In the age of Software-Defined Vehicles (SDV) and autonomous driving, vehicles are no longer isolated machines. They are interconnected systems that continuously communicate with cloud platforms, mobile apps, and other vehicles. This will increase also the feasibility for cybersecurity attack. AUTOSAR, is as a major software architecture platform for automotive and provides a framework and the building blocks to address various security aspects, including cryptography, secure communication, access control, intrusion detection, and others.
The blog article gives an overview of how access control features such as IAM, SOME/IP-ACL, and firewall integration could be part of a comprehensive security strategy of AUTOSAR developers and OEMs.
Understanding access control in AUTOSAR
In the AUTOSAR ecosystem – both Classic and Adaptive platforms – access control mechanisms are being expanded and refined to meet the needs of SDVs, connected and autonomous vehicles.
These mechanisms ensure that only trusted entities can access critical services and data, preventing unauthorized access and privilege escalation, both of which can have serious safety and operational implications.
Access control refers to the policies and mechanisms that govern which users or systems can access specific data, services, or APIs – and under what conditions. AUTOSAR supports a layered approach to access control, allowing it to be enforced locally at the application level, at the service interface, or even at the network edge. Three major features stand out: Identity and Access Management (IAM), SOME/IP-ACL, and Firewall integration.
Identity and access management (IAM) on AUTOSAR Adaptive
IAM is the core access control mechanism for the AUTOSAR Adaptive platform.
It is designed to regulate how applications – either running locally on the same ECU or remotely over the network – access critical services and resources.
This process begins at design time, where application developers define their intended access needs using the ‘GrantDesign’ model. These access intents are reviewed during integration, where system integrators decide whether to accept them and create explicit grant entities in the deployment model. Grants specify both the subject (an application or process) and the object (the service or resource it wants to access), forming a tightly controlled access relationship.
IAM supports both local access control, which governs how processes interact with services on the same ECU, and remote access control, when the subject application and object service are on different ECUs and the communication will go through the network, which requires robust authentication mechanisms such as TLS or IPsec to authenticate the identity of the communication partner (other ECUs) and then authorize or not the access based on the defined policy.
In addition, IAM plays a vital role in cryptographic key management. Keyslots – logical containers for cryptographic keys – can be shared among multiple users or dedicated to a single owner. IAM defines and enforces which application can use which keyslot, and under what constraints, adding another layer of protection around sensitive cryptographic operations.
Service-oriented access control with SOME/IP-ACL
On the Classic platform, AUTOSAR leverages SOME/IP-ACL (Access Control List) to restrict which communication partners can interact with specific services.
SOME/IP is the backbone of service-oriented communication in AUTOSAR Classic, and without proper access control, it could become a gateway for unauthorized or malicious access.
SOME/IP-ACL works by associating each service instance with a list of approved IP addresses. When a service receives a request – such as a subscription to an event group – it checks whether the requesting client is on its ACL. If not, the request is ignored and logged as a potential security incident.
This dynamic policy enforcement ensures that only trusted ECUs can participate in this service communication, even if another node on the network has been compromised. Authentication mechanisms such as port-based checks, IPsec, or MACsec further strengthen the identity verification of each communication partner.
Firewall integration across platforms
Firewalls play a complementary role in access control by managing traffic at the network level.
In AUTOSAR, firewall functionality can be implemented on both Adaptive and Classic platforms and even deployed on smart switches equipped with dedicated processing units.
Firewall support a variety of inspection techniques – stateless, stateful, and deep packet inspection – to enforce granular communication rules. Firewall can allow or block traffic based on predefined criteria, filter messages depending on the vehicle’s operational state, or rate-limit excessive data to prevent denial-of-service scenarios.
In the Adaptive platform, the firewall is managed through a dedicated function cluster (ara::fw), which reads configuration data from the machine manifest and configures the firewall engine and raises alerts for any suspicious activity. On the Classic side, the firewall integrates with modules like LSduR (for packet inspection), BswM (for vehicle state management), and IdsM (to report security events).
These firewalls also support standard ARXML-based configuration, allowing developers to model filter rules using AUTOSAR-compliant tools and generate allowlists directly from the communication matrix.
The AUTOSAR road ahead
As SDVs continue to evolve, the importance of structured, multi-layered access control will only grow.
IAM, SOME/IP-ACL, and firewall integration are not just isolated features – they form a comprehensive defence-in-depth strategy that addresses access control from the application layer to the hardware level.
At Expleo, we are proud to be actively contributing to the development of these technologies as AUTOSAR premium partner through our participation in AUTOSAR Lead Working Group Security (WG-SEC). With deep domain expertise in embedded software development and a global presence, we support OEMs and suppliers in integrating these security features into production systems – helping shape the secure, connected, and autonomous vehicles of tomorrow.
Want to learn more about how Expleo can support your SDV and AD & ADAS development?
Let’s talk about how we can help bring your platform up to compliance – and ahead of the curve.
