APIs Are the Keys to Building a Bright Future for the Connected Car Industry

Janet Wagner, Data Journalist / Full Stack Developer
Jun. 17 2014, 01:03PM EDT

Last year, ProgrammableWeb published a three-part series (part one, part two, part three) covering some of the exciting news and developments happening in the connected car industry. The industry continues to grow at a rapid pace, with news breaking about connected car platforms and apps nearly every day. On May 27, the first day of APIcon, connected car platform Mojio announced its upcoming cellular device for vehicle analytics, which is still in the beta stage of development. The device, which plugs into a vehicle's diagnostics port, sends a stream of data that relays trip behavior and vehicle analytics to the Mojio platform. Developers can use that data via an API to create third-party apps.

Cars are essentially becoming the next mobile software platform. Cutting-edge technology is crucial to the success of not only connected car app developers, but to car manufacturers as well. In a Wired article published recently, Doug Newcomb writes:

The amount of software in the average vehicle has grown exponentially — a typical new car has about 100 million lines of code — with the advent of sophisticated, cloud-connected infotainment systems. Software has become a competitive advantage as vital to General Motors or Toyota as it is to Apple or Google.

Millions of connected cars are already in use in the U.S. and countries around the world, and the number is expected to grow rapidly. According to a recent Business Insider article, more than 250 million connected cars will be on the road around the globe in five years. This is according to forecasts made by the GSMA and other market research firms. An iGR study published last month predicts that between 2013 and 2018, the amount of annual mobile data usage (measured in terabytes) generated by connected cars will increase at a compound annual growth rate of almost 188%.

Despite the developments in connected car platforms and apps, several concerns still need to be addressed and managed — issues such as the slow pace of automotive development, Internet availability on roadways and, most importantly, API security.

OpenSignal Report includes an interactive map that displays U.K. motorway details on mouse over.

One of the factors driving the rise in popularity of the connected car is the availability of smartphone apps, infotainment and navigation apps in particular. However, the development cycle and technology updates of smartphones and other consumer electronics occur at a far more rapid pace than that of the automotive industry. Last year Apigee's Brian Mulloy discussed connected car apps, APIs, data and ecosystems in a live webinar, which is available to view on YouTube. Mulloy says there is a frequency mismatch between consumer electronics and automobiles, explaining in the webinar:

Right now the average car life expectancy is about 10 years. A washing machine is around 10 years as well, whereas a smartphone has a 21-month cycle. So we have this collision here where the consumer expectation is coming from the consumer electronics world, where things can go obsolete in two years and the next latest and greatest thing is coming along. Where on the other hand, the automobile industry, because of its high price point, is moving at the speed of decades instead of something that is measured in 21 months.

Internet availability is also an issue when it comes to connected cars. In many places Internet access is not available, causing connected car apps to be unusable. Earlier this month, OpenSignal published a report about the state of mobile connectivity for U.K. motorways, A-roads and railways. The report includes an interactive map displaying the average time on 3G/4G for specified roads. 3G/4G coverage on roads is something that will be required when connected cars dominate the roadways.

One company working to solve the Internet availability issue for the Internet of Things (IoT), which includes connected cars, is Sigfox. The company describes itself as:

... the first and only company providing global cellular connectivity for the Internet of Things, fully dedicated to low-throughput communications. SIGFOX is re-inventing connectivity by radically lowering prices and energy consumption for connected devices.

Sigfox is building a long-range wireless IoT network in San Francisco and plans to build additional networks in other major U.S. cities within the next 18 months. The Sigfox cloud and API are key components of the implementation of this type of IoT network, making it easy for developers to interface existing systems and devices.

While the slow pace of automotive development and Internet availability on roadways are both key issues for the connected car industry, the No. 1 concern is security, especially when it comes to APIs. API security made headlines recently when it was reported that Tesla's Model S API was architectural flawed and did not follow standard API security practices. The Tesla API allows car owners to do minor functions such as locking and unlocking doors and flashing the lights. To be clear, the Tesla API was a private API and not publicly available. A developer had reverse engineered the API used for Tesla's connected car apps.

The Tesla security breach caused a stir for both connected car manufacturers and connected car app developers. It demonstrated the importance of API management for private and public APIs, as well as the need to keep security in mind throughout an app's entire life cycle. API security for connected cars is no different than API security for mobile, web and other types of APIs.

Methods to secure APIs include 3-legged OAuth, OAuth 2.0, SSL, encryption and OpenID. API management companies such as 3scale, Apigee, Axway, CA Technologies, Mashery, MuleSoft, SOA Software and WSO2 can provide the tools to manage and secure APIs throughout the entire life cycle.

Although much of the car industry lags behind the consumer electronics industry when it comes to technology updates, companies such as Google, Mercedes-Benz and Toyota are working on "cars of the future," as in autonomous (self-driving) cars. Last month, Nextgov reported that California will be the first state to allow the testing of autonomous vehicles, beginning in 2015.

APIs are the keys to building a bright future for the connected car industry and the Internet of Things. APIs can be used to increase Internet availability in cities and on roadways around the world. APIs can be used to speed up the development cycle of connected car platforms and apps. Most importantly, APIs can be made secure for use in connected cars and the Internet of Things by providers making sound security choices throughout the entire API development life cycle.

Janet Wagner Janet is a data journalist and full stack developer based in Toledo, Ohio. Her focus revolves around APIs, open data, data visualization and data-driven journalism. Follow her on Twitter: @webcodepro and on Google+

Comments

Comments(2)

User HTML

  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.
markoneill

Hi Janet - great article, and I fully agree that API Security holds the keys (quite literally in some cases ! ) to the Connected Car. If readers are interested in the BMW Group case study about Secure APIs for the Connect Car, check out this recorded webinar with IC-Consult and Axway. It talks about how OAuth 2.0 is used as part of a highly scalable API Security architecture for Connected Cars. 

(Full disclosure: I'm VP Innovation at Axway. But I think it's a really neat case study for anyone interested in real-life examples of Secure APIs for the Connected Car. )

markoneill

Great article, and definitely agreed that APIs are the keys for the Connected Car. Security is key of course, but it has to scale. Connected Cars, by definition, will have many thousands, indeed millions, of users. By definition also, Connected Cars travel and take their API Keys and OAuth Access Tokens with them. Here at Axway, Connected Car customers have deployed our API Management leveraging highly-scalable in-memory globally replicated storage of OAuth Access Tokens, for example. Check out the BMW Global case study over on the Axway site, which was the subject of a webinar we recently did with IC-Consult. Janet - this is a great article - we'd love to talk to you more.