to automatically enforce vital compliance standards during development, such as:

• ISO 26262 and ASPICE: Automated compliance checks ensure that code changes remain aligned with the international safety and development standards.
• Security Scanning: Automated Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) scans are embedded directly into the pipeline to detect cybersecurity vulnerabilities early in the development cycle.

Modern vehicles contain many complex ECUs that must be updated without latency. CI/CD provides the orchestration required to safely deploy updates across the vehicle architecture. It enables phased rollouts to test vehicles and coordinated updates to manufacturing systems. If OTA update or manufacturing system deployment encounters an error, CI/CD pipeline ensures automated rollbacks that revert the system to a safe state, minimizing risk and financial impact

Reimagining R&D and innovation pipelines for next-generation mobility

R&D must move away from static "program" lifecycles to continuous "platform" lifecycles. This technological shift requires a cultural transformation. Traditional, multi-layered bureaucratic matrices must become leaner and flatter to empower engineers and speed up decision-making. In fact, many automotive organizations acknowledge that a software-driven strategy demands a complete overhaul of their organizational models, processes, and skill sets.

Internally, R&D must utilize cloud-based data meshes which enable seamless collaboration between engineering, manufacturing, and sales through shared telemetry and analytics. Externally, automakers are forming alliances with hyperscalers, semiconductor companies, and technology partners to build open, standardized platforms instead of isolated proprietary stacks.

As software becomes a central differentiator in vehicles, automakers are increasingly investing in patents. Protecting intellectual property is becoming a critical part of R&D strategy because it allows companies to secure technological advantages and create licensing opportunities. A strong patent portfolio strengthens competitive positioning in a rapidly evolving mobility ecosystem and safeguards innovation.

Automation and security-by-design in software-defined automotive ecosystems

The expansion of SDVs dramatically increases cybersecurity challenges. With AI-driven autonomy, multi-supplier software ecosystems, OTA updates, and V2X connectivity, the attack surface becomes significantly broader. Ensuring operational resilience requires security-by-design and extensive automation across the entire lifecycle.

Through Architectural Isolation and Future-Proofing Operational, modern SDV architectures isolate safety-critical and non-critical domains from each other. This prevents attackers from exploiting low-priority systems as entry points into essential vehicle controls. Automotive-grade hypervisors and containerized platforms enforce strong logical separations across vehicle functions. Distributing workloads across High-Performance Computers (HPCs) limits the blast radius of failures or cyber intrusions.

Researchers are exploring the use of advanced automation, such as using Large Language Models (LLMs), to automate time-intensive safety design processes like Hazard Analysis Risk Assessment (HARA) and requirements engineering. Utilising AI-based threat detection systems to analyze patterns and identify anomalies within the vehicle's network traffic in real time. Ensuring these automated detection and fail-safe systems operate instantly without introducing computational latency that could jeopardize safety-critical driving tasks is a major challenge.

OTA updates are the most critical cybersecurity challenge in SDVs; a single compromised or faulty update can paralyze millions of vehicles simultaneously. Operational resilience absolutely requires resilient recovery mechanisms, such as secure failsafe modes and automated rollback procedures, to instantly revert a vehicle's systems to a known safe state if an update fails or corrupts.

Conclusion:

The shift to software‑defined mobility is not a future scenario but a present reality. Our responsibility as leaders is to treat every vehicle as a dynamic platform continuously enhanced, inherently secure, and enabled by a culture of rapid, disciplined innovation. Those who master this shift will not just build better cars; they will build enduring customer relationships and create resilient, high‑margin businesses.
 

Gilroy Mathew is the COO of UST. Views expressed are the authors' personal.