Electric Vehicle Sales Review Q3 2025Foresight to drive the industryOctober 2025Strategy&This public.
2025-10-31
26页
5星级
Private eet operators are weathering the storm as rapidly shifting trade policies create market unce.
2025-10-30
23页
5星级
2025 State of the Third-Party Logistics Industry ReportBuilding resilience to face an uncertain worl.
2025-10-30
22页
5星级
Not Chinas Fault:Americas Auto Dilemma Authors:Yilun ZhangZhangchen WangOctober 2025October 2025Not .
2025-10-30
64页
5星级
For updated information,please visit www.ibef.orgAugust 2025AUTO COMPONENTS2Executive Summary3Advant.
2025-10-30
32页
5星级
We recommend viewing this document with the latest version of your PDF reader.Japan Automobile Manuf.
2025-10-30
35页
5星级
2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved1MIND THE2025Automotive&Smart MobilityGlobal Cybersecurity Report 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved2TABLE OF CONTENTSOpening letter from our CEO Methodology Executive Summary Chapter 1:The rise of the Automotive cybersecurity gap Automotive innovation expands the attack surfaceThe year of ransomware:large-scale ransomware attacks dominated 2024 Smart Mobility devices expand into critical infrastructureClosing cyber gaps Chapter 2:The elephant in the boardroom Chinas strategic investments and government support are reshaping the Automotive industry Chinas MIC 2025 has propelled its NEV leadership MIC 2025 transforms the Automotive regulatory landscapeChinas fast-growing NEV industry comes with increased cybersecurity risks The international response to Chinese NEV growth and cybersecurity concernsChapter 3:Automotive cybersecurity trends Review of incidentsAttacks by black hats consistently outnumber those by white hatsNearly all attacks are remoteIncidents involving manipulation and control of vehicle systems more than tripledMonitoring CVEs is crucial Overview of 2024 CVEs The impact is felt across the entire smart mobility ecosystem Chapter 4:2024s attack vectors Threats against ACES technologies shape the attack landscape Telematics and application servers APIs Infotainment systems EV charging infrastructure GPS/GNSS navigation system Third-party services ECUs Smart Mobility devices and intelligent transportation systems45689142229333435363941434446484850525461626465666768697071 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved3TABLE OF CONTENTSMobile applications Vehicle sensors CAN bus Remote keyless entry systems Bluetooth WiFi V2X attacks are expected to rise dramatically Chapter 5:Cyber threats from the deep and dark web What is the deep and dark web?Below the surface:unveiling cyber risks in the deep and dark web Deep and dark web threat actors New automotive and smart mobility revenue streams are at risk Ransomware actors leverage the deep and dark web Threat actors continue to focus on scale and massive impact A proactive approach to deep and dark web risks Chapter 6:The regulatory reality The EU AI Act will greatly impact the Automotive industry by enforcing strict rules for AI systems in vehicles The expansion of UNECE WP.29 R155 and ISO/SAE 21434UNECE WP.29 overview The regulatory landscape continues to mature A global perspective on Automotive cybersecurity regulations Charging infrastructure regulatory frameworks continue to advance,as EV market share increases Chapter 7:Automotive cybersecurity solutions Cybersecurity solutions continue to evolve Developing an effective AI-driven vSOC Upstreams AI-driven and cloud-based approach to Automotive cybersecurity Chapter 8:Predictions for 2025 References 72737475787980838485899293949798991001011071141211301311351391481521 2025 Upstream Security Ltd.All Rights ReservedI am excited to present the 2025 Global Automotive and Smart Mobility Cybersecurity Report.This report comes at a critical time,as cyber threats are evolving faster than the industry is prepared to handle,outpacing regulation-driven measures.While UNECE WP.29 R155 compliance,particularly with its 2024 milestone,has brought attention to regulatory adherence,it has also created a false sense of security.Cybersecurity regulations,such as R155,set the minimum required standards but are insufficient to address the dynamic and complex threats confronting our ecosystem.Through our work with leading OEMs and mobility stakeholders,weve seen escalating cyber risks with serious implications on safety,brand reputation,operational continuity,data privacy,and financial stability.In 2024,ransomware attacks on the Automotive and Mobility ecosystem surged,causing unprecedented disruptions.The rise of software-defined and autonomous vehicles has introduced new vulnerabilities,while the integration of smart mobility devices like EV chargers and fleet systems into critical infrastructure has expanded the attack surface and magnified the stakes.Chinas strategic investments and government support have propelled its Automotive industry to a position of global leadership,particularly in the electric vehicle(EV)sector.However,this rapid growth has also spotlighted critical concerns around cybersecurity,data privacy risks,and potential espionage,underscoring the need for urgent action.Addressing these challenges requires collective action.OEMs,Tier-1,Tier-2 suppliers,and smart mobility providers must go beyond mere compliance.Stakeholders should adopt proactive,data-driven strategies and consistently invest in vSOCs,mobility-centric API security,threat intelligence,and vulnerability management to bridge cyber gaps and enhance resilience.Cybersecurity is no longer just a technical challengeit is a strategic imperative requiring leadership commitment.By working together,we can strengthen the automotive and smart mobility ecosystem,safeguarding customer trust and ensuring industry success.At Upstream,we have been at the forefront of securing the connected vehicle ecosystem and mobility assets since 2017,when we first introduced the Upstream Platform.The Upstream Platform has proven instrumental in helping organizations move beyond compliance to proactively monitor and protect millions of vehicles and mobility assets.With advanced AI and ML capabilities and deep industry expertise,Upstream is well-positioned to tackle the challenges ahead.As we navigate 2025 and beyond,we remain committed to leading the charge in securing the future of connected mobility.Sincerely,Yoav LevyCo-Founder&CEOOPENING LETTER FROM OUR CEO 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved5METHODOLOGYThe Automotive and Smart Mobility ecosystem benefits from Upstreams continuously updated database of cybersecurity incidents,offering a critical resource for staying ahead of cyber threats.In 2024 alone,Upstream researchers analyzed 409 new incidents,contributing to a total of 1,877 documented cases,some dating back to 2010.By monitoring hundreds of deep and dark web forums,we compiled this comprehensive and actionable report to help you navigate the evolving cybersecurity landscape with confidence.Through our global analysis of automotive cyber incidents,Upstream empowers the entire Smart Mobility ecosystem to understand,mitigate,and defend against both existing and emerging threats.Upstreams AutoThreat cyber threat intelligence platform leverages advanced technology,AI,and automations to continuously scan all layers of the web for new cyber incidents related to the Automotive and Smart Mobility ecosystem.The collected data is indexed and analyzed on the AutoThreat platform,providing a centralized and actionable repository of insights.Our dedicated team of researchers and analysts meticulously categorizes and examines this data to uncover the motivations and activities of threat actors,as well as the impact of cyber threats on mobility assets.Each incident is enriched with contextual informationsuch as the attacks geolocation,impact,attack vector,company type,and the required proximity of the attacker to the target.This creates an in-depth and practical repository to help organizations strengthen their security postures.The incidents analyzed in this report were sourced from diverse channels,including media outlets,academic research,bug bounty programs,verified social media accounts of government law enforcement agencies,the Common Vulnerabilities&Exposures(CVE)database,and other publicly available online sources.Beyond these,Upstreams analysts actively monitor the deep and dark web to track threat actors operating behind the scenes of automotive cyberattacks.In 2024,our research scope expanded significantly to address the rising risks,the growing number of targeted mobility assets,and the evolution of attack technologies.This expanded effort included tracking 1,133 of the most active threat actors,whose activities are analyzed in a dedicated chapter titled“Cyber threats from the deep and dark web.”Notably,these incidents are excluded from the statistics and charts presented in other chapters of the report.Please note that when analyzing attack vectors and their impacts,an incident may involve multiple attack vectors and potential impact elements.As a result,the total percentages may exceed 100ross all incidents.Despite our comprehensive approach,there may be additional incidents and attacks that remain unreported or undiscovered,and therefore not included in this report.For further insights,a more detailed analysis is exclusively available to AutoThreat PRO customers.6 2025 Upstream Security Ltd.All Rights ReservedEXECUTIVE SUMMARYThe Automotive and Smart Mobility ecosystem experienced a sharp increase in cyber threats throughout 2024,with large-scale ransomware attacks causing unprecedented disruption.As cyber risks outpace regulation-driven measures,the growing gap between the risk landscape and organizational resilience has become increasingly evident.To address this widening gap,organizations must prioritize resilience by investing beyond regulatory compliance.Upstreams 2025 Global Automotive Cybersecurity Report explores this cybersecurity gap,Chinas expanded EV market share,and the key trends,vulnerabilities,and incidents that shaped the ecosystem in 2024.The number of incidents with a high-massive impact(thousands to millions of mobility assets)continued to increase between 2023 and 2024,accounting for In 2024,automotive and smart mobility cybersecurity risk scale and impact continued to expandof all incidentsof attacks were executed by black hat actorsof attacks were remoteover 60%Massive scale incidents more than tripled,accounting for of all incidents19e%Source:Upstream Security7 2025 Upstream Security Ltd.All Rights ReservedBlack hat threat actors are increasingly motivated by the potential of large-scale impact,leveraging the deep and dark web as a fertile groundChina is reshaping global Automotive markets and the cybersecurity landscapeof black hat activities had a high-massive impactTo bridge cybersecurity gaps,stakeholders must accelerate the adoption of AI-driven detection and investigation capabilities,while improving vSOC monitoring and remediation efficiencies.targeted multiple stakeholders and global reach70%over 76%Chinas strategic investments and government support have solidified its leadership in the global EV market.In 2024,China advanced its automotive regulations with new cybersecurity standards for intelligent vehicles and plans to influence global industry standards.In response to rising cybersecurity risks,the US Department of Commerce proposed a rule in September 2024 to ban connected vehicles using certain hardware or software from China or Russia.Source:Upstream SecurityTHE RISE OF THE AUTOMOTIVE CYBERSECURITY GAPAs the next wave of innovations amplifies risks and impact,while regulatory and cybersecurity fatigue sets in,how can OEMs strengthen their cybersecurity postures and effectively minimize cybersecurity gaps?01.2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved9AS AUTOMOTIVE INNOVATION EXPANDS THE ATTACK SURFACE,AND FATIGUE SETS IN,OEM CYBERSECURITY POSTURES ARE ERODINGFor the last few years,innovative software-defined and autonomous technologies,coupled with the adoption of advanced IoT technologies in the Automotive and Smart Mobility ecosystem,have resulted in growing regulatory pressures.Automotive stakeholders are challenged with preparing for new regulations,standards,guidelines,and the need to develop new best practices.According to research by BlackBerry QNX,the demand for rapid innovation weighs heavily on automotive software teams,as 75%of software developers admit deadline urgency often compromises functional safety.1 Ultimately,software development and cybersecurity teams are pressured to innovate quickly and comply with ever expanding regulations,which introduces a continuous conflict.In 2024,many OEMs and their suppliers continued their heightened focus on implementing UNECE WP.29 R155 for Cyber Security Management System(CSMS)and Type Approval2 which became mandatory for all new vehicles in production starting July 2024as well as R156 for Software Update Management System(SUMS),3 and ISO/SAE 21434,4 as part of the global effort to create a unified approach to protecting connected assets against cyber threats.Historically,periods of heightened focus on compliance activities to meet a regulatory deadline often result in some type of end-user desensitization or fatiguewhich often undermines the effectiveness and intended outcome of the regulation.In the case of cybersecurity fatigue,security postures decline once regulatory compliance is achieved,leaving organizations vulnerable to cybersecurity threats.This type of behavior has been observed following the adoption of other laws such as GDPR5 and CCPA6 in consumer privacy,HIPAA7 in healthcare,PCI DSS8 in payments,and NERC CIP9 in utilities.Take GDPR for example.In the six years since it came into force,it has raised awareness of personal data protection rights and made data privacy and compliance board-level issuesbut it has also led to consent fatigue,weakening the effectiveness of the consent mechanism,and undermining privacy protection and trust in data processing.Additionally,the prioritization of non-compliance and fine enforcement over outcome is not indicative of effective regulation.2024 Upstream Security Ltd.All Rights Reserved10 2025 Upstream Security Ltd.All Rights ReservedIn January 2024,Upstreams Global Automotive Cybersecurity Report declared 2023 as the automotive cybersecurity inflection point,and examined how cybersecurity risks have evolved from experimental hacking into large-scale automotive attacks.Upstream data revealed that the proportion of incidents with a“High”(thousands of mobility assets)or“Massive”(millions of mobility assets)impact continued to increase between 2023 and 2024,accounting for nearly 60%of all incidents.10The same is true for the Automotive and Smart Mobility ecosystem,where today,a sense of compliance has led to the illusion that current cybersecurity postures are enoughdespite cyber incidents increasing in risk and impact,with severe safety and trust,operational availability,data privacy,and financial implications.Source:Upstream Security 2025 Upstream Security Ltd.All Rights ReservedNumber of Mobility Assets Potentially ImpactedLowUp to 10MediumUp to 1,000HighThousandsMassiveMillionsBreakdown of publicly disclosed cybersecurity incidents by potential scale,2021-2024:of incidents have high-massive impact60 212022202320241.2.66.7B.5%1.5 .67.5.4.62.5%7.5.4%5.4D.15.9.6 2025 Upstream Security Ltd.All Rights ReservedBreakdown of deep and dark web threat actors activities by scale,2024Black hat and fraud operators activity targets,2024 46.7E.0%8.3%Source:Upstream SecuritySource:Upstream SecurityAdditionally,Upstreams study of 1,133 of the most active threat actors on the dark and deep web found that threat actor motivation has shifted to scale and massive impact:11In 2024,43%of deep and dark web cyber activities had the potential to impact thousands to millions of mobility assets.55%of black hat and fraud activities on the deep and dark web during 2024 involved multiple OEMs or have global reach.GlobalSingle OEM/StakeholderSeveral OEMs/StakeholdersWhen zooming in on black hats and fraud operators,56%had the potential to impact thousands to millions of mobility assets.11 2025 Upstream Security Ltd.All Rights Reserved34.4%8.73.4%MediumHighMassive23.5%LowBreakdown of black hat and fraud operators activities by scale,2024 Source:Upstream Security33.1%Medium48.3%High7.2%Massive11.4%Low 2024 Upstream Security Ltd.All Rights Reserved12 2025 Upstream Security Ltd.All Rights ReservedThe rise in large-scale incidents can be attributed to several factors that point to an emerging cybersecurity gap:API connectivity between vehicles and multiple devices and apps(e.g.,OEM companion app,charging app,dealerships,smart mobility,etc.)lowers the cyber attack threshold and represents a prime attack vector for large-scale remote attacks.The introduction and rapid innovation related to Software-defined Vehicle(SDV)and Autonomous Vehicle(AV)technologies that enable remote access to core vehicle functionality and result in massive-scale attacks.With constantly expanding attack surfaces,lower attack thresholds,and a variety of attack methods,attackers can launch a wide range of attacks.AI-based automation of attack processes and preliminary research offers threat actors the ability to design attacks at scale quickly and with less resources.Ransomware as a service(RaaS)and data exfiltration attacks are relatively easy to execute,and provide immediate financial and reputational benefits to attackers.Overburdened IT and product cybersecurity teams focused on regulatory compliance,coupled with increasingly complex IT,OT and product environments,provide ample opportunities for attackers to exploit.Source:Upstream SecurityTodayThe Inflection PointR155-Driven PostureRisk of Technology-Driven Massive Scale Attacks2024202520232022 2025 Upstream Security Ltd.All Rights Reserved13THE AUTOMOTIVE CYBERSECURITY GAP As the threat landscape evolves and the cybersecurity gap widens,the regulatory landscape is expected to adapt effectively;organizations must continuously invest in expanding their resilience beyond regulatory requirements.2024 Upstream Security Ltd.All Rights Reserved14 2025 Upstream Security Ltd.All Rights ReservedTHE YEAR OF RANSOMWARE:LARGE-SCALE RANSOMWARE ATTACKS WITH UNPRECEDENTED IMPACT DOMINATED 2024As the Automotive industry rapidly integrates advanced technologies such as software-oriented architectures,autonomous driving,electric vehicles,and aftermarket IoT devices the impact of the misalignment between current regulatory-driven cybersecurity postures and real-world threats becomes increasingly evident.Ransomware attacks have serious financial implications,including lost revenue from service and business disruption,ransom payments,high recovery costs,legal and regulatory compliance issues,and fines due to data and privacy breaches,as well as brand and reputation damage.But when it comes to product cybersecurity,especially in the Automotive and Smart Mobility ecosystem,ransom attacks have direct implications on safety,uptime,and operational availability and efficiencyas well as significant risks to sensitive data.The adoption of Ransomware as a Service(RaaS),a ransomware distribution model similar to cloud computing models(e.g.,Infrastructure as a Service and Platform as a Service)where ransomware providers maintain infrastructure and services and charge customers for access,has been a major factor in ransomwares continued growth and success.The escalating geopolitical tensions have increasingly brought nation-state threat actors into the ransomware spotlight.In April 2024,the US Department of the Treasury sanctioned two companies and four individuals involved in malicious cyber activity on behalf of Iran,targeting more than a dozen US companies and government entities through cyber operations,including ransomware,spear phishing and malware attacks.12 The four individuals were also indicted by the US Department of Justice for their role.13 In July,a North Korean national was indicted for his involvement in a conspiracy to hack and extort US hospitals and other health care providers.14One of the biggest threats to enterprise and product cybersecurity is ransomware,perhaps the most defining cybercrime of the past decade,and it continues to grow every year.2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved15In August,the Federal Bureau of Investigation(FBI),Cybersecurity and Infrastructure Security Agency(CISA),and the Department of Defense Cyber Crime Center(DC3)released a joint Cybersecurity Advisory(CSA)warning that a group of Iran-based threat actors continues to exploit US and foreign organizations.15 In 2024,attackers found new ways to hack into systems(e.g.,new techniques that enable new zero-day exploits,edge device exploits,GenAI-based automations,etc.);focused their efforts on big-game hunting(e.g.,large,high-value organizations or high-profile entities);increased targeting of operational technology(OT)and connected devices;and had greater concentration on data exfiltrationincreasingly used in the Automotive and Smart Mobility ecosystem and driving the growth of ransomware economy in 2024,especially with the introduction of laws such as the US SECs cybersecurity incident disclosure rules,16 and the EUs NIS 2 cybersecurity directive.17 Stricter cybersecurity reporting requirements and large regulatory fines change ransomware dynamics.Attackers can inflict financial and reputational damage without encrypting data and shutting down operations,and victims can no longer ignore attacks and avoid reporting incidents.Traditional ransomware extortion tactics,where attackers encrypt critical data,shutdown the victims operation,and extort them with the threat of releasing sensitive data(e.g.,double extortion)have proven less effective for attackersdata encryption is resource-intensive and many organizations can restore their data from backups.In September 2023,a leading US-based trucking and fleet management solutions provider experienced a prolonged double extortion attack that resulted in customers being unable to electronically log their on-road hoursas required by federal regulationsor track their transported inventory.18 In response,the company hired external cybersecurity experts to investigate and applied for a waiver from the US Federal Motor Carrier Safety Administration to allow truckers to use paper logs until service was restored.19 In November 2024,the same company was reported to have experienced a massive data breach when a threat actor advertised on a dark web forum that he accessed and exfiltrated over 70TB of sensitive data from the companys systems.The threat actor shared evidence and samples of the stolen data to prove his claims.A copy of the data was offered for sale for$30,000,with a negotiable price of$100,000 to remove the data.20 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved16By shifting focus from data encryption to data exfiltration and creating data-leak marketplaceswhere stolen data is sold to the highest bidderattackers reduce attack overhead and improve their overall efficiency and return on investment.According to research by Check Point,global ransomware attacks increased by 30%in Q2 2024the highest increase in two years.In terms of industry impact,the manufacturing sector was the most affected,representing 29%of publicly known ransomware attack victims globally,with a significant 56%year-over-year increase.The transportation sector experienced a 40%increase.The communications and utilities industries,both of which rely heavily on IoT and are closely tied to the mobility ecosystem,have experienced dramatic increases in ransomware incidents,177%and 186%,respectively.21 AEGs figure includes lost earnings from the approximately 56,000 new unit sales that AEG estimated were lost during the three-week period;lost earnings on used car sales;lost earnings on parts and service;additional staffing and IT service costs;and additional floor plan interest costs on inventory.Damages to consumers,reputational damages to dealers,litigation costs,and other categories of damages are excluded.The Anderson Economic Group(AEG)estimated that total direct losses to franchised auto dealers reached$1.02 billion.23In 2024,AutoThreat researchers detected 108 mobility-specific ransomware attacks and 214 data breaches,which contributed heavily to the rise in cybersecurity incidents in the mobility ecosystem.Most notably,in mid-June,a ransomware attack on a leading US-based provider of dealership management software used by 15,000 dealerships,resulted in shutting down dealer operations for nearly 3 weeks.According to a report from CNN citing multiple sources,the company likely paid the$25M ransom to expedite recovery and end the outage.22 IN 2024,AUTOTHREATRESEARCHERSDETECTED 108 MOBILITY-SPECIFICRANSOMWAREATTACKS AND214DATA BREACHES17 2025 Upstream Security Ltd.All Rights ReservedCybersecurity risk is likely to be dramatically altered by the proliferation of SDV and AV technologiesThe convergence of technologies known collectively as ACESAutonomous Driving,Connectivity,Electrification,and Shared Mobilityhas forced stakeholders to move from the traditional hardware-defined architecture to a software-oriented architecture,presenting growing cybersecurity challenges.APIs have been playing a key role in increasing connectivity between in-vehicle components,backend systems and applications.As more functionality has been exposed through APIs,cybersecurity risks have also increased dramatically,while attack costs and thresholds have decreased.Here are a few more examples from 2024:In February,Japanese OEM US division allegedly hit by a ransomware attack resulting in data theft of 22GB of sensitive vehicle and customer information24 In February,South Korean OEM hit by large-scale ransomware attack disrupting operations25 In March,Chinese Tier-2 supplier was hit by a ransomware attack leading to a major breach of 1.2TB of data,impacting Chinese and global OEMs26 In April,Italian branch of a German OEM experienced a data breach compromising customer PII27 In July,Indian OEM hit by a ransomware attack resulting in company data theft28 In August,South Korean automotive supplier was hit by a ransomware attack,resulting in 2.3TB of company data compromised29 In September,Chinese Tier-1 specializing in automotive CAN BUS protocol solutions was hit by a cyberattack disrupting its website operations30The ability to control software components and exploit vulnerabilities poses a significant threat to the cybersecurity posture of fleet-wide control systems,opening the door for exponential growth in the scale and impact of attacks.Frequent OTA updates mean the SBOM is no longer staticbut rather constantly evolving long after a vehicle leaves the factory.Risk profiles continuously change,constantly requiring risk and vulnerability analysisbut they can be remediated in real time as well.2024 Upstream Security Ltd.All Rights Reserved18 2025 Upstream Security Ltd.All Rights ReservedFurthermore,modern SDV attack surfaces go beyond in-vehicle components to include charging points and networks,as well as 3rd-party applications for smart mobility,OEM services,telematics devices,and electric vehicle(EV)chargingadding even more complexity.Finally,the vast amount of data generated by SDVs and AVs and stored in backend systems,presents an additional risk.Backend systems(e.g.,telematics servers and applications)play a crucial role in delivering advanced connected vehicle functions and services,as well as collecting and managing huge amounts of sensitive data related to vehicle state,location,usage patterns,and driver behavior.Attackers can tap into this data,which contains the PII of millions of automotive users,without even needing to hack the actual vehicles.The threat of cyberattacks on backend servers is particularly high because of the ability of malicious threat actors to impact entire fleets,both in terms of control and data access.The growing reliance on software-oriented architectures,APIs,and backend systems highlights the urgent need for OEMs to safeguard the software services,components and the sensitive data stored in their backend systems.As SDVs and AVs become more prevalent,the cyber posture balance is likely to change dramatically,further widening the cybersecurity gap.SDV and AV technologies are vulnerable to a wide range of cyber attacksSoftware-defined and autonomous vehicles provide remote access to core vehicle functionality,allowing hackers to effectively attack at scale.In 2024,security researchers discovered and exploited numerous vulnerabilities in software and hardware components used in SDVs and AVssuch as LiDAR sensors,radars,cameras,high-accuracy positioning hardware,OEM applications,and software development platformsoften directly affecting the safety and operational reliability of vehicles.In February 2024,security researchers from Duke University could trigger hallucinations in AV sensor systems without prior knowledge of the radar system in use.In one demonstration of the attack,called MadRadar,researchers caused a hallucination in a Doppler radar system,causing it to mistakenly believe that a vehicle traveling away from the sensor turned around and was on its way to a head-on collision.According to the researchers,MadRadar detects and learns radar types in microseconds and adapts its attack instantly.This type of attack can be used to fool adaptive cruise control systems that use radar,into thinking the car in front of it is speeding up,when it is not,resulting in a frontal collision.31 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved19In March 2024,security researchers from the University of CaliforniaIrvine and Japans Keio University detected 15 vulnerabilities in 9 commercially available,first-and next-gen LiDAR systems that can allow direct spoofing of fake cars and pedestrians and the vanishing of real cars in the AVs eye.These attack capabilities on LiDAR sensors can be used to directly trigger various unsafe AV driving behaviors such as emergency brakes and front collisions.32 In May 2024,security researchers from Singapore proved that it was possible to interfere with AVs by exploiting their reliance on camera-based computer vision,making them ignore road signs using LEDs.The researchers were able to distort the appearance of road signs repeatedly in a stable manner,ensuring that every frame captured was distorted.The team tested their system using a real road and car with a camera used by a prominent Chinese AV developer.Two versions of this stabilized attack were developed by the team.GhostStripe1,which does not require access to the vehicle,employs a tracking system to monitor the target vehicles real-time location and dynamically adjusts the LED flickering accordingly to ensure a sign isnt read properly.GhostStripe2 requires access to the vehicle and involves placing a transduceran electronic device that converts energy from one form to anotheron the power wire of the camera to detect framing moments and refine timing control.The researchers claim GhostStripe1 and GhostStripe2 had success rates of 94%and 97%,respectively.33In May 2024,security researchers from the University of Buffalo uncovered a vulnerability in multi-sensor fusion systemsa technology that integrates data from LiDAR,cameras,and radar sensors,and is commonly used in AVs.The researchers introduced a sophisticated attack method capable of simultaneously compromising all three sensor types using a single adversarial object.This object can be easily and inexpensively fabricated,allowing the attack to be executed with a high degree of stealth and flexibility.By deploying just two small adversarial objects,the researchers demonstrated that the attack could effectively render a target vehicle invisible to the victim AVs perception systems.34 Multi-sensor fusion has long been considered an adequate cybersecurity counter measure as multiple sensor types provide redundancy,compensating for any compromised sensor.The researchers findings show that this is no longer the casewith attackers capable of simultaneously compromising multiple sensor types.In June 2024(published in September 2024),security researchers discovered vulnerabilities in a Korean OEMs dealer API,allowing them to take over vehicles using only their license plates.2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved20The researchers went as far as building a proof-of-concept attack UI consisting of a VIN Retriever tool that converts license plate number to VIN using a third-party API;an Exploit module which can be used to takeover a victims vehicleor passively steal vehicle owner PII including name,email and phone number;and a Garage module,which can be used to issue commands and locate impacted vehicles.35 According to the researchers,“from the victims side,there was no notification that their vehicle had been accessed nor their access permissions modified.An attacker could resolve someones license plate,enter their VIN through the API,then track them passively and send active commands like unlock,start,or honk.”36 The researchers informed the OEM,which fixed the vulnerabilities and validated that they were never exploited maliciously.This incident highlights the massive impact of API vulnerabilities and demonstrates how they would affect SDVs at scale.In June 2024,a security researcher identified a severe vulnerability,identified as CVE-2024-35213 and assigned a CVSS score of 9.0(critical),in the SGI Image Codec of a popular vehicle software development platform used in various automotive parts including infotainment,ADAS,telematics,and autonomous driving.Successful exploitation of CVE-2024-35213 could lead to software-driven system crashes,disruptions in image processing services,or the execution of unauthorized code.37 In September 2024,security researchers published research investigating the impact of Denial of Service(DoS)attacks,specifically Internet Control Message Protocol(ICMP)flood attacks,on Autonomous Driving(AD)systems,focusing on their control modules.Two experimental setups were created:the first involved an ICMP flood attack on a Raspberry Pi running an AD software stack,and the second examined the effects of single and double attacker ICMP flood attacks on a Global Navigation Satellite System Real-Time Kinematic(GNSS-RTK)device for high-accuracy positioning of an autonomous vehicle that is available on the market.DoS attacks only had a marginal impact on the AD stack,indicating a degree of resilience to these types of attacks.GNSS devices,however,showed significant vulnerabilities:under DoS attacks,sample rates dropped to about 50%and 5%of the nominal rate,respectively,for single and double attacker configurations.38 The results of this research have significant implications,as it shows that while the AD software stack can handle DoS attacks with minimal performance degradation,critical external components like GNSS-RTK devices are highly vulnerable.The GNSS systems vulnerability highlights a critical gap in AD system resilience,especially for real-time positioning hardware that could lead to incorrect vehicle positioning,directly affecting the safety and operational reliability of autonomous vehicles.2024 Upstream Security Ltd.All Rights Reserved21 2025 Upstream Security Ltd.All Rights ReservedRecently and with the rising impact of geopolitical conflicts,Upstreams vSOC team identified GNSS spoofing at multiple OEMs across various regions worldwide.39 False coordinates negatively impact consumer experience of being unable to properly track their vehicles,but may also disrupt customer operations,particularly related to fleet management.Furthermore,GNSS spoofing may introduce safety risks,for example preventing first responders from providing assistance in case of an accident due to false location coordinates.40 Ransomware may soon extend beyond enterprise IT systems to affect products,OT,and Smart Mobility devicesIoT enhances operational technology in smart mobility by enabling seamless communication between devices and systems.For instance,in vehicle assembly lines,IoT-connected nutrunners ensure precise torque applications,improving the efficiency and accuracy of the manufacturing process.Similarly,electric vehicle supply equipment(EVSE)interfaces with IoT systems to manage charging schedules and optimize energy consumption,ensuring that electric vehicles are charged efficiently and without overloading the grid.In January 2024,security researchers discovered 25 security vulnerabilities in a widely used cordless,handheld pneumatic torque wrench(also known as a nutrunner)designed for safety-critical tightening operations in automotive production lines.Exploiting the vulnerabilities could allow unauthenticated attackers to take complete control of a nutrunner.Lab tests showed how an attacker could launch a ransomware attack that involves making the device inoperable and displaying a ransom message on its built-in screen such an attack can also be automated to hack all of a companys nutrunners,causing significant disruption in the production line.In another simulated attack scenario,the attacker changes tightening program configurations,specifically the final torque value applied to mechanical fasteningswhich is calculated and engineered to ensure that the overall design and operational performance of the device is metpotentially resulting in mechanical failure,excessive warranty claims and reputational damage.41 In February 2024,a Russian hacktivist group allegedly gained unauthorized access to the data and app control panel of a state-controlled Lithuanian EV charging service.In exchange for ceasing the attacks and not leaking user data,the group demanded a ransomthe company refused,which resulted in the leak of data on over 20,000 customers,including names,email addresses,and a list of user authentication(RFID)tokens.Some users of the EV service were disconnected from the app,unable to charge their electric vehicles,and all the companys charging points in Lithuania were disconnected.All services were restored a few hours later.2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved22In February 2024,a city in Ontario,Canada,was hit by a ransomware attack leading to a near-complete shutdown of the citys phone lines and online systems,impacting everything from transit systems,engineering services,and child care to cemeteries,libraries,city maps,public health records,and property taxes and vendor payments.City officials confirmed the attack and stated they are consulting with local authorities to investigate the incident,and cybersecurity experts to restore system functionality.42 SMART MOBILITY DEVICES EXPAND INTO CRITICAL INFRASTRUCTURE:THE NEXT FRONTIER IN AUTOMOTIVE&SMART MOBILITY CYBERSECURITYThe growth in Smart Mobility devices,including telematics fleet and inventory management systems,cameras,EV charging infrastructure,agriculture and heavy machinery devices,etc.,ushers in a new era of cybersecurity risks on a massive scale,with a wide range of devices vulnerable to attacks such as EV charging equipment and infrastructure,autonomous systems and self-driving kits,traffic control systems,telematics systems,fleet management solutions,and smart agricultural equipment.The attacks and vulnerabilities below highlight the significant cyber risk to Smart Mobility devices and their direct impact on the safety,data and operational availability of vehicles and Smart Mobility systems.In February 2024,the UKs Office for Product Safety and Standards(OPSS)suspended sales of Spanish EV chargers for failing to comply with current cybersecurity regulations,raising concerns over potential risks to the national energy infrastructure.43 Hackers might gain access to thousands of non-compliant chargers and switch them all on at once,generating peak demands that disrupt the grid.The company,which has sold 40,000 units in the UK and over half a million worldwide,was allowed to continue to sell the chargers in the UK until June 30,2024.The incident illustrates how EVSE vulnerabilities can be exploited to control and manipulate EV charging systems,damaging the local power grid,causing service disruption,and potentially affecting the national grid.2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved23In March 2024,security researchers from Colorado State University showed how ELDs can be accessed over wireless connections(e.g.,Bluetooth or Wi-Fi)to take control of a truck,manipulate data,and spread malware between vehicles.44 Researchers found that ELDs are distributed with default firmware settings with considerable security risks.They also use the CAN BUS to communicate,feature an exposed API for OTA updates,predictable identifiers,and weak passwordssimplifying unauthorized connections and access to vehicle systems for attackers in wireless range.Security researchers successfully connected to a trucks Wi-Fi within 14 seconds,re-flashed the ELD,and sent malicious CAN messages,causing the truck to slow down.There are nearly 14 million commercial medium and heavy-duty trucks in the US,45 all of which are required to have ELDs,which poses a serious security risk for commercial fleets,their safety and operational availability.The researchers reported the findings to manufacturers and the US Cybersecurity and Infrastructure Security Agency(CISA),highlighting the potential for widespread disruptions.In May 2024,a German agricultural machinery manufacturer suffered a cyber attack that impacted locations worldwide,forcing the company to halt production operations,shut down all IT systems,and call in an external team of specialists.The extent of the attack is unclear,but as of May 29th,the company issued a press release stating that they have been able to resume production.However,the company was still in emergency mode and was expected to have 100%process performance available again within four weeks.46In May 2024,a prominent European vehicle tracking and fleet management device provider suffered a data breach.47 The data breach,disclosed on a dark web forum,exposed a vulnerability in the companys internal systems,compromising sensitive information including GPS IMEI numbers,real-time vehicle tracking data,billing details,and customer account information.The attacker indicated he had access to all of the companys internal systems,across more than 40 countries and over 5,000 companies.In July 2024,a security researcher discovered a vulnerability,known as CVE-2024-38944,within the web-based UI on Traffic Controllers produced by a Norwegian-based traffic management company.The vulnerability enabled him to gain full control of a Traffic Controller,modify the configuration of a traffic intersection and traffic light sequences,or trigger the intersection to go into 4-way flash,causing a denial of service and causing traffic congestion and safety risks.The issue results from the lack of authentication before allowing access to functionality and highlights concerns with the security of Intelligent Transportation System Protocols(NTCIP)and the risks of unsecured network management protocols like Simple Network Management Protocol(SNMP).48 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved24In November 2024,a UK-based telematics vendor experienced a cyber attack that disrupted many of its services,affecting fleet tracking capabilities for numerous clients.49 Beyond operational disruptions,the attack allowed unauthorized activity within the companys network.Several fleet operators reported significant impacts on their operations,citing issues with real-time tracking and potential delays in deliveries.The company promptly alerted the relevant authorities,including the UK Information Commissioners Office,and stated to be working with cybersecurity experts to investigate and mitigate.These findings highlight the need to secure Smart Mobility devices as critical infrastructure and the implications of not doing so.The regulatory landscape covering Smart Mobility devices is fragmented and evolving rapidlyGlobally,the regulatory landscape for mobility IoT products is rapidly evolving,with different countries adopting different measures at different levels,resulting in a complex regulatory environmentfurther widening the cybersecurity gap.In comparison to automotive cybersecurity regulations like R155 and similar frameworks implemented by other regulators worldwide,it is nearly impossible to comply with emerging IoT legislation on a global scale due to the different frameworks and compliance requirements in each country.Fragmented IoT Regulations Contribute to Growing Cybersecurity Gap 2025 Upstream Security Ltd.All Rights Reserved24Regional Regulations Emerge2025Source:Upstream Security 2024 Upstream Security Ltd.All Rights Reserved25 2025 Upstream Security Ltd.All Rights ReservedIn the EU,the NIS2 Directive50 which became mandatory on October 17,2024focuses on establishing cybersecurity standards and resilience for the critical infrastructure and energy sectors.The NIS2 Directive is supported by the EU Cyber Solidarity Act,51 which aims to strengthen capacities in the EU to detect,prepare for and respond to significant and large-scale cybersecurity threats and attacks.This includes forming SOC infrastructure within EU member countries to ensure coordinated handling of cyber threats,and creating a European Cybersecurity Reserve,consisting of incident response services from trusted qualified providers.NIS2 also adds reporting requirements within 24 hours,with additional reporting after 72 hours and 30 days.52 Companies that fail to comply with the new NIS2 Directive could face massive administrative fines,along with other punitive actions,including:53In March 2024,the European Parliament approved the Cyber Resilience Act(CRA),54 a horizontal legislation,covering all products with digital components(both hardware and software).55 The CRA covers the entire lifecycle of products,offering a framework for cybersecurity governing the planning,design,development,and maintenance of products.The CRA also requires manufacturers to report actively exploited vulnerabilities and incidents within 24 hours,and mitigate risks effectively through the support period of the product.56 In the UK,the Product Security&Telecommunications Infrastructure Bill represents a significant regulatory shift for the IoT ecosystem,requiring a comprehensive approach to integrating cybersecurity into product development and lifecycle management.57 In addition to protecting consumers from cyber threats,the bill seeks to mitigate the risk of larger-scale attacks that may disrupt critical national infrastructure by exploiting interconnected devices.Fines up to 10 million or 2%of global annual revenueswhichever is higherfor essential entities,which includes public and private companies in sectors such as transport,finance,energy,water,space,health,public administration,and digital infrastructure.Fines of up to 7 million or 1.4%of global annual revenueswhichever is higherfor important entities,which includes public and private companies in sectors such as foods,digital providers,chemicals,postal services,waste management,research,and manufacturing.Criminal sanctions for management(e.g.,personal liability)and non-monetary remedies such as suspension of service orders,compliance orders,binding instructions,security audit implementation orders,threat notification orders,and close supervision.2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved26 2024 Upstream Security Ltd.All Rights Reserved26 2025 Upstream Security Ltd.All Rights ReservedIn the US,the Federal Communications Commission(FCC)voted to create a voluntary cybersecurity labeling program for wireless consumer IoT products.58 The program builds on the significant public and private sector work already underway on IoT cybersecurity and labeling.The Securities and Exchange Commission(SEC)also adopted rules on cybersecurity risk management,strategy,governance,and incident disclosure by public companies.59In February 2024,the National Institute of Standards and Technology(NIST)updated the widely used Cybersecurity Framework(CSF).60 The new 2.0 edition,which supports implementation of the National Cybersecurity Strategy,has an expanded scope that goes beyond protecting critical infrastructure to all organizations in any sector.It also has a new focus on governance and supply chain risk management,which encompasses how organizations make and carry out informed decisions on cybersecurity strategy.The CSFs governance component emphasizes that cybersecurity is a major source of enterprise risk that senior leaders should consider alongside other risks,including those that are financial,privacy,supply chain,reputational,technological,or physical in nature.2025 Upstream Security Ltd.All Rights Reserved2627 2025 Upstream Security Ltd.All Rights ReservedRegulationGDPRComprehensive legal framework to protect the privacy of individuals.Fines up to 20 million or 4%of global annual revenueWithin 72 hoursMay 2018EU member statesThe Cybersecurity ActVoluntary risk-based certification requirements,emphasizing data protection and cybersecurityWithout undue delay,and no later than 72 hours when possibleJune 2019EU member statesCyber Resilience ActComprehensive legal framework with strict cybersecurity requirements.Fines up to 15 million or 2.5%of global annual revenueWithin 24 hoursOctober 2024,with compliance requirement expected in 2027EU member statesNIS2 DirectiveEnhanced security measures and stricter enforcement measures.Fines of up to 10 million or 2%of global annual revenueWithin 24 hours,with additional reporting after 72 hours and 30 daysOctober 2024EU member statesProduct Security&Telecommunications Infrastructure BillComprehensive approach to integrating cybersecurity into product development and lifecycle managementDisclose incidents promptlyApril 2024UKNIST Cybersecurity Framework 2.0Comprehensive framework to manage and reduce cybersecurity risks now includes expanded industry scope,and governance and supply chain risk management componentsNoneFebruary 2024USCyber Trust Mark LabelingVoluntary cybersecurity labeling program for IoT devicesNoneEnd of 2024USSEC Cybersecurity Reporting RequirementsCompanies must provide detailed annual reports on their cybersecurity risk management strategies,including governance best practices,and the boards role in overseeing risksWithin 4 business days for material incidents;must provide comprehensive detail about the incident nature,scope,impact on operations and financialsDecember 2023USImpact on IoTReporting RequirementsEffective DateScopeOverview of IoT regulatory landscape impacting Smart Mobility devicesSource:Upstream Security 2024 Upstream Security Ltd.All Rights Reserved28 2025 Upstream Security Ltd.All Rights ReservedISO/WD 24882 is a new standardwhich is still under development and has not yet reached the final stages of approvalthat aims to establish engineering requirements for the cybersecurity of electrical and electronic systems for Agriculture OEMs,including components and interfaces.61 It covers the entire lifecycle of these systems,from concept through to decommissioning,ensuring that cybersecurity risks are managed effectively.The new standard outlines cybersecurity requirements that highlight the importance of protecting access to devices components,command and control functions,and sensitive data:Whereas R155 provides a broad global regulatory framework,ISO/WD 24882 provides detailed technical guidance that is tailored to the unique challenges of the agricultural sector,and the threats associated with the rural deployment and operational environment of agricultural machinerywhere connectivity may be limited and updates are less frequent,but unauthorized access or tampering could have severe consequences.Risk Assessment:OEMs must conduct comprehensive cybersecurity risk assessments for their connected systems and components during the concept and development phases.Design&Development:Cybersecurity must be integrated into the design and development processes of agricultural machinery,with specific requirements for hardware,software,and communication interfaces.Production&Maintenance:The standard requires the implementation of secure production and maintenance practices,ensuring that cybersecurity is maintained throughout the lifecycle of the machinery.Decommissioning:Even at the end of a devices life,OEMs need to consider secure decommissioning procedures to prevent unauthorized access to sensitive data and systems.ISO/WD 24882 aligns with the EUs CRA,but expands its coverage beyond the EU,and is also expected to impact the implementation of R155,which may expand to cover vehicle categories T(e.g.,agricultural machinery),R(e.g.,agricultural trailers),and S(e.g.,interchangeable towed agricultural equipment).62 As cybersecurity threats evolve,regulations and standards are likely to be continually updated as well.OEMs that adopt ISO/WD 24882 early will be better positioned to adapt to future regulatory changes,including any updates to R155 and the CRA that further tighten cybersecurity requirements.In response to increasing cyber risks,ISO/WD 24882 introduces new cybersecurity requirements for Agriculture OEMs 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved29CLOSING CYBER GAPS REQUIRES PRODUCT SECURITY TEAMS TO EXPAND RESILIENCE BEYOND REGULATORY REQUIREMENTSA vehicle security operation center(vSOC)is an essential part of R155&R156 compliance,enabling OEMs to monitor connected vehicles in real time and respond to threats quickly.Many OEMs are still lagging behind in implementing their vSOC roadmaps,even though vSOCs are essential for cyber resilience.As the threat landscape continuously evolves,and attacks with massive scale and impact dominate,cyber gaps begin to emerge and cybersecurity teams must evolve their vSOCs beyond regulatory requirements,continuously maintaining security postures.Closing the cyber gaps requires live monitoring of fleets,Smart Mobility devices,and smart mobility systems and APIs,as well as an investment in talent and improved attack-detection and vSOC execution capabilities.The scope of vSOC-monitored vehicles grew substantially with the second milestone of R155 in July 2024,which expanded coverage to all new vehicles in production.OEMs had to adjust their vSOC teams,platforms,and processes accordingly.1.0R155&R156 ComplianceInitially,OEMs establish R155&R156 compliance by building a dedicated vSOC with a clear framework and a well-defined strategy and scope.In addition,OEMs are required to implement Cyber Security Management and Software Update Management systems(CSMS and SUMS),and conduct a comprehensive audit of their cybersecurity framework against R155 to achieve certification.As demonstrated above,though meeting regulatory requirements is a fundamental task for product security teams,it may create a false sense of resilience and significant coverage gaps.The vSOC evolution from compliance to large-scale risk mitigation can be broken down into 4 stages:2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved302.03.04.0Remediation&AutomationNext,the vSOC develops and implements end-to-end playbooks to structure and automate response activitiescontinually expanding coverage and automation capabilitiesand integrates the vSOC with other enterprise IT systems such as IT service management(ITSM),security information and event management(SIEM),extended detection and response(XDR),and security orchestration,automation and response(SOAR)to ensure cross-organization visibility and effective remediation.During this stage,vSOCs focus on becoming more data-driven.vSOC teams integrate as many data feeds as possible into the detection and investigation phase and use automotive-specific cybersecurity analytics to detect threats and anomalies in near or real-time.The GenAI-Powered vSOCWith modern vSOCs dealing with massive amounts of data from multiple sources,dynamic SBOMs,and global supply chain risksGenAI is key to gaining greater visibility,streamlining investigations,and supporting long-term vSOC efficiency.The GenAI-powered vSOC introduces unparalleled efficiencies,enabling cybersecurity teams to expand their data-driven detection and vSOC execution capabilities.They can quickly analyze massive amounts of connected vehicle and mobility data,detect patterns,filter incident alerts,automate investigations,and conduct enhanced TARA to address large-scale risks.Smart Mobility Devices&Autonomous TechnologiesUltimately,the vSOC becomes truly cross-functional and coverage is expanded to include autonomous vehicles,mobility applications,OT,and Smart Mobility devices to protect vehicles,infrastructure,and customers during the post-production phase.The vSOC Evolution1.02.03.04.0From compliance to large-scale risk mitigationWP.29 UNECER155,R156RemediationAutomationThe GenAl-Powered vSOCloT&AutonomousSource:Upstream Security30 2025 Upstream Security Ltd.All Rights Reserved 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved31Evaluating and minimizing product cybersecurity gapsFour types of organizations are represented in the quadrant:Data-oriented playersEmerging cybersecurity adoptersData-driven cyber security leadersvSOC pioneersThe Automotive Cybersecurity Quadrant,developed by UpstreamvSOC execution Data-driven detectionUpstream developed a unique methodology to evaluate product cybersecurity posture and identify potential gaps.The Automotive Cybersecurity Quadrant is a strategic framework designed to provide insights into the current cybersecurity posture,and identify areas for improvement to achieve optimal security outcomes and effectively use connected vehicle data.The positioning of organizations on the Automotive Cybersecurity Quadrant is determined by evaluating each organizations performance across a set of criteria for both data-driven detection and vSOC execution.Data-driven Detection represents how effectively customers are using the data collected from their connected vehicles.Criteria include data coverage,diversity,quality,freshness,and richness.Higher data-driven detection shows that customers are using their data more efficiently to support cybersecurity strategies,enabling them to improve their security posture and unlock new business opportunities.vSOC Execution is a measure of vSOC operations and workflows that customers have in place.Evaluation criteria include readiness,prediction,monitoring,detection,and response capabilities.A higher degree of vSOC Execution suggests a more comprehensive and mature deployment of vehicle security operations center capabilities,resulting in improved cybersecurity protection for connected vehicles.2024 Upstream Security Ltd.All Rights Reserved32 2025 Upstream Security Ltd.All Rights ReservedTo close cybersecurity gaps,stakeholders must expand their data-driven detection and vSOC execution capabilities,including:Monitoring coverage expand monitoring to all connected assets including vehicles,smart mobility applications,APIs,and Smart Mobility devices.Advanced ML-based modules apply advanced AI/ML models to effectively detect unknown threats and attacks,including complex low and slow attacks.Vulnerability management analyze products and components,from a single ECU or connected device and up to a complete vehicle model.Enhanced TARA generate complex insights based on deep and dark web CTI data and in-depth TARA.GenAI-powered vSOC transform vSOC operations and introduce unparalleled efficiencies.Data-Driven Cybersecurity Leaders(Top-Right):Organizations in this quadrant excel in both data utilization and vSOC execution and have advanced in their vSOC journey to the vSOC 4.0.They effectively use connected vehicle and device data and have a robust vSOC deployment,resulting in strong cybersecurity detection and investigations.These organizations serve as industry leaders,setting high standards for connected vehicle cybersecurity.Data-Oriented Players(Top-Left):Organizations in this quadrant have high data utilization but limited vSOC execution(vSOC 1.0-2.0)and have not yet expanded to cover Smart Mobility devices or autonomous systems data feeds.They have extensive data from their connected vehicles but may not be fully using their vSOC capabilities to maximize their cybersecurity protection.These organizations can benefit from improving their vSOC integration to better use their data for improved security.vSOC Pioneers(Bottom-Right):Organizations in this quadrant have lower data utilization but have advanced in their vSOC execution by implementing purpose-built workflows and automations(vSOC 2.0-3.0).They might not have extensive connected vehicle data,but their effective vSOC methodologies and processes help them maintain a basic level of cybersecurity protection.These organizations can benefit from increasing their data utilization to further strengthen their cybersecurity posture.Emerging Cybersecurity Adopters(Bottom-Left):Organizations in this quadrant are focused on compliance requirements and have lower data utilization and limited vSOC execution(vSOC 1.0).They are in the early stages of adopting product cybersecurity best practices and have the potential to improve their cybersecurity by increasing data usage and implementing a more comprehensive vSOC.These organizations can learn from industry leaders and work towards improving their data-driven cybersecurity approach.33 2025 Upstream Security Ltd.All Rights ReservedTHE ELEPHANT IN THE BOARDROOM By leveraging its vast manufacturing advantages,strategic investments in New Energy Vehicles(NEVs)technologies,and extensive government support,China has become a major force in the Automotive ecosystemreshaping global markets and the cybersecurity landscape02.2024 Upstream Security Ltd.All Rights Reserved34 2025 Upstream Security Ltd.All Rights ReservedCHINAS STRATEGIC INVESTMENTS AND GOVERNMENT SUPPORT ARE RESHAPING THE AUTOMOTIVE INDUSTRYOver the last decade China adopted and implemented its Made in China 2025(MIC 2025)plan,a ten-year,comprehensive blueprint launched in 2015.MIC 2025 was designed to reduce Chinas dependence on foreign technology and promote Chinese high-tech manufacturers in the global marketplace.The plan was designed to transform China into an advanced manufacturing leader and called for technological breakthroughs in ten strategic industrieselectric vehicles,information technology,telecommunications,artificial intelligence,advanced robotics,agricultural technology,aerospace engineering,maritime engineering,bio-medicine,and rail infrastructure.By early 2020,almost 1,800 government guidance funds(GGFs)tied to MIC 2025 had registered a capital target of$1.5 trillion and raised$627 billion toward it.Often,GGFs(which are state owned)take an equity stake or board position in the companies they fund and can influence corporate decision-making as a result.63 MIC 2025 used the power of the state to alter global dynamics in industries essential to its economic competitiveness.64 China also used its legal and regulatory systems(e.g.,taxes,trade restrictions,standards,forced JVs,IP transfers,procurement polices,etc.)to favor domestic Chinese companies over foreign ones in the targeted MIC 2025 sectors.The plan even went as far as setting explicit sales growth and market share targets that are to be filled by domestic companies.Localization and indigenization of R&D(e.g.,locally developed or acquired foreign technologies,IP,and brands)and control of global supply chains segments(e.g.,vertical integration);1Substitution of foreign technology with indigenous technologies as a strategic imperative;2Followed by capturing global market share across MIC 2025 industries and technologies.3MIC 2025 employed a multi-step process to achieve this goal:35 2025 Upstream Security Ltd.All Rights ReservedA decade later,China has become a major force in the global Automotive industry,and enjoys massive manufacturing advantages over other countries.Global OEMs operating in China are well aware of Chinas manufacturing advantageslike Tesla,which produces half of its global output at its Shanghai gigafactory.66 With preferential access to capital,domestic companies were able to develop indigenous R&D and manufacturing capabilities,advance new manufacturing technologies,gain control and vertically integrate their supply chains,acquire foreign technology,and enhance their competitiveness.CHINAS MIC 2025 HAS PROPELLED ITS NEV LEADERSHIPChina is now the worlds largest market for new energy vehicles(NEVs)which includes battery electric vehicles(BEVs),plug-in hybrids(PHEVs),and fuel cell electric vehicles(powered by hydrogen).According to the latest official data,the number of newly registered NEVs in China jumped by nearly 40%year-on-year in the first half of 2024 to a record high.OEMs have never faced a stronger,more motivated,and technologically advanced competitor:65 Production scale of over 30 million units in 2023Production capacity of over 48 million units in 202325%-30%cost advantage50ster time to market400%-500%higher government subsidies 76%of global EV batteries productionControl of supply chains and vertical integrationSource:Upstream Security 2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved36Infrastructure for NEVs also expanded rapidly during the same period,with the number of NEV chargers jumping by 54%year-on-year to 10.2 million,including 3.1 million public charging facilities.As of June 2024,there are a total of 24.7 million NEVs registered in China,accounting for 7.2%of total vehicle ownership.The number of BEVs exceeded 18.1 million,representing 73.3%of NEVs.67 As of September 2024,Teslas Model Y remained the best-selling electric car in China,according to Chinese automotive website Autohome.Chinese NEV maker BYDs Seagull trailed closely behind in second place.68 In October 2024,BYDs global quarterly sales overtook Teslas for the first time,crowning a remarkable rise for the Chinese OEM.69 MIC 2025 TRANSFORMS THE AUTOMOTIVE REGULATORY LANDSCAPEIn January 2024,Chinas Ministry of Industry and Information Technology(MIIT)released a sweeping plan to accelerate the establishment of standards for automotive chips.Often referred to as the Guidance on Formulating National Automotive Chip Standards”,this plan includes more than 30 critical standards to be implemented by 2025,and more than 70 standards by 2030.70 The standards are focused on clarifying basic requirements related to reliability as well as the environment,electromagnetic compatibility,functional safety and information securityin an attempt to further boost research and development of the critical product amid increasing international competition.71 Furthermore,Chinas automotive regulations took a significant leap forward in 2024 with the introduction of new cybersecurity standards for intelligent networked vehicles,safety requirements and testing methods for collisionsalong with plans to become a key player in the global automotive industrys standards development process.In May 2024,the Standardization Administration of China(SAC)72 introduced new GB standards,a set guidelines and specifications,for safety requirements and test methods in the event of rear-end collision for passenger vehicles(GB 20072202X)and the protection of the occupants in the event of a lateral collision(GB 20071202X).The new standards replace the previous versions from 2006,and are expected to take effect in July 2026.73 2024 Upstream Security Ltd.All Rights Reserved37 2025 Upstream Security Ltd.All Rights ReservedIn June 2024,MIIT announced plans to formulate new standards for the global Automotive industry,focusing on NEVs and intelligent connected vehicles.China will lead the development of nearly 20 international standards,including those for fuel cell vehicles,electromagnetic compatibility,and automotive radar.In addition,China aims to develop at least three new international standards for electric vehicle(EV)performance-testing methods and collision safety terminology,and to establish one or two international standards working groups.China will also focus on the development of global technical regulations for autonomous driving systems,and expedite the formulation of regulations on maximum EV power output measurement methods and the second phase of power battery durability.74 Intelligent Networked Vehicle Autonomous Driving Data Recording System stipulates the technical requirements and test methods of the intelligent networked vehicle autonomous driving data recording system in terms of data recording,data storage and reading,information security,collision resistance performance,environmental evaluation,etc.GB 44497-2024Technical Requirements for Information Security of Automobiles stipulates the requirements of the automobile information security management system,as well as the technical requirements and test methods for external connection security,communication security,software upgrade security,data security,etc.GB 44495-2024General Technical Requirements for Automobile Software Upgrade stipulates the management system requirements for automobile software upgrade,as well as the technical requirements and test methods for vehicle software upgrade functions such as user notification,version number reading,safety protection,prerequisites,power guarantee,failure handling,etc.GB 44496-2024In August 2024,MIIT published the first batch of mandatory national standards for intelligent networked vehicles in China,set to take effect on January 1,202675:2024 Upstream Security Ltd.All Rights Reserved38 2025 Upstream Security Ltd.All Rights ReservedGlobal OEMs operating in China should prepare for the 2026 milestone,and analyze the gaps between the new Chinese national standards and current international standards.Overall,GB 44495-2024 shares many common principles with UNECE WP.29 R155 and ISO/SAE 21434 requirements of a cybersecurity management system.However,it introduces market-specific,detailed technical requirements.76 In addition,GB 44495-2024 stresses the importance of risk management,like ISO/SAE 21434,which includes continuous monitoring,risk assessments,and response measures to ensure that vehicles remain secure even as new threats emerge.ScopeSpecificityTesting RequirementsCertificationOnly applies to M(passenger),N(commercial),and O(trailers,including semi-trailers)vehicle types.Includes L6 and L7,and is expected to expand to all category L vehicles.Provides detailed technical requirements and testing methods.Offers a broader framework and risk categories(Annex 5),granting manufacturers flexibility in implementation.Lists 27 specific cybersecurity tests that manufacturers must perform,covering various aspects of vehicle cybersecurity including:external connections,communication systems,software updates,data security,access control,Denial-of-Service(DoS)protection,and more.Emphasizes the necessity of cybersecurity testing,but does not prescribe specific testing methods.Requires an audit without issuing a certificate or requiring renewals.Requires a formal certification process with periodic renewals.GB 44495-2024R155Although both standards aim to enhance vehicle cybersecurity,they differ in several key aspects:Source:Upstream Security 2024 Upstream Security Ltd.All Rights Reserved39 2025 Upstream Security Ltd.All Rights ReservedCHINAS FAST-GROWING NEV INDUSTRY COMES WITH INCREASED CYBERSECURITY RISKSCybersecurity risks are increasing in Chinas booming NEV industry.Threat actors are increasingly targeting Chinese NEV makers and suppliers with ransomware and data exfiltration attacks.Security researchers are also discovering critical vulnerabilities in Chinese NEVs,including their telematics systems,vehicle infotainment systems,and OEM apps.Numerous cyber incidents involve Chinese Tier-1 and Tier-2 suppliers,heightening global supply chain concerns.In March 2024,a Chinese Tier-2 supplier of automotive electronic parts was attacked by a data exfiltration and extortion group.The breach involved the exfiltration of 1.2TB of data,impacting both Chinese and global OEMS.The data includes personal information,customer data,source code,SQL databases,and internal and external email correspondence with attachments.77In May 2024,security researchers discovered a critical vulnerability in a Chinese EV makers telematics system,resulting from a Radio Access Network(RAN)attack.The attack compromised GPS functionality and also disrupted the vehicles network connectivity and associated FMS(Fleet Management System)functionalities.Consequently,tracking or locating the vehicle was impossible,and basic functionalities such as engine start or stop were also inoperable,until the vehicle was manually restarted.78In June 2024,Chinese automotive Tier-1 supplier,specializing in thermostats and temperature sensors,was hit by a ransomware attack resulting in the exfiltration of over 300GB of sensitive data.The breach compromised the companys operational integrity as well as disrupted their online activities,affecting their website directly.The stolen data included confidential documentation,financial records,and personal information.79In August 2024,security researchers discovered an unprotected database containing sensitive information on more than 750,000 Chinese car owners.The database,hosted on a US-based IP address,exposed names,ID numbers,phone numbers,addresses,VINs,car models,and more,leaving individuals at risk of identity theft and vehicle-related crimes.The database was locked down after 48 hours,but its ownership remains unknown.The security researchers suggest that the combination of data may have been collected by cybercriminals rather than a legitimate organization.80 In September 2024,a Chinese Tier-1 supplier,specializing in automotive CAN BUS protocol solutions,was targeted by a hacktivist group as part of their operation against Chinese companies.2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved40The group claimed to have attacked and shut down the companys official website servers.There is no independent verification of these claims,and the company has not commented on the extent of the attack.81 In September 2024,Chinese security researchers demonstrated a Bluetooth Low Energy(BLE)relay attack to relay information between the PhoneKey system and the vehicle at the protocol level.Protocol-based relay attacks have the advantage of not requiring physical proximity between the victim(vehicle owner),who can be anywhere in the world,and the vehicle.82Vehicle owners with Phone-as-a-Key(PAAK)systems can use an authorized mobile phone to unlock and control the vehicle within a certain proximity.Although PAAK uses challenge-response as an authentication mechanism,it does not enable BLE link-layer pairing or encryption,making it an ideal target for Gattacker,a Man-in-the-Middle and analysis tool for BLE devices,originally launched in 2017.Researchers successfully exploited popular models of Chinese and American EV OEMs,targeting vehicles that do not implement BLE link-layer pairing or encryption.Vehicles that had enabled PIN code requirements during the initial pairing stage were not vulnerable.The researchers reported their findings to the respective OEMs.In September 2024,a security researcher published an article showing the exploitation of Braktooth vulnerabilities in Bluetooth chipsets used in vehicle infotainment systems.The vulnerabilities are present in various Bluetooth chipsets across many manufacturers,and allow attackers to exhaust the Bluetooth resources of the target device.The attacker can disrupt or crash other Bluetooth devices connected to the target chipset.The research was based on older analysis from 2021,while recent testing revealed that many popular vehicle models in China are susceptible to Braktooth attacks.83 These incidents underscore the increasing risks associated with Chinese OEMs rapid expansion into international markets.The exposure of critical vulnerabilities in high-profile markets like the US and EU amplifies regulator scrutiny and raises barriers to market acceptance.2024 Upstream Security Ltd.All Rights Reserved41 2025 Upstream Security Ltd.All Rights ReservedIn September 2024,the US Department of Commerce published a Notice of Proposed Rulemaking that would ban the sale or import of connected vehicles integrating specific pieces of hardware and software,or those parts sold separately,with a sufficient nexus to the Peoples Republic of China or Russia.85 THE INTERNATIONAL RESPONSE TO CHINESE NEV GROWTH AND CYBERSECURITY CONCERNSMASSIVE TARIFFS AND TECHNOLOGY BANSThe rapid rise of Chinas NEV sector is raising concerns about global technological growth and the cybersecurity resilience of connected vehicles,autonomous driving,electric vehicles,batteries,and EV charging infrastructure.In February 2024,China committed to helping its EV makers cope with international trade restrictions and build overseas supply chains,as part of a major global expansion effort for the industry.The pledge comes as Chinas booming EV exports face increasing protectionist pushback in some regions,including Europe and the US.84 The rule focuses on hardware and software integrated into the Vehicle Connectivity System(VCS)and software integrated into the Automated Driving System(ADS)which present undue risk to US critical infrastructure,national security,and the safety of drivers.The planned rules would effectively ban Chinese vehicles from the US market,but would also force OEMs to remove Chinese software and hardware from vehicles sold in the US.The proposed rule marks a significant escalation in ongoing US restrictions on Chinese vehicles,software,and components.The bans on software would take effect for Model Year 2027,and the bans on hardware would take effect for Model Year 2030,or January 1,2029 for units without a model year.86 Inspired by US actions,European officials have also echoed Washingtons concerns over the potential cybersecurity,espionage,and sabotage risks posed by Chinese automotive technology.87 European officials have been drafting an Information and Communication Technology(ICT)supply-chain toolbox(non-binding)a similar framework to the 5G Security Toolbox,88 which led several EU countries to ban,limit,or phase-out Chinese telco vendors.2024 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved42By the end of October 2024,when the new EU tariff rules came into effect,Reuters reported that China had told its automakers to halt big investment in European countries that support extra tariffs on Chinese-built electric vehicles.90 In early October 2024,the EUs dramatic announcement on taxation of Chinese EVs,set to rise from 10%to up to 45%over the next five years,posed the question of what impact this might have on decisions by the Chinese government towards European automakers who are actively present in China.89 The EUs increased scrutiny of Chinese software suppliers means that OEMs,particularly those with many Chinese suppliers,will need to adapt their strategies.Furthermore,the US ban will directly impact European OEMs,forcing them to adjust the supply chain for vehicles sold in the US.AUTOMOTIVE CYBERSECURITY TRENDSIn 2024,ransomware attacks with unprecedented impact dominated,SDV and AV technologies dramatically changed cybersecurity risks,and incidents involving manipulation and control of vehicle systems more than tripled03.REVIEW OF INCIDENTS Cybersecurity attacks grew in scale and impact in 2024,creating new challenges for the automotive and smart mobility industries.During 2024,Upstreams AutoThreat researchers analyzed 409 automotive and smart mobility cybersecurity incidentsan average of 34 incidents per month.A redirect vulnerability was discovered by security researchers on some German OEM subdomains.91Ransomware attack impacts one of the worlds largest semiconductor manufacturers,shutting down its website and exfiltrating 5TB of sensitive data.92A security researcher discovered a vulnerability leading to customer PII exposure in a South Korean OEM.93The PII of over 300,000 taxi passengers in the UK and Ireland was discovered in an unprotected database belonging to an Irish smart mobility provider.100Chinese hackers conducted an extended cyber espionage campaign targeting a major German OEM group to steal technical knowledge.101Security researchers uncovered a critical CAN BUS injection vulnerability,potentially compromising e-scooter riders safety and privacy.102Security researchers discovered a German OEM cloud misconfiguration that led to massive exposure of sensitive data.94South Korean OEM was hit by a large-scale cyberattack resulting in the exfiltration of 3TB of corporate data.95A cyberattack on a Lithuanian EV charging system shut down operations for hours,with attackers stealing data of 20,000 customers.96Security researchers discovered a critical vulnerability in a Chinese OEM telematics system,compromising GPS functionality.103A prominent European vehicle tracking and fleet management device provider was hit by a cyberattack that resulted in a data breach.104A European non-profit shared mobility provider suffered a severe cyberattack,resulting in service disruptions across all its platforms.105Security researchers discovered a vulnerability affecting an Indian OEMs automotive management application.106A security researcher identified a severe vulnerability in a popular vehicle software development platform,used in infotainment,ADAS,and autonomous driving systems.107A ransomware attack on a leading US-based provider of dealership management software used by 15,000 dealerships,resulted in dealer operations being halted for nearly three weeks108 and estimated losses of$1.02 billion.109Security researchers from Colorado State University showed how ELDs can be accessed over Bluetooth or Wi-Fi connections to take control of a truck,manipulate data,and spread malware.97A Chinese Tier-2 supplier was hit by a ransomware attack,leading to a major breach of 1.2TB of data,impacting global OEMs.98A security researcher discovered an unprotected 585GB database with more than half a million PII and business records of an American EVSE provider.99JANUARYAPRILFEBRUARYMAYMARCHJUNE 2025 Upstream Security Ltd.All Rights Reserved44The top incidents in 2024:White HatBlack Hat 2025 Upstream Security Ltd.All Rights Reserved45Security researchers identified vulnerabilities in EV charging stations enabling unauthorized access and operational disruptions.110 A security researcher discovered a vulnerability within the web-based UI on traffic controllers in Norway,enabling them to gain full control of the traffic controller.111 A German OEMs Hong Kong branch allegedly experienced a cyberattack compromising sensitive customer PII.112 A security researcher discovered a critical vulnerability in a Dutch traffic signal preemption system,resulting in replacing thousands of traffic lights.119 A ransomware group claimed to have stolen internal documents,financial records,and personal information from a German OEM group.120 Security researchers identified a vulnerability in the VCSEC ECU(immobilizer unit)used by a US EV OEM,potentially leading to control compromise.121 A security researcher identified critical vulnerabilities in the Android-based OS embedded in the infotainment systems of major automakers.113 South Korean automotive supplier hit by a ransomware attack,compromising 2.3TB of data.114 Security researchers discovered a hardware backdoor in MIFARE technology widely used in public transportation systems.115 A UK-based telematics provider hit by a cyberattack resulting in business disruption and potential data theft impacting multiple international clients.122 Security researchers detected six critical zero-day vulnerabilities in Japanese OEM infotainment systems.123 A data breach affecting multiple Charging Point Operators(CPOs)led to over 116,000 consumers PII and OCPP data from EVSEs leaked on a deep web hacking forum.124 Security researchers discovered critical vulnerabilities in autonomous driving systems Internet Control Message Protocol(ICMP),potentially resulting in flood attacks.116 A security researcher demonstrated Braktooth vulnerabilities which can lead to crashes and remote code execution affecting multiple infotainment systems of various OEMs.117 Security researchers revealed major API vulnerabilities in a Korean OEMs dealership API,which allowed them to control vehicles using only license plates.118 Security researchers detected multiple vulnerabilities affecting infotainment systems of a German OEM.125 Security researchers discovered multiple vulnerabilities potentially leading to data theft in infotainment systems of a Chinese OEM.126 Cyber attack disrupts global auto parts supplier business operations in Canada.127 JULYOCTOBERAUGUSTNOVEMBERSEPTEMBERDECEMBER 2025 Upstream Security Ltd.All Rights Reserved46ATTACKS BY BLACK HATS CONSISTENTLY OUTNUMBER THOSE BY WHITE HATSAs technologies and cybersecurity measures advance,threat actors have also evolved,and stakeholders must gain deep visibility into who is carrying out attacks.Hackers are classified as black hats,white hats,or gray hats depending on their intentions,actions,and malicious intent:Black hat hackers attack systems for personal gain,financial gain,or for malicious purposes.Todays black hat hackers are no longer lone malware developers.They are often part of well-organized and well-resourced operations,which employ thousands of cybercriminals worldwide,capable of coordinated simultaneous attacks against multiple organizations.Gray hat hackers are a subset of the general white hat attackers group,and present a dynamic landscape in which the lines blur between ethical and malicious activities.These hackers contribute both to discovering vulnerabilities and,in some cases,exploiting them.Gray hat hackers are driven by a variety of motivations,running from responsible disclosure to less altruistic incentives,such as financial reward or recognition.Also,their activities often raise ethical and legal questions regarding their work without explicit permission.In contrast,white hat hackers,often researchers without malicious intent,who try to penetrate and manipulate systems to validate security or assess vulnerabilities.White hat hackers continually find new and disturbing vulnerabilities.They operate independently,through companies using their services,or as part of a bug bounty program,where they are rewarded for responsibly disclosing vulnerabilities.Black HatWhite HatGray HatIn 2024,black hat hackers carried out over 65%of all attacksSource:Upstream SecurityBlack Hat65%White Hat35 24 Upstream Security Ltd.All Rights Reserved 2025 Upstream Security Ltd.All Rights Reserved47IT black hat attacks and automotive black hat attacks differ greatly in their consequences and impact.Malicious automotive black hat attackswhich are closely aligned with cyber attacks on IoT and critical infrastructure,such as health,energy,and governmental facilitiesresult in not only disruption of services and financial losses,but also potential for safety risks and loss of lives.In February 2024,a South Korean OEMs European division was hit by a ransomware attack that disrupted its operations.The attackers claimed to have exfiltrated 3TB of data and shared images of stolen folders.The OEM confirmed the attack and collaborated with the authorities to recover and investigate the incident.128 In June 2024,a ransomware attack on a leading US-based provider of dealership management software used by 15,000 dealerships,resulted in shutting down dealer operations across the US for nearly 3 weeks.According to a CNN report citing multiple sources,the company likely paid a$25 million ransom to speed up recovery and end the outage.129 The Anderson Economic Group(AEG)estimated that total direct losses to franchised auto dealers reached$1.02 billion.130 In November 2024,a UK-based telematics company experienced a cyberattack that impacted critical operational services and multiple international fleets.131 The attack prevented fleet operators from accessing fleet management data,causing operational disruption and delivery delays to major retailers in various sectors.In response to the incident,the company notified authorities and began working to restore services.132 Also in November 2024,a prominent threat actor exposed approximately 116,000 records of sensitive data from multiple global CPOs.133 Initially claimed to be from an American EV OEM charging network,the breach was later found to encompass data from diverse charging stations across the globe,with victims spanning the UAE,Australia,Mexico,Puerto Rico,Guyana,Saudi Arabia,Oman,and India.These attacks result in not only disruption of services and financial losses but also potential safety risks and loss of lives,particularly in critical infrastructure sectors.In many of these incidents by black hats,consumers remained unaware of potential risks,raising the bar for cybersecurity teams.The increasing sophistication and frequency of these attacks underscore the urgent need for robust cybersecurity measures and proactive threat intelligence to mitigate the risks posed by black hat hackers.48 2025 Upstream Security Ltd.All Rights ReservedNEARLY ALL ATTACKS ARE REMOTEMost automotive cyber attacks can be divided into two main categories:remote attackswhich can be short-range(e.g.,man-in-the middle attack)or long-range(e.g.,API-based attack)and physical attacks,which require a physical connection to the vehicle(e.g.,OBD port).Remote attacks rely on network connectivity(e.g.,Wi-Fi,Bluetooth,3/4/5G networks),and have the potential to impact numerous vehicles simultaneously.Remote attacks have consistently outnumbered physical attacks since 2010accounting for 88%of all attacks between 2010 and 2024,and 92%in 2024.In 2024,long-range attacks accounted for 84%of remote attacksthis remains consistent with last year,following a 30%spike in 2022 caused by the increased adoption of connectivity and software-defined architecture.Nearly all 2024 incidents were remoteThe vast majority of remote incidents in 2024 were long-rangeSource:Upstream SecurityRemote92%Physical8%Short-range16%Long-range84%INCIDENTS INVOLVING MANIPULATION AND CONTROL OF VEHICLE SYSTEMS MORE THAN TRIPLED The impact of cyber attacks on the Automotive and Smart Mobility ecosystem is growing in scale.Vehicle attacks often compromise sensitive data,but they can also have far-reaching consequences,including vehicle theft,fraud,and the manipulation and control of vehicle systems,which may result in safety risks.49 2025 Upstream Security Ltd.All Rights ReservedData and privacy-related incidents accounted for 60%of 2024 incidents.The percentage of incidents involving car system manipulation and control of vehicle systems increased dramatically in 2024,accounting for over 35%of incidents.Service/Business disruptionDisruptions to normal business operations caused by cyber attacks(e.g.,shutdowns caused by ransomware,or attacks on backend systems that disrupt fleet operations).Data/Privacy breachA data breach occurs when a threat actor gains unauthorized access to sensitive data such as intellectual property(IP),trade secrets,financial information,or personally identifiable information(PII).Cybersecurity incidents involving data breaches are the most common and most expensive.FraudIllegal use of vehicle data and/or vehicle functionality by threat actors for financial gain.Vehicle theftVehicle thefts involving long-range,short-range,and physical attacks by threat actors.Car system manipulationThreat actor activities targeted at tampering with various in-vehicle systems,changing their expected operational behavior,and creating safety risks.Policy violationThreat actors actions that violate established rules,regulations,or policies regarding the use,operation,or management of vehicles.Location trackingIllegal use of GPS navigation data to track a vehicles location and movement without user or owner consent.Control of vehicle systemsThreat actors can take full or partial control of a vehicle from long distances by overriding its systems through connected components.2025 Upstream Security Ltd.All Rights ReservedThe increase can be attributed to several factors.Firstly,increased research on EV chargers and infotainment systems has contributed significantly to this surge.This is evidenced by projects such as the Automotive Security Research Group(ASRG)and several other prominent white hat groups who actively discovered CVEs.Furthermore,Upstreams enhanced research into open-source software in fields like autonomous vehicles and IoT mobility,including smart mobility(e.g.,telematics systems),smart city system(e.g.,traffic lights systems)and EVSE,has also contributed to the upward trend.2024 Upstream Security Ltd.All Rights Reserved50 2025 Upstream Security Ltd.All Rights Reserved 2024 Upstream Security Ltd.All Rights Reserved50 2025 Upstream Security Ltd.All Rights Reserved2024 impact breakdown,based on 409 automotive-related cyber incidentsService/Business disruption Car system manipulation/Vehicle controlFraudLocation trackingVehicle theftMalwarePolicy violationSource:Upstream SecurityData/Privacy breachMONITORING CVES IS CRUCIAL The Common Vulnerability Scoring System(CVSS)was designed to provide an open and standardized method for rating CVEs.CVSS helps organizations prioritize and coordinate joint responses based on the vulnerabilitys base,temporal,and environmental properties.134 Vulnerabilities are also graded from Critical,High,Medium to Low,or None,based on their CVSS score.135 In our analysis of CVEs,we focus only on CVEs that directly affect the Automotive and Smart Mobility ecosystem(OEMs,Tiers-1s,shared mobility,mobility IoT devices,fleets,etc.).We exclude from this analysis CVEs that relate to generic IT hardware or open-source software components that may be used across the supply chain.60S5%3%3%3%2P 2024 Upstream Security Ltd.All Rights Reserved51 2025 Upstream Security Ltd.All Rights ReservedThe Automotive industry has experienced 1,147 specific CVEs since 2019;422 CVEs were published in 2024,compared with 378 in 2023.Several factors have contributed to the increase in CVEs,including increased adoption of connected components,greater stakeholder awareness of vulnerabilities,and more research initiatives into EV chargers and infotainment systems.Security teams,developers,and researchers use CVSS together with several other methods to assess risks.CVSS scores have practical applications across the products supply chain,such as determining whether vulnerabilities have already been exploited and prioritizing patching efforts,and allocating time and resources more efficiently.CVSS is also used by ISO/SAE 21434 as part of the standards risk assessment process to determine attack feasibility.Number of automotive-related CVEs found in 2019-2024Source:Upstream SecurityCVEs should also be closely monitored by fleet managers and operators.CVEs not only factor into risk assessments across the fleet,but can also be considered when strategically designing fleet composition.2024202320222020201920212433139151378422 2024 Upstream Security Ltd.All Rights Reserved52 2025 Upstream Security Ltd.All Rights ReservedOVERVIEW OF 2024 CVES CVEs are acknowledged and cataloged cybersecurity risks that can be quickly referenced across the Automotive and Smart Mobility ecosystem.It is common to find these threats on OEM products,but they can also appear in the products of OEM supply chain companies.OEMs assemble vehicles from hundreds of software and hardware modules produced by Tier-1 and Tier-2 suppliers.Each components quality and safety rests with the company that produces it.Consequently,each company involved in the supply chain has the responsibility to oversee and ensure the quality and safety of each automotive-related product.Because vulnerabilities are not always addressed on time,or even at all,a single flaw in a commonly used software module or component can impact millions of vehicles.Vulnerabilities disclosed by CVEs can also be exploited by attackers.In 2024,the number of published CVEs was significantly impacted by funding shortages and cutbacks at the US National Vulnerability Database(NVD).Beginning early in the year,the NVD experienced a marked slowdown in vulnerability publications and analysis,leaving enterprise cybersecurity teams without timely and critical intelligence.In April,the National Institute of Standards and Technology(NIST)announced plans to collaborate with other agencies and industry partners to address a growing backlog of software vulnerabilities awaiting analysis.136 Although the pace of publications improved later in the year,the NVD still struggled with delays in CVE analysis.Reports from May 2024 revealed that over 90%of CVE submissions remained unanalyzed or lacked enrichment.137 By November,NIST reported having a full team of analysts in place to process incoming CVEs in real-time.However,the agency acknowledged that clearing the backlog would take longer than initially projected,despite its optimistic forecasts.138 2024 breakdown of publicly reported automotive-related vulnerabilitiesCVEsSource:Upstream SecurityOEMTier-1Tier-2EVSEOther28422374174 2024 Upstream Security Ltd.All Rights Reserved53 2025 Upstream Security Ltd.All Rights ReservedTogether with the increase in automotive-related CVEs in 2024,we also witnessed a nearly 41%increase in critical vulnerabilitieswhich accounted for over 11%of total CVEs,up from 9%in 2023.This trend amplifies the importance of closely monitoring automotive-specific CVEs by all stakeholders and proactively detecting exploits,as well as prioritizing mitigation.Critical Vulnerabilities4821114419In 2024,the CVSS-scored vulnerabilities analyzed by Upstreams analysts had:Source:Upstream SecurityHigh VulnerabilitiesMedium VulnerabilitiesLow Vulnerabilities 2024 Upstream Security Ltd.All Rights Reserved54 2024 Upstream Security Ltd.All Rights Reserved54 2025 Upstream Security Ltd.All Rights ReservedTHE IMPACT IS FELT ACROSS THE ENTIRE SMART MOBILITY ECOSYSTEM The proliferation of Smart Mobility devices ushers in a new era of cybersecurity risks on a massive scale,with a wide range of devices vulnerable to attacks such as EV charging equipment and infrastructure,autonomous systems and self-driving kits,traffic control systems,telematics systems,fleet management solutions,and smart agricultural equipment.IoT devices in the Automotive and Smart Mobility ecosystem are now critical infrastructure.Cyberattacks on these devices pose higher risks and impacts than other IoT devices,necessitating stakeholders to ensure safety,operational availability,and data integrity.Cyber attacks threaten every segment of the Automotive,Smart Mobility,and Mobility-as-a-Service(MaaS)ecosystem.Defining Automotive and Smart Mobility as critical infrastructure emphasizes the substantial cybersecurity risks these devices pose and reinforces the need to prioritize their resilience.OEMsTier-1sTier-2sElectric VehiclesEV Charging Infrastructure/Local GridsAutonomous VehiclesAgriculture EquipmentCar DealershipsCar,Commercial,and Delivery FleetsPublic TransportationGovernment Fleets/Emergency ServicesCar and Bike SharingCar RentalRide Sharing and HailingSmart CitiesInsuranceMobility IoTTSP/Fleet Management 2024 Upstream Security Ltd.All Rights Reserved55 2025 Upstream Security Ltd.All Rights Reserved OEMs&suppliers OEMs and their component suppliers are increasingly being targeted
2025-10-29
160页
5星级
Empowering Tomorrows Automotive SAutomotive Cyber Maturity Report 2025Dr.Teresina Herb,Michael Klinger,Dr.Robert Lambert,Dr.Moritz MinzlaffContents Preface 3Executive summary 4Context and design of this years survey 5Survey statistics 6Key insights 7Insight#1:Organizational and technical cyber maturity are in lockstep 8Insight#2:As GenAI moves from hype to product,security automation gains ground 9Insight#3:Cyber incidents have become commonplace 10Insight#4:Regional security regulations in times of global politics 11Survey results in detail 14Contacts&Acknowledgements 24“The survey captures what-mature companies do differently and what everyone else can learn from them.”“Security is one key dimension to ensuring and maintaining vehicle health over the lifetime.”Automotive Cyber Maturity Report 20253PrefaceRapid changes,such as those occurring in the automotive industry,require quick adaptation by market participants to stay competitive.Quickly adapting to changing environments,however,has long been a core capability for mastering cybersecurity in the face of a continuously evolving threat landscape.And so,the question of increasing an organizations cyber maturity and moving ahead of the competition are inexorably linked.Vehicles and their components are undergoing three major technological transformations:the move to centralized E/E architectures,the decoupling of software and hardware,and the integration of artificial intelligence.So it comes as no surprise that cyber maturity is a concept that must be understood on both an organizational and a technological level.Security is one key dimension to ensuring and maintaining vehicle health over its lifetime.But cybersecurity comes with its own challenges.Markets move at different speeds in adopting new regulatory requirements or new technology.Artificial intelligence is a technology moving from hype to product,necessitating solutions for its secure and complaint use.At the same time,cyber incidents have become commonplace,requiring automotive companies to both embrace new technologies and secure them simultaneously.Forward thinking,highly cyber-mature organizations see security as contributing to a larger push to advance manage-ment of vehicle systems,which leads to higher efficiency and reduced costs while meeting security requirements and expectations.I thank everyone who participated in our survey and wish you,dear reader,many useful insights from reading this years Automotive Cyber Maturity Report.Mariella Minutolo Executive Vice President Sales Automotive Cyber Maturity Report 20254Executive summaryInsight#1:Organizational and technical cyber maturity are in lockstep Companies with high cyber maturity remain characterized by end-to-end consideration of security over three dimensions:product lifetimes,ecosystems,and software supply chains.They promote DevSecOps practices for security over product lifetimes,and are concerned with ecosystem components such as backends,but also software supply chains and bills of material.They employ multi-framework cybersecurity management systems that reflect standards from multiple markets,and they are aware of and prepared for incidents.At high-maturity organizations,organizational and technical cybersecurity are synergistic and move forward in lockstep.Insight#2:As GenAI moves from hype to product,security automation gains ground Generative AI(GenAI)transforms automotive security by enhancing threat detection,vulnerability discovery,secure software development and innovation/competitiveness,but also elevates risk when wielded adversarially by attackers.Nevertheless,the level of hype for GenAI has subsided,particularly in China.Overreliance on AI decision making is seen to have the potential of decreasing situational awareness.Most participants report moderate or high levels of DevSecOps deployment,with Europe and US slightly ahead,while China is rapidly catching up.There is a growing demand for security tooling,but the heterogeneity of tools is seen as a major challenge.Generally,there is little preference between in-house and vendor-supplied tools,though qualified experts prefer in-house.Regionally,Japan has fewer in-house developments.Semiconductor suppliers prefer in-house tooling.Upper management prefers tools from vendors,integrated by third parties.Insight#3:Cyber incidents have become commonplace Incidents have become prevalent:60%of our participants are aware of a security incident and 20%of a safety incident(rising to 40%in China).Increased incident awareness correlates with maturity,time spent on cybersecurity,higher managerial level and cybersecurity expertise.Threat intelligence comes from many sources,but easer-to-access sources are more popular,especially in low-maturity organizations,whereas the deep and dark web become more popular among high-maturity organizations and qualified experts.Higher maturity organizations involve more internal departments in the resolution of incidents,and are more likely to have dedicated departments for this purpose.Insight#4:Regional security regulations in times of global politics This year,regional regulations have gained importance in line with geopolitical trends.However,as in previous years,regulatory compliance remains the primary motivation for cybersecurity especially among less mature organizations.Cybersecurity responsibility is shifting from R&D to Information and Product Security departments.The top four security frameworks have not changed since 2023:ISO/SAE 21434,UNECE R155,ISO 26262 and UNECE R156,but Chinas regulations have also increased in importance in Europe and locally.Chinese participants also rate EU regulations as very important.Among US participants,US frameworks are considered most important(52%),followed by European ones(45%),while Chinese frameworks rank lower overall(23%)though this rises to 70%among Chinese participants.Generally,organizations focus first on regulations in their local market,then on international and European standards except in Europe,where the secondary focus is on China.Cyber maturity in the automotive industry 5 Optimizing4 Advanced3 Established 2 PerformedFoundational cyber maturityHigh cyber maturity202520241 Initial349660%Automotive Cyber Maturity Report 20255Context and design of this years survey With its 5th edition,the ETAS Cyber Maturity Survey has now definitively established its place and importance in the auto-motive cybersecurity community.The survey targeted automotive professionals whose work involves various aspects of security ranging from security engineers and production specialists to C-level executives offering a comprehensive view of how organizations in the automotive sector address security challenges and assess their own performance in this important field.Starting this year,we have introduced insights on cyber maturity topics provided by qualified experts.From the total of 174 participants,approximately 10%are part of the expert group(see below).The survey includes 25 questions(19 6 background information),it was conducted anonymously over the course of one month,participants provided their responses on multiple-choice and quantitative assessment questions.Qualified experts and general automotive professionalsThis year we added“qualified experts”as a control group to our survey.While the survey participants have always included security experts,the surveys anonymity prevented us from identifying them as a group and drawing compa-risons between their answer behavior and that of general automotive professionals.For the 2025 survey,Auto-ISAC members selected one participant each from their respective companies who met the following criteria to be a qualified expert:The individuals remained anonymous to us,but participated through a special link that allowed identification as a qualified expert.We thank Auto-ISAC and its membership for this very productive cooperation in strengthening cybersecurity insights.New topics in 2025 are:1.sourcing security solutions and participants preferences wrt.integration of solutions in-house vs.third parties,2.most concerning type of cyber incident in area of responsibility and organizational units involved in resolution and3.in-vehicle security measures implemented in company products.at least five years in automotive security,current role has a security focus,and has a good grasp of the companys cyber maturity beyond their immediate area of responsibility.6Survey statisticsSize of companymeasured in number of employeesType of company34%5,000 21P,000 30%0 4,99914%up to 250 Automotive Cyber Maturity Report 2025OEM (passenger vehicles)Other Semi-conductorSupplier16%6B%Job level of participantsMid-and top-level managersSubject matter expertsFirst line managers377)7%Time dedicated by participants to cybersecurity-related tasksincrease or decrease compared to previous year Total number of participants:174Rest of world36China35Japan27Europe45Regional participationUSA31OEM (commercial vehicles incl.busses)Automotive Cyber Maturity Report 20257Key insights Automotive Cyber Maturity Report 20258In our 2023 report,we stated that high cyber maturity is characterized by end-to-end thinking in three dimensions:the products lifetime,its ecosystem,and its software supply chain.This is still true:Participants from highly mature organizations demonstrate a significantly greater tendency to consider the broader ecosystem in the attack surface such as vehicle backends( 18%pts over foundational maturity)or mobile devices( 15%pts).They also report a considerably higher adoption of DevSecOps practices that are crucial to maintain adequate security over product lifetimes.Insight#1:Organizational and technical cyber maturity are in lockstepAdditionally,this years results show that organizational cyber maturity and technical cybersecurity are closely linked concepts.For a company to advance in cyber maturity,it must do so on both levels,as organizational measures are most effective when supported by technical capabilities in the product,and vice versa.In fact,adoption rates of in-vehicle measures are among the clearest separators of high and foundational cyber maturity in the 2025 survey:Eight of the nine measures are implemented by the majority of high-maturity organizations,the only exception is UDS 29,which still comes in at 44%.In contrast,at foundational cyber maturity only HSM and secure boot are implemented by more than half.The average adoption rate of in-vehicle measures is 65%versus 36%.The data paints a similar picture for offboard measures.Organizational cyber maturity and technical cyber maturity are in lockstep.More frameworks considered by high maturityOrganizational cyber maturityTechnical cyber maturityOther areas that distinguish high-maturity companies are cyber incidents and multi-framework cybersecurity manage-ment systems(CSMS).Cyber maturity correlates with incident awareness( 18%pts),higher adoption and broader scope of threat intelligence,as well as better preparedness for upcoming incidents.We discuss cyber incidents in greater detail in the third insight.Multi-framework CSMSs tackle regulatory cybersecurity requirements from different markets while addressing numerous industry and government standards;which is another feature of high cyber maturity.These management systems go beyond an ISO/SAE 21434 or UN R 155 baseline and integrate obligations-for example,from the China GB and GB/T series.Note that the Chinese standards also include technical requirements,potentially highlighting a different approach to regulation,but also underlining that organizational and technical cybersecurity go hand in hand.You will find more on the topic of frameworks in the fourth insight.However,the type of company does not make a significant difference influencing average cyber maturity.Across different segments,the results show similar ranges for high-maturity organizations only the semiconductor sector appears to be more advanced.Conversely,similar percentages of partici-pants selected foundational and mid-maturity levels for their organization,regardless if from an automotive manufacturer,a supplier,or a semiconductor company.A notable exception are responses from commercial vehicle manufacturers:No one selected mid-level maturity.They consider themselves either at the beginning or the high stages of cyber maturity.among foundational maturity organizationsamong high-maturity organizationsAverage implementation rate of in-vehicle security measures: 64%2/31/3 Automotive Cyber Maturity Report 20259Generative AI is transforming automotive security by enhancing threat detection,vulnerability discovery,and secure software development.It enables real-time analysis of vehicle data,simulates cyberattacks,and supports digital twin testing environments.GenAI also improves code security and allows intuitive natural language interfaces for monitoring.However,it introduces risks such as adversarial use by attackers,model exploitation,and data privacy concerns.Overreliance on AI decisions can also be problematic.As vehicle manufacturers adopt AI-driven cybersecurity tools,regulatory standards like ISO/SAE 21434 are evolving to address these changes.GenAI offers powerful tools,but careful implementation is essential for safety and trust.How would you assess the influence of Generative AI(GenAI)on automotive security?Rate your level of agreement with the following statements:The general trends and perception in automotive security are confirmed by the results of this years Cyber Maturity Survey:Most respondents believe AI increases competitiveness and is crucial for cybersecurity innovations.The group of qualified experts have a more positive view on the introduction of GenAI when compared to the remaining participants.In particular,they view its impact on automotive security as crucial for innovation and enhanced competitive-ness.In contrast,the qualified experts have a rather neutral position with regard to introduction of additional vulnerabilities through GenAI.Additionally,we observe that generally the hype on GenAI has slowed down.The participants views center around neutral responses for both vulnerabilities and innovation/competitiveness questions.Responses at the extremes(strongly agree/disagree)dropped significantly compared to the previous year.Compared to 2024,the responses from China and Japan more closely align with those from Europe and North America;consequently,perceptions across these regions show minimal differences.However,the hype disillusion is very prevalent in Chinese figures,with a drop for innovation and competitiveness of 20%from 2024 to 2025.Additional confirmation can be derived from the responses on technical security solutions:The answer option for GenAI received a comparable number of votes in 2024 and 2025,and did not change its position in the overall field of responses.A similar pattern exists for cybersecurity challenges,here GenAI maintained a stable position in the upper center field.55Q%Total(w/o China)China58F%Total(w/o China)China71VyX%GenAI is crucial for innovations in cybersecurityBeyond cybersecurity,GenAI enhances the competitivenessInsight#2:As GenAI moves from hype to product,security automation gains groundGenAI is crucial for future innovations in automotive cybersecurity.DisagreeDisagreeNeutralNeutralAgreeAgree12u%8T9%Total2024Qualified experts2025GenAI introduces more vulnerabilities than solutions in automotive cybersecurity.6%i2U%Automotive Cyber Maturity Report 202510OEMs and suppliers adopt the trends of IT business and increase automation in their approaches and processes.This also applies to security aspects hence driving a demand for the respective tooling.However,from the Cyber Maturity Survey responses,we see that about 42%of respondents consider capabilities and heterogeneity of tools a challenge.We learn that survey participants equally intend to purchase solutions from vendors(incl.license)or develop them in-house.We see some especially strong opinions for in-house implementations,which are not seen for third-party integration.Diving further into the details reveals that the general respondent seems to have no specific preference,as there is an almost equal distribution for neutral,in-house and third-party responses,however qualified experts have a clear preference for in-house integration.Looking into the different company backgrounds of the survey participants,we deduce that commercial vehicle manufacturers seem to be slightly more skeptical with regards to the threats introduced by GenAI.However,the position on innovation and competitiveness is rather homogeneous throughout the industry.The company size has limited impact on the voting results;participants from small enterprises tend to have rather neutral views in competitiveness and innovation compared to others.Automation tools enhance development and security by streamlining workflows,reducing errors,and improving efficiency.In development,tools like CI/CD pipelines,linters,and infrastructure-as-code solutions accelerate code integration,testing,and deployment.In security,automated scanners,dependency checkers,and secrets detection tools help identify vulnerabilities early and enforce compliance.These tools enable faster delivery,consistent standards,and scalable operations while strengthening security.DevSecOps teams can collaborate more effectively,respond to threats proactively,and maintain high-quality,secure software throughout the development lifecycle.The majority of the survey participants consider themselves at least moderate with regard to implementation of DevSecOps practices(38%)and 15%consider themselves to have a high or very high adoption.In the survey results we see a corre-lation with maturity level(high maturity correlates with high adoption of DevSecOps)with minor regional differences:Europe and US are slightly stronger,while China is catching up.Closely linked to the implementation of DevSecOps is the integration and use of tools(see next chapter).How do you rate your companys current level of adoption of DevSecOps practices?VerylowLowModerateVeryhighHighFoundationalcyber maturityHighcyber maturityEstablishedcyber maturity36$%2%6%2%8AD%65H9%In your area of responsibility,what approach do you prefer for sourcing security solutions?0 %Other,please specifyCollaborate inopen-source projectsDevelop in-housePurchase/Licencefrom vendors49%8%3DP%6%TotalQualified expertsThere are some interesting regional differences:For Japan,there is less in-house development,but more collaborative open-source projects.The same is reflected in their general preference for in-house integration.Semiconductor suppliers have a strong preference for in-house developments,while all other have tendencies towards purchasing from vendors.A similar picture forms when looking into integration preferences.The survey responses show a clear preference to source from vendors at mid/top management,and a slightly stronger preference to have third-party integration at mid/top management.Automotive Cyber Maturity Report 202511Incidents have become commonplace.Our respondents were made aware of security and safety incidents in their products at a surprisingly high rate:60%aware of a security incident,20%aware of a safety incident,and 40%in China aware of a safety incident.China is also the region where lessons learned from incidents are the main drivers for cybersecurity.Increased awareness of incidents is correlated with organi-zational maturity,the amount of time an organization spends on cybersecurity,and the respondents managerial level.Our qualified experts also spend more time on cybersecurity;accordingly,three-quarters of them are aware of incidents,compared to less than half of general professionals.When incidents are to be resolved,higher-maturity organi-zations are more likely to involve more other departments and functions in the incident resolution.This may stem from the development of specialized incident response organizations in these organizations.Beyond spending more time and possessing greater security expertise,having a higher managerial level may also allow for visibility into more incidents and increasing overall awareness.A concerning inference might be made that organizations which perceive fewer incidents may actually just be unaware of threats that exist in reality.Multiple classes of cyber threat intelligence are used by our respondents.The more difficult it is to access a source,generally,the less likely it is used for threat intelligence:Open sources score highest,followed by closed communities and then lastly the deep web and the dark web.Both high-maturity organizations and our qualified experts dive deeper into threat intelligence,looking beyond open sources to the deep web and closed community sources and also to the dark web.Managerial level also is correlated with involving more functional groups in incident resolution.The top four teams likely to be involved in incident resolution are Communications,Governance/Compliance,Manufacturing,and Legal.In high-maturity organizations,R&D,Security,and IT departments are also likely to be involved.What types of sources for cyber threat intelligence do you consider in your area of responsibility?Open sourcesIndustry average80P0p0P%Qualified expertsHigh-maturity organizationsDeep web/closed communitiesDark webInsight#3:Cyber incidents have become commonplace Automotive Cyber Maturity Report 202512This year,we observe the growing importance of regional regulations,their increasing impact on business strategy and correlation with the geopolitical trends.Even if the Research and Development department is still the main area responsible for product security,followed by the Product Engineering department,we can observe an important responsibility shift to the Information/Product security department,without any difference between regions.Regarding the frameworks considered,the top 4 have not changed since 2023:ISO/SAE 21434,UNECE R155,ISO 26262 and UNECE R156.USChinaJapanEuropeWhich frameworks do you consider for cybersecurity in your area of responsibility?What is the primary driver for cybersecurity in your area of responsibility?As in previous years,the main driver to implement cyber-security is compliance to regulations and standards,with a similar distribution in all regions.We can observe that this compliance has a higher importance in organizations at the lowest maturity level.Mirroring our approach for Chinas GB&GBT series (which regroups Chinese regulations and standards),if we aggregate European regulations(EU Cyber Resilience Act,VDA ASPICE for cybersecurity,EU NIS 2 Directive)and US regulations(NHTSA Cybersecurity best practices,US DoCs Securing Supply Chain),this leads to the following distribution:Insight#4:Regional security regulations in times of global politics0 %OtherAIS 189/190IEC 62443OWASP AI Security and Privacy GuideChinas GB&GB/T seriesUS frameworksISO 27001UN R 156EU frameworksISO 26262UN R 155ISO/SAE 2143480eIF9960(%9%6%NIST cybersecurity framework0 0P%Experiencefrom pastcyber incidentsProtectionof road usersBrand imageand customertrustResilienceand businesscontinuityComplianceProduct liability Automotive Cyber Maturity Report 202513We can also observe that regional frameworks have become very important.Lets now take a look at the distribution of these frameworks based on the participants regional origin:As expected,European participants focus on ISO/SAE 21434 and UN R 155,in addition to the EU frameworks.With 44%,Chinese frameworks also have a strong focus.This aligns with expectations,considering most of the European automotive players communicate their interest in the Chinese market.For US participants,the leading three cybersecurity frame-works are ISO/SAE 21434,UN R 155 and NIST.Focusing on regional frameworks,US frameworks are primarily important(52%),followed by the European ones(45%).It is interesting to observe that the Chinese frameworks are only at 23%.These numbers corelate to the geopolitical situation.We can observe that Chinese participants are mainly concerned with Chinese frameworks(more than 70%)followed by ISO/SAE 21434.The international frameworks are also taken into account(from almost 60%for the UN R 155 to 20%for the ISO 27001).The numbers also confirm Chinese interest in the European market,as the EU frameworks are at the same level as the UN R 156 with 29%,but interest in US framework is lower(at 14%).Finally,Japanese participants focus on ISO/SAE 21434,UN R 155 and ISO 26262,followed by the EU frameworks and the UN R 156(37%).Chinese and US frameworks are at the same level with 26%.For the other regions,we can observe the same main focus on international standards,followed by the EU frameworks(33%),US ones(22%)and China(17%).As expected,high-maturity companies take into account all frameworks and regulations,but less mature companies are regionally focussed.Qualified experts and mature companies answered in similar ways.With these graphics,we can perceive that organizations focus first on their local market,and then on Europe (except in Europe,which has a secondary focus on China).US EuropeChinaJapan0 %USframeworksChinas GB&GB/T seriesEUframeworks0 %USframeworksChinas GB&GB/T seriesEUframeworks0 %USframeworksChinas GB&GB/T seriesEUframeworks0 %USframeworksChinas GB&GB/T seriesEUframeworks Automotive Cyber Maturity Report 202514Survey results in detail Automotive Cyber Maturity Report 2025152.Overall,how would you rate the cyber maturity of your company?(single answer)Fewer participants than ever rate their company at the initial maturity level.However,overall the industry is roughly split into three groups:one third at levels 1 and 2,one third at level 3,and one third at levels 4 and 5.Among the regions,European participants consider their companies significantly more mature than those from other regions,showing the strongest skew toward the highest maturity levels,while participants from the US and China tend to cluster more around the middle levels.When rating their companys competitive position,Europe and the US are the most confident,while China and,in particular,Japan are more neutral.Compared to the previ-ous year(2024)especially in Europe and US we see a strong 1.How would you rate your companys position in the market in comparison with its competitors?(single answer)202520240%5 %05%InitialPerformedEstablishedAdvancedOptimizing0 %Very strongSomewhat strongNeutralSomewhat weakVery weak2%3939 252024trend towards positive rating of own market position.China and Japan remain stable neutral.All regions have a clear trend to positive self-perception compared with 2024.Automotive Cyber Maturity Report 2025163.How satisfied are you with the progress regarding cybersecurity in your area of responsibility since last year?(single answer)4.How do you rate your companys current level of adoption of DevSecOps practices?(single answer)TotalQualified experts0 %VerysatisfiedSomewhatsatisfiedNeutralSomewhatdissatsifiedVerydissatisfied5%6%6%6%0)A%0 %VeryhighHighModerateLowVerylow1619%2%Overall satisfaction in the industry indicates small but steady progress,with an outlook,on average,that is slightly positive and similar to last year.Qualified experts with their more comprehensive view are considerably more satisfied with the progress than general professionals.The data shows a strong correlation between cyber maturity and adoption of DevSecOps practices.The responses show that the industry is still in the early phases of implementing DevSecOps with 85%of participants reporting at most a moderate adoption.Automotive Cyber Maturity Report 2025175.Which organizational unit is primarily responsible for product security within your company?(single answer)With an increase of cyber maturity,the responsibility shifts from R&D and product engineering to dedicated information/product security roles.Together with compliance/governance,The main driver for cybersecurity amongst survey partici-pants is compliance.While this holds across all segments,higher maturity companies are motivated more often by 6.What is the primary driver for cybersecurity in your area of responsibility?(single answer)these dedicated roles are the leading units for product security at the majority of high-maturity companies.other aspects as well.Experience from past incidents comes in second to last but is in the top 3 for participants from China,as well as those from companies with few employees.0 %Other,please specifyQualityITGovernance/ComplianceProduct engineeringInformation/Product securityResearch&development37$#%8%3%2%3%0 %Resilience and business continuityExperience from past cyber incidentsProtection of road usersBrand image and customer trustProduct liabilityCompliance53%9%6%3%Automotive Cyber Maturity Report 2025188.What aspects of vehicle cybersecurity are you most concerned about?(multiple answers)Respondents concern with the vehicle inter-faces has been consistently strong in the last three years.In the same timeframe,concern with lifecycle topics,production and software supply chain has seen the biggest increase.This trend is backed up by the view of our qualified experts.7.Which frameworks do you consider for cybersecurity in your area of responsibility?(multiple answers)Chinas GB&GBT series regroups Chinese regulations and standards.If we use the same approach for European regulations,meaning regrouping the EU Cyber Resilience Act,VDA ASPICE for cybersecurity,and EU NIS 2 Directive in a single EU Framework group,and US regulations with NHTSA Cybersecurity best practices,US DoCs Securing Supply Chain,we obtain the following distribution:TotalQualified experts0 %OtherAIS 189/190IEC 62443OWASP AI Securityand Privacy GuideChinas GB&GB/T seriesNIST cybersecurityframeworkUS FrameworksISO 27001UN R 156EU frameworksISO 26262UN R 155ISO/SAE 2143480eIF9960(%9%6%0 %Other,please specifyRepair shopsAI integrationCharging infrastructureMobile devicesVehicle backendsManufacturingDevelopmentSoftware supply chainVehicle interfaces75uHV8P582%6%31#%( h%Automotive Cyber Maturity Report 2025199.What are the primary cybersecurity challenges within your area of responsibility?(multiple answers)Secure and compliant usage of AI sees the biggest relative increase(from 12%to 18%over 2024 and management awareness&commitment with the largest absolute increase from 0%to 28%).Interestingly,participants in higher management positions selected the latter more often than qualified experts.Qualified experts see all challenges more often,except competence and AI.10.What in-vehicle security measures are implemented in your companys products?(multiple answers)HSM deployment is prevalent both in passenger and commercial vehicles.SecOC and Secure boot are more prevalent for passenger,but conversely IDS or firewalls are more prevalent for commercial.Roughly one third of passenger vehicle respondents deploy MACSec,which could be seen as a proxy for potential SDV near-term deployment,but no respondents are deploying MACSec for commercial vehicles.0 %Other,please specifySecure communication-MACSecSecure diagnostics0 x29IDSFirewallSecure communication-SecOCSecure diagnostics0 x27Secure updateSecure bootHardware protectedsecurity environment(e.g.HSM)77psrUbgEVd66TT%5%0%0%58Q6(18T0&w%TotalQualified expertsTotalPassenger vehiclesCommercial vehicles56V8%0 %Other,please specifyManagement awareness&committmentHeterogenity of security toolsSecure&compliant usage of artificial intelligence(AI)Capabilities of security toolsCybersecurity cultureCybersecurity budgetProcess maturityAmount of available cybersecurity expertise(capacity)Depth of available cybersecurity expertise(competence)51DiP1%61HAA&%9%2%Automotive Cyber Maturity Report 20252011.What additional security measures does your company implement?(multiple answers)Key management is the most prevalent measure with almost three-quarters of automotive manufacturers adopting it.More than half of all respondents also implement OTA updates and vulnerability scans.Semiconductors are leading the zero-trust architectural charge.Higher cyber maturity correlates with higher rate of adoption for every single measure.20252024TotalHigh maturityFoundational maturity12.What are you looking most for in security solutions?(multiple answers)Desire for low-cost solutions is trending higher than in 2024,and for the first time,lands in the top 5.Suppliers and semiconductor manufacturers mainly look to satisfy their customers,whereas commercial vehicle producers also seek certifications and risk reduction.167V%0 %Other,please specifyGains through GenAIIP ownershipIntegration capabilitiesEase of useCertificationsLow costFuture-proof protectionReduction of cyber riskMeeting regulatory/customer requirements80pGA)%3864)$%1%0 %Other,please specifyOffboard analysis of in-vehicle dataZero-trust architecturesSecurity Information and Event Management(SIEM)Security operations center(SOC)Cyber threat intelligenceOver-the-air updates(OTA)Vulnerability scansKey management system/public key infrastructure(PKI)68VUs6RbIAgg$9%2%2%5F %8 01%Automotive Cyber Maturity Report 20252113.In your area of responsibility,what approach do you prefer for sourcing security solutions?(single answer)About half of all respondents source solutions from vendors,with a strong preference of buy over license.As management level increases,so does the interest in turning to vendors.Collaboration in open-source projects is the least selected option for most segments(company type or size,region,cyber maturity).14.In your area of responsibility,do you prefer to integrate security solutions in-house or through third-parties(e.g.,vendors,system integrators)?(single answer)Suppliers and semiconductor manu-facturers are most likely to integrate security solutions in-house,while passenger vehicle producers are more evenly spread on in-house or third-party integration,with a slight preference for in-house integration.In all segments,those with strong opinions prefer in-house integration of security solutions.The more difficult it is to access a source,the less likely it is used for threat intelligence:Open sources score highest,followed by closed commu-nities and the deep web and the dark web coming in last.There is a notable correlation with cyber maturity:More mature companies and qualified experts use the latter types of sources more frequently.15.What types of sources for cyber threat intelligence do you consider in your area of responsibility?(multiple answers)TotalQualified experts14%2(#3%1 Strongly disagree2 Disagree3 Neutral4 Agree5 Strongly agreeTotalMid-and top-level management0 0C40%7%8%5%3%Other,please specifyCollaborate in open-source projectsLicense from vendorsPurchase from vendorsDevelop in-house83PI%3%0 0%Other,please specifyDark web,e.g.,exploit shopsDeep web/closed communities,e.g,ISACs,hacker forumsOpen sources,e.g.,social media,research publications Automotive Cyber Maturity Report 20252216.How well is your area of responsibility prepared for a cyber incident?(single answer)17.What is the most concerning type of cyber incident that you have experienced within your area of responsibility?(single answer)Passenger vehicle producers,and to a slightly lesser extent commercial vehicle producers,feel well prepared for cyber incidents,and regularly test them(though commercial producers not as often)and have established backup and recovery plans(again commercial vehicles less so).We have a detailed incident response plan that specifies roles and responsibilities,escalation procedures,and communication protocols.We regularly test and evaluate our incident response plan to validate its effectiveness and identify areas for improvement.In my area,we have a backup and recovery plan in case of a cyber incident,including data backups,restoration procedures,and testing to ensure data integrity.1 Strongly disagree2 Disagree3 Neutral4 Agree5 Strongly agree5G%539%6%996%TotalQualified expertsIncidents have become commonplace as almost six out of ten participants are already aware of a cyber incident with close to 20%having observed a safety impact.This rises to 40%in China.As expected,the qualified experts have a much higher awareness of incidents with three out of four reporting an incident in their area of responsibility.14%0 %No cyber incident so farOther,please specifyFinancial fraud or theftReputational damageOperational disruptionData breachor privacy violationSafety incident42%6%6%9%5%3%Automotive Cyber Maturity Report 20252319.How would you assess the influence of Generative AI(GenAI)on automotive security?(single answer)Generally,respondants see GenAI as more of a threat than a solution to security issues,but also crucial for future innovations in automotive security,with semiconductor manufacturers slightly more negative,automotive suppliers more positive and vehicle producers more neutral.18.Regarding this cyber incident,which organizational units have been involved in its resolution?(multiple answers)TotalQualified expertsOn average,participants involve between two to three different units in the resolutions of an incident.Those from information or product security teams involve other units much more frequently and to a higher degree than others,and the data shows a similar increase with the qualified experts versus general professionals.3%9#U%3%5B9%2%5B7%GenAI introduces more vulnerabilities than solutions in automotive cybersecurity.GenAI is crucial for future innovations in automotive cybersecurity.Beyond cybersecurity,GenAI enhances the competitiveness of companies in the automotive market.38VFc%c1D%6%70!%1%0 %Other,please specifySupply chainManufacturingCommunicationsGovernance/ComplianceQualityLegalProductengineeringResearch&developmentInformation/Product securityIT1 Strongly disagree2 Disagree3 Neutral4 Agree5 Strongly agreeOr follow us on social media:ETAS GmbH Borsigstrae 24,70469 Stuttgart,Germany T 49 711 3423-0,Are you interested in ETAS products or solutions?Please visit Contacts&AcknowledgementsDr.Teresina Herb Product Field Architect Offboard Security Michael Klinger Head of Security Western Europe Dr.Robert Lambert Cryptography Lead Technical Officer Dr.Moritz Minzlaff Head of Professional Security Services The Automotive Cyber Maturity Survey 2025 is produced thanks to a collaborative effort of:Beate Boy,Yasui Go,Meike Goelder,Janina Hofer,Isabel Huang,Julien Jarboura,Taehee Kang,Dennis Kronig,Sarah Krumrein,Kevin Schmid,Anna-Lena Sentker,Rik Thomas,Marilena Wittmann,Anton Zur and many more.All information provided is of a general nature and is not intended to address the circumstances of any particular individual or entity.Although we endeavor to provide accurate and up-to-date information,there can be no guarantee that this information is as accurate as it was on the date it was received or that it will continue to be accurate in the future.No one should act upon this information without appropriate professional advice and without thoroughly examining the facts of the situation in question.ETAS GmbH.All rights reserved.Last updated:07/2025Additional recognition goes to the Auto-ISAC,escar US,isits,and KSAE for sharing and promoting the survey.
2025-10-29
24页
5星级
Keys to Energy-Efficient ShippingMobility and Transport Connectivity SeriesPublic Disclosure AuthorizedPublic Disclosure AuthorizedPublic Disclosure AuthorizedPublic Disclosure AuthorizedKeys to Energy-Efficient Shipping 2025 The World Bank 1818 H Street NW,Washington DC 20433,USA Telephone: 1-202-473-1000;Internet:https:/www.worldbank.orgSome rights reservedThis work is a product of the staff of the International Bank for Reconstruction and Development/World Bank.The findings,interpretations,and conclusions expressed in this work do not necessarily reflect the views of Executive Directors of the World Bank or the governments they represent.The World Bank does not guarantee the accuracy of the data included in this work.The boundaries,colors,denominations,and other information shown on any map in this work do not imply any judgment on the part of the World Bank concerning the legal status of any territory or the endorsement or acceptance of such boundaries.This work is available under the Creative Commons Attribution Non-commercial 3.0 IGO license(CC BY-NC 3.0 IGO)https:/creativecommons.org/licenses/by-nc/3.0/igo/deed.en.Under the Creative Commons Attribution license,you are free to copy,distribute,transmit,and adapt this work,for noncommercial purposes as long as full attribution to this work is given.AttributionPlease cite the work as follows:World Bank,2025.Keys to Energy-Efficient Shipping.Washington DC:World Bank,License:Creative Commons Attribution Non-commercial CC BY-NC 3.0 IGO.Translations If you create a translation of this work,please add the following disclaimer along with the attribution:This translation was not created by the World Bank and should not be considered an official World Bank translation.The World Bank shall not be liable for any content or error in this translation.Adaptations If you create an adaptation of this work,please add the following disclaimer along with the attribution:This is an adaptation of an original work by the World Bank.Views and opinions expressed in the adaptation are the sole responsibility of the author or authors of the adaptation and are not endorsed by the World Bank.Copyright StatementThe material in this publication is copyrighted.Copying and/or transmitting portions or all of this work without permission may be a violation of applicable law.The International Bank for Reconstruction and Development/The World Bank encourages dissemination of its work and will normally grant permission to reproduce portions of the work promptly.This document is Version 1.0Keys to Energy-Efficient ShippingvTable of ContentsAcknowledgements.xAbbreviations .xiExecutive Summary.xvObjective.xvKey findings.xviAction points.xviiBackground.xxWhats new in this report?.xxiPolicy context.xxiEnergy efficiency vs.GHG intensity.xxiiThe development of shipping emissions and carbon intensity.xxiiiEnergy efficiency regulation.xxivHow does the report measure the impact of energy efficiency measures?.xxvi1 How much can Energy Efficiency Measures Reduce Ship Emissions?.11.1 Maximum abatement scenarios.21.2 Maximum abatement potential.41.3 Detailed results for the overall global fleet.61.4 Detailed results for bulk carriers,tankers,and container ships.82 How much do Specific Measures cut Emissions,and how Effective are they?.112.1 Types of energy efficiency measures.122.2 Promising energy efficiency measures.142.3 The contribution of individual measures to GHG reduction.163 How can Energy Efficiency Reduce the Cost of the Maritime Energy Transition?.253.1 Cost of the energy transition.263.2 Cost reductions through energy efficiency.264 Remaining Barriers to Adopting Energy Efficiency Measures.304.1 Uptake.314.2 Different barriers.324.3 Barriers for specific promising measures.365 Looking Ahead for Policymakers and Industry.535.1 Key findings.545.2 Outlook.55Keys to Energy-Efficient ShippingviAppendix.58Appendix A:Model Inputs and Assumptions.592018 GHG emissions.592022 GHG emissions.602008 GHG emissions.61Fleet transport activity and composition.61Energy efficiency measure classification and uptake assumptions.62Appendix B:Model Calculations.66Fleet composition.66Energy use and GHG emissions.66Speed reduction .67CAPEX and OPEX.68Appendix C:Model Results.69GHG emission abatement potential.69Marginal abatement cost tables.72Appendix D:Literature Review on Energy Saving Measures.80Bibliography.94Image Credits.106Keys to Energy-Efficient ShippingviiFiguresFigure E.1 Trends in transport work,ship operational efficiency,and GHG emissions since 2008.xxivFigure E.2 Structure of the CE-Ship techno-economic model.xxviiFigure 1.1 The modeled uptake speed of measures among eligible ships.3Figure 1.2 The Maximum Efficiency-High Demand emissions reduction pathway,relative to 2008.5Figure 1.3 Modeled absolute emissions development to 2050.7Figure 1.4 Modeled emissions intensity development to 2050.8Figure 1.5 Absolute GHG emissions for the three fleet segments to 2050.9Figure 1.6 Emissions intensity for the three fleet segments to 2050.10Figure 2.1 Marine propulsion system and sources of resistance.13Figure 2.2 Range of savings from different technical measures.15Figure 2.3 Range of savings from different operational measures.16Figure 2.4 Emissions abatement potential to 2050,per contributor.18Figure 2.5 Cost-effectiveness and abatement potential of individual measures for the total fleet in 2030 under fossil fuel prices.20Figure 2.6 Cost-effectiveness and abatement potential of individual measures for the tanker fleet in 2030 under fossil fuel prices.21Figure 2.7 Cost-effectiveness and abatement potential of individual measures for the bulker fleet in 2030 under fossil fuel prices.22Figure 2.8 Cost-effectiveness and abatement potential of individual measures for the container fleet in 2030 under fossil fuel prices .23Figure 2.9 Cost-effectiveness and abatement potential of individual measures for the total fleet in 2050 under ammonia prices.24Figure 3.1 Annual cost savings from deploying energy efficiency during the energy transition.27Figure 3.2 Annual costs of meeting the lower end of the IMO GHG reduction goals.28Figure 3.3 Annual costs of meeting the higher end of the IMO GHG reduction goals.29Figure 4.1 Classification of barriers to energy efficiency.32Figure 4.2 Different wind-assisted ship propulsion technologies.36Figure 4.3 Todays operation vs.JIT Arrival.41Keys to Energy-Efficient ShippingviiiTablesTable 1.1 Overview of abatement scenarios.4Table 1.2 Modelled absolute emissions reduction potential,relative to 2008.5Table 1.3 Modelled GHG intensity reduction potential,relative to 2008.6Table 4.1 Overview of barriers in shipping.33Table 4.2 Cost allocation between shipowner and charterer in the different types of contracts.35Table 4.3 Factors affecting fuel savings from wind-assisted propulsion.38Table 4.4 Barriers to uptake of wind-assisted ship propulsion technologies.39Table 4.5 Barriers to uptake of JIT arrival.43Table 4.6 Non-economic barriers to uptake of JIT arrival.44Table 4.7 Eleven port call optimization initiatives from around the world.45Table A.1 Classification of vessel types and sizes in the model.59Table A.2 Historical baseline of CE-Ship.60Table A.3 Emission factors for various fuels.61Table A.4 Transport demand by type of goods(billion ton nautical-miles).62Table A.5 Energy efficiency measure classification.63Table A.6 Summary of abatement technologies and modelled uptake.64Table B.1 Example calculation for speed reduction.68Table C.1 Detailed GHG emissions abatement potential towards 2050 per contributor relative to 2008.69Table C.2 Detailed GHG emission abatement potential for the total fleet per contributor relative to BAU.70Table C.3 Detailed GHG emissions of abatement scenarios for fleet segments relative to BAU.71Table C.4 Detailed GHG intensity of the abatement scenarios relative to 2008.71Table C.5 Detailed GHG intensity of the abatement scenarios relative to BAU.72Table C.6 Fuel price inputs for sensitivity analysis.73Table C.7 Abatement potential and cost effectiveness for the total fleet in 2030,for standard fossil fuel and green ammonia prices.74Table C.8 Abatement potential and cost effectiveness for the total fleet in 2040,assuming standard fossil fuel prices.75Table C.9 Abatement potential and cost effectiveness for the total fleet in 2050,for standard fossil fuel and ammonia prices.76Keys to Energy-Efficient ShippingixTable C.10 Abatement potential and cost effectiveness for the container fleet in 2030,assuming standard fossil fuel and ammonia prices.77Table C.11 Abatement potential and cost effectiveness for the tanker fleet in 2030,assuming standard fossil fuel and ammonia prices.78Table C.12 Abatement potential and cost effectiveness for the bulk carrier fleet in 2030,assuming standard fossil fuel and ammonia prices.79Table D.1 Literature review on technical measures.80Table D.2 Literature review on operational measures.91BoxesBox E.1 Definitions of energy efficiency.xxiiBox 4.1 The interaction between shipping markets and energy efficiency measures.35Box 4.2 Case studies of PCO initiatives.48Box 4.3 Digital Container Shipping Association(DCSA).51Box 4.4 Port Call Optimization Network(PCO Network).52Box 4.5 Blue Visby Solution(BVS).52Keys to Energy-Efficient ShippingxAcknowledgementsThe development of this report was led by Dominik Englert,Rico Salgmann,and Sophia Parker.The team of World Bank authors was led by Sophia Parker and comprised Simona Sulikova and Maximilian Weidenhammer,with support from Sotiria Lagouvardou,Yeonkyeong Gina Park,Jaqueline Herrmann,and Moritz Schwalm.For their strategic guidance,the authors would like to thank Nicolas Peltier,Global Director for Transport,as well as Binyam Reja,Said Dahdah,and Jan Hoffmann of the World Bank Global Transport Unit.The team would like to thank Sergey Mytarev,Gylfi Palsson,Yin Yin Lam,Priyank Lathwal,and Jonathan Davidar of the World Bank Group for their valuable feedback.Specialized expert support was provided by Anne Kleijn,Peter Scholten,Daan van Seters,Dagmar Nelissen,and Jasper Faber on behalf of CE Delft.Further expert support was provided by Nishatabbas Rehmatulla,Santiago Suarez de la Fuente,and Tristan Smith on behalf of the University College London.UMAS International provided the underlying data from Smith and Francis(2024b).For helpful comments,the authors would like to thank Tristan Smith of University College London,the Mrsk Mc-Kinney Mller Center for Zero Carbon Shipping,and Bryan Comer from the International Council on Clean Transportation.FundingFunding for this report was provided by the World Banks Global Transport Unit,and PROBLUE,an umbrella multi-donor trust fund,administered by the World Bank,that supports the sustainable and integrated development of marine and coastal resources in healthy oceans.Keys to Energy-Efficient ShippingxiAbbreviations AERAnnual Efficiency RatioAISAutomatic Identification SystemAPIsApplication Programming InterfacesBAU Business-As-UsualCII Carbon Intensity IndicatorCO2eq Carbon Dioxide equivalentCRP Contra-Rotating PropellerDCSA Digital Container Shipping AssociationDWT Deadweight TonnageDYNAPORTDynamic Navigation and Port Call Optimization in Real TimeEEDI Energy Efficiency Design IndexEEOI Energy Efficiency Operational IndexEEXI Energy Efficiency Existing Ship IndexEMSA European Maritime Safety AgencyEPL Engine Power LimitationETAEstimated Time of ArrivalETB Estimated Time of BerthingEU European UnionEVDI Existing Vessel Design IndexGFI GHG Fuel IntensityGHG Greenhouse GasGIA Global Industry AllianceGJ GigajoulesKeys to Energy-Efficient ShippingxiiGT GigatonsHVCC Hamburg Vessel Coordination CenterIAPH International Association of Ports and HarborsIEEC International Energy Efficiency CertificateIHOInternational Hydrographic OrganizationIMO International Maritime OrganizationGIAGlobal Industry AllianceIHMAInternational Harbour Masters AssociationITPCO International Taskforce Port Call OptimizationITTC International Towing Tank ConferenceJIT Just-in-timeKPIs Key Performance IndicatorskW KilowattsMARPOL The International Convention for the Prevention of Pollution from ShipsMEPC Marine Environment Protection CommitteeMISSIONMaritime Just in Time Optimization Interoperable Port Call and Voyage Optimization ToolMJ MegajoulesMPA Maritime Port Authority SingaporeMW MegawattsMWhs Megawatt-hoursNOR Notice of ReadinessNOx Nitrogen OxidesOECD Organization for Economic Co-operation and DevelopmentKeys to Energy-Efficient ShippingxiiiOPS Onshore Power SupplyORC Organic Rankine CyclePA Port AuthorityPacMMSPacific Maritime Management ServicesPBP Pilot Boarding PlacePCO Port Call OptimizationPCS Port Community SystemPJPetajoulePM Particulate MatterPRISE Port-River Information System ElbeRCP Representative Concentration PathwayRTA Requested Time of ArrivalSEEMP Ship Energy Efficiency Management PlanSSP2 Shared Socioeconomic Pathway“Middle of the Road”TEU Twenty-foot Equivalent UnitTJTerajouleTRL Technology Readiness LevelTTW Tank-To-WakeVA Virtual ArrivalvNOR Virtual Notice of ReadinessWASP Wind-Assisted Ship PropulsionWTTWell-to-TankWTWWell-to-Wake*The default currency used in this report is US dollars,$.40%of emissions canbe cut by energy efficiency aloneexceeding the IMOs2030 targets of 20%(base ambition)and 30%(high ambition).Both technical and operational measures are needed to complement the fuel transition over time to meet the IMOslong-term targets.250 million tonsof emissions can be cut at no costrepresenting half of the savings fromenergy efficiency in 2030.But savingsvary by ship type:Bulk carriers are suited for wind-assisted propulsionContainer ships benefit most from speed reductionTankers face the highest implementation constraintsKeys to Energy-Efficient Shippingin the transition to more expensive alternative fuels in 2040 and 2050.Investing$35 billion annually in fleet-wide efficiency upgrades can reduce the high costs of green fuels and market disruptions.$220 billion in savings per yearUp toAction points for:Barriers prevent wide-scale adoptionEconomic,behavioral and organizational barriers explain why promising measures remain largely untapped,despite their cost-effectiveness and emissions reduction potential.Policy makers Advance performance standards Explore alternative instrumentsIndustry Develop information standards Foster demonstration projectsPorts and port community Explore national or local policies Share best practices Adopt digital solutionsFinance Innovate risk management Integrate financingKeys to Energy-Efficient ShippingxvExecutive SummaryObjectiveWhile discussions about the energy transition in shipping often center on green fuel options to decarbonize shipping,this report highlights the unique role that energy efficiency improvements can play in reducing ships energy consumption and GHG emissions,as well as cutting fuel costs for the sector.In addition to these direct benefits,energy efficiency measures also yield positive outcomes for ports,including improved port efficiency,decreased local air pollution and greenhouse gas emissions throughout the supply chain,and reduced costs.Overall,a discussion on energy efficiency is closely linked to the intertwined role of ships and ports,to which the World Bank contributes in areas such as trade facilitation,port reform,cybersecurity,and energy transition.To better understand the tapped or untapped potential of technical and operational energy efficiency measures for maritime transport,and how this can help reduce transport costs for developing countries in the energy transition,this report addresses four main questions:What is the overall contribution of energy efficiency measures to meeting the IMOs checkpoints and net-zero target on the path to 2050 for the global fleet and main ship types?What is the contribution of individual energy efficiency measures to cut GHG emissions,and how cost-effective are they?How can energy efficiency contribute to a cost-effective energy transition pathway,and how do they work in conjunction with the long-term fuel transition?What are the remaining barriers to maximizing energy efficiency in shipping,and what are the possible solutions?Keys to Energy-Efficient ShippingxviKey findingsFollowing the quantitative and qualitative analysis,the report sets out four key findings for policymakers and industry to consider:1.Energy efficiency measures can reduce ship emissions by up to about 40 percent in 2030,exceeding the International Maritime Organizations(IMO)policy objectives.Technical and operational energy efficiency measures offer a maximum potential to reduce absolute GHG emissions by 23-39 percent in 2030 relative to 2008 levels,clearly exceeding the IMOs base level of ambition of 20 percent in 2030 and at a maximum exceeding the IMOs high level ambition of 30 percent.The largest untapped potential in the short term lies in ship speed reductions for the overall fleet,reducing GHG emissions by 5-15 percent,with additional savings achievable by optimizing voyage speed into congested ports.Beyond 2030,the contribution of technical measures,such as changes in ship design and the addition of new equipment,is expected to increase.As the global fleets fuel transition to green fuels is still ramping up,energy efficiency improvements are promising short-term solutions.While energy efficiency measures are insufficient to meet the IMOs 2050 target,at a maximum lowering GHG emissions to about 40 percent below 2008 levels,they will also complement the fuel transition beyond 2030 and reduce ships reliance on fossil fuel.2.About half of emissions savings from energy efficiency measures are considered cost-effective in 2030,cutting 250 million tons of emissions at no cost.By 2030,cost-effective energy efficiency measures could fully pay for themselves by lowering shippings fuel costs.For bulk carriers,container ships,and tankers,which account for nearly 80 percent of shipping GHG emissions,the majority of energy efficiency measures are cost-effective.However,marginal abatement costs for individual measures vary by ship type,primarily due to differences in ship design and operational requirements.Tankers have the least cost-effective abatement due to relatively higher installation costs of technologies and technical limitations when reducing speed.Bulk carriers offer favorable design features for wind-assisted propulsion,while container ships show high abatement effectiveness in reducing speed.3.Energy efficiency measures can reduce the total cost of the maritime energy transition by up to about$220 billion per year.Improving the energy efficiency of the global merchant fleet is insufficient to meet the IMOs policy objectives alone.Therefore,green fuels,such as methanol and ammonia,will be indispensable in 2040 and 2050,but are more expensive than conventional fuels.A cost-efficient route to meeting the sectors GHG emissions targets is to prioritize energy efficiency,which reduces the fuel consumption of the fleet and,therefore,the overall cost of the transition.Annual capital investments in energy efficiency across the fleet of about$35 billion can save up to$270 billion in green fuel costs per year.Investments in energy efficiency measures also offer mitigation to fuel price volatility and will be a critical component of the fuel transition,when green fuels are still more expensive.Keys to Energy-Efficient Shippingxvii4.Despite their potential,several top candidate energy-efficiency measures in merchant shipping remain underused because of sector-specific economic,behavioral,and organizational barriers.While promising,some of the candidate measures with the highest GHG emissions savings and lowest uptake,such as wind-assisted ship propulsion,air lubrication,and port call optimization(PCO),remain untapped to date.An explanation for the lack of investment and implementation of cost-effective measures is due to known economic,behavioral,and organizational barriers,which are also common barriers to implementing energy efficiency improvements in other sectors.Specifically,imperfect information,split incentives,and asymmetric information are the most significant market failures,while non-market failures such as access to capital,hidden costs,perceptions of technology risk,and market heterogeneity,contribute to the lack of uptake of technical measures.Behavioral and organizational barriers are particularly important to address to increase the uptake of PCO by ports and the shipping industry.Action pointsEnergy efficiency has significant potential for global shipping but remains largely untapped to date.While there are public and private-led initiatives underway,significant barriers persist.How can the remaining barriers be addressed,and who is best placed to lead such efforts?PolicymakersRegulatory bodies set the standards for the safety,security,and environmental performance of ships.They play a major role in creating an enabling environment for realizing the full potential of energy efficiency.Advance performance standards:Performance standards have been the backbone of a uniquely regulated global shipping sector.They hold some of the greatest potential to address the longstanding market failures and barriers,such as information barriers,which prevent firms from responding to only price signals(Gupta and others 2007).International performance standards(for example EEDI,CII)can be strengthened and considered by IMO member states in their future work plans.Explore alternative instruments:However,other instruments(for example emission levies,subsidies)can also provide additional demand and supply-side incentives,especially as there is a growing recognition that a combination of multiple climate policy instruments may be needed to decarbonize industries(Grubb,Hourcade,and Neuhoff 2014;Mazzucato 2018;IMO 2021b).The large untapped potential of energy efficiency,especially to help make shipping cost more resilient to absolute fuel price volatility,rerouting shocks,and fuel transition cost,hence presents an opportunity for national,regional,and international policymakers.Keys to Energy-Efficient ShippingxviiiIndustryThe shipping industry is both an enabler and beneficiary of increased energy efficiency.Actors range from shipowners,shippers,to equipment manufacturers.Develop information standards:Alongside regulatory intervention,voluntary information standards can complement policies to help address imperfect information market failures and harmonize data exchange.Industry initiatives can help innovative technologies gain market acceptance.Here,validation guidelines for technology performance,and ultimately fuel savings,are important to grow investor confidence through consistent terminology(ITTC 2024).Foster demonstration projects:Third-party verified data on technology demonstrations in real operating conditions would also help improve access to capital and increase the business case for charterers and shipowners.Ports and port communityPort stakeholders are critical actors to foster the uptake of promising port-centric energy efficiency measures,such as port call optimization,but also infrastructure-related options,such as onshore power supply.Explore national or local policies:National and local(port)policies can encourage these port development activities by considering how regulatory instruments can be used,as ports do not traditionally fall under the regulatory realm of the IMO.1 Share best practices:The learnings from ports that are more advanced in implementing port call optimization can help ports in the beginning or earlier stage of implementation to address adoption challenges.This is especially important for many ports that operate under some type of landlord model in which private terminals control the data around berth planning.Adopt digital solutions:These initiatives can be supported by a software support system such as a port community system or a maritime single window,which facilitate data sharing across multiple stakeholders.Adoption of global digital data standards that establish definitions of different locations within ports and port call timestamps from universally accepted IMO and International Hydrographic Organization(IHO)standards is also crucial to improve communication on port calls and arrival times between ship operators and ports,enabling port call optimization.1 See Resolution MEPC.323(74)(IMO,2019)which specifically encourages port-side energy efficiency initiatives that support the viability of business cases for the provision of ship and shoreside/onshore power supply from renewable sources,facilitating Just-in-Time Arrival of ships through developing necessary global digital data standards that would allow reliable and efficient data exchange between ship and shore,and promoting incentive schemes that address GHG emissions and sustainability of international shipping and encourage more incentive providers and shipping companies to join these schemes.Keys to Energy-Efficient ShippingxixFinanceAs uptake lags,access to capital is essential for financing investments in energy efficiency technologies and systems,both on board ships and at port facilities.Innovate products:To justify financing for energy efficiency upgrades,these technologies must demonstrate that they enhance the ships value,for example,by improving operating cash flow through reduced fuel costs or lower compliance expenses.To allow debt capital to support energy efficiency,ship financiers should collaborate with industry stakeholders to develop new financing solutions for retrofits to address the risk in energy efficiency investments such as when the benefits do not fully accrue to the shipowner.Additionally,financiers can collaborate with industry stakeholders to establish universally accepted information standards,which would help articulate the value of these technologies more clearly.Integrate financing:For port investments,implementing digital technologies to optimize port calls represents a cost-effective approach to achieving significant development outcomes.These interventions are often overlooked as standalone measures due to their seemingly modest scale.However,they can deliver substantial benefits.Development partners can collaborate with public port authorities to bundle smaller initiatives with broader trade facilitation and port infrastructure investments,ensuring that initiatives aimed at optimizing port calls are effectively implemented.This approach enables the sector to capitalize on these efficient solutions and avoid missing out on valuable opportunities for improvement in air pollution management,GHG emission reductions,and enhanced trade efficiency.BackgroundKeys to Energy-Efficient ShippingxxiInternational maritime transport is the backbone of international trade,carrying over 80 percent of global trade by volume(UNCTAD 2022).As such,international shipping can play a significant role in greening the energy supply chain by carrying green fuels,2 green technologies,and related components from producers to end consumers.At the same time,shipping accounted for around three percent of global anthropogenic greenhouse gas(GHG)emissions in 2018(Faber and 2020).Projections suggest emissions could increase to 90-130 percent of 2008 GHG emissions by 2050 under Business-as-Usual(BAU)scenarios(Faber and others 2020).Whats new in this report?Much of the discourse on shippings energy transition focuses on green fuel pathways.While these are critical,this report examines the distinct contribution of energy-efficiency improvements to enabling lower-emission operations and reducing the sectors fuel costs.To date,investments in energy efficiency measures have been inhibited by barriers such as imperfect information that prevent the adoption of these low-hanging fruits.This report(i)quantitatively models the possible effects of energy efficiency against different socio-economic pathways and emission goals.It also(ii)updates marginal abatement cost(MAC)curves for relevant measures,(iii)quantifies the cost reduction potential to the maritime fuel transition when energy efficiency measures are applied,and(iv)explores the remaining barriers for their uptake,including deep dives on two promising measures and related industry initiatives,for policymakers to consider.Overall,a discussion on energy efficiency is closely linked to the intertwined role of ships and ports,to which the World Bank contributes in areas such as trade facilitation,port reform,cybersecurity,and the energy transition.Policy contextIn July 2023,the International Maritime Organization(IMO)unanimously adopted the 2023 IMO Strategy on Reduction of GHG Emissions from Ships.This landmark agreement replaces the 2018 Initial Strategy and significantly strengthens shippings GHG reduction targets.IMO member states agreed to:Reach net-zero GHG emissions from international shipping by around 2050,with interim checkpoints of 20-30 percent by 2030 and 70-80 percent by 2040;Make zero or near-zero GHG energy,fuels,and technologies 5-10 percent of shippings energy mix by 2030;and Develop a marine GHG fuel standard and a maritime GHG emissions pricing mechanism,which are expected to be adopted in 2025 and could enter into force in 2027(IMO 2023).2 Green fuels in the context of this report,refer to fuels which have zero or near-zero GHG emissions,on a well-to-wake basis,in line with the definitions in the IMO 2023 GHG Strategy.Keys to Energy-Efficient ShippingxxiiIn general,maritime transport strongly correlates with global trade.Historically,shipping activity has rarely remained constant.The more goods that are traded,the more transport services by ships are needed.From 2012 to 2023,for instance,the size of the fleet increased by 59 percent,while seaborne trade grew by 19 percent(UNCTAD 2025a;UNCTAD 2025b).With any further increase in global trade,the demand for maritime transport is projected to grow as well.To meet the recently adopted absolute GHG reduction targets in a growing sector,GHG intensity(GHG emissions per transport work)across the fleet needs to decrease more than the numbers of the absolute targets suggest.This means shipping will need to reduce its GHG intensity beyond the 20-30 percent by 2030,or the 70-80 percent by 2040 absolute GHG emissions targets(IMO 2023).Given the long lifetime of ships of 20-25 years,this implies that ships recently put into service or being ordered now should plan for the ability to run on green fuels in the near future.Otherwise,they risk becoming stranded assets.However,these fuels are estimated to be at least twice as expensive as fossil fuel bunker fuel on a per-ton basis(DNV,2024).Therefore,minimizing the amount of green fuel required to propel ships by improving their energy efficiency will become increasingly important in the future.Energy efficiency vs.GHG intensityThe energy efficiency of the fleet,defined as the energy used to achieve a given quantity of output,is an important driver of maritime GHG emissions.Output in the shipping sector is defined as the movement of cargo and passengers.In freight shipping,energy efficiency is express as energy per unit of cargo per unit of distance(for example megajoules per ton-mile(MJ per t-nm);see also Box E.1).Carbon dioxide(CO2)emissions are sometimes used as a proxy for energy.This is appropriate if the shares of each fuel in the fuel mix remain approximately constant(and if the fuel mix contains fossil fuels),which means there is a linear relationship between a fuels energy content and the emitted CO2.In this report,GHG intensity for the shipping sector is measured in Well-to-Wake CO2 equivalent per ton-nautical mile.Box E.1Definitions of energy efficiencyEnergy efficiency can be defined generally as the quantity of energy used to achieve a given quantity of output.In the case of shipping,the output is the movement of cargo and passengers.Therefore,energy efficiency in freight shipping is often represented as the energy required per unit of cargo(mass or volume)per unit of distance.For passenger shipping,it can be defined as the energy per number of passengers per unit of distance.Other definitions are based on transport supply(for example transport capacity of a ship)rather than on the actual transport work.CO2 emissions are sometimes used(for example,in metrics used in IMO regulation)as a proxy for energy.Source:World Bank.Keys to Energy-Efficient ShippingxxiiiThe development of shipping emissions and carbon intensityPrior to the advent of relevant energy efficiency regulations(the Energy Efficiency Design Index(EEDI)and Ship Energy Efficiency Management Plan(SEEMP),which came into force in 2013),the development of energy efficiency was primarily due to market forces and technology development.The design efficiency of new ships improved significantly after the oil crises of the 1970s but deteriorated again when oil prices remained low throughout the 1990s and 2000s(Faber and others 2016).After around 2015,design efficiency started to improve again.Figure E.1 shows that total CO2 emissions decreased between 2008 and 2014.In the early 2000s,high freight rates triggered a surge in ship orders,rapidly expanding the global fleet.When demand dropped during the 20072009 global financial crisis,shipping companies responded by reducing operational speeds,which significantly improved the operational efficiency of ships(IMO 2014).Speed reduction,also referred to as“slow steaming”,was a key driver for GHG emissions reductions,especially for bulk carriers,chemical tankers,container ships,and oil tankers since 2008(Faber and others 2020).However,most ship types ceased slowing down further from 2015 to 2018,due to the improving freight market situation,decreasing fuel oil prices,as well as certain technical limitations.The COVID-19 pandemic disrupted the relatively stable balance between supply and demand for goods worldwide in 2020,characterized by a reduction in demand and contraction in supply during the first phase of the pandemic.In the second phase,a surge in demand for manufactured goods outpaced supply,placing additional handling pressure on ports and increasing waiting times in ports(UNCTAD 2023).These phases are reflected in the shipping GHG emissions data,with the dip in shipping GHG emissions occurring in 2020,followed by a rebound back to nearly 2008 levels by 2021.Persistent geopolitical tensions have prompted ships to adjust their trading patterns to circumvent chokepoints.As a result of the logistical disruptions and an increase in long-haul trade from importing countries in Asia,ton-mile demand reached its highest volume since 2011 in 2024(UNCTAD,2025c).This has led to increased speeds in some segments,such as container ships,which must maintain their schedules on longer routes.In 2023,container ship waiting times at ports decreased;however,logistical disruptions led to a resurgence in port congestion in 2024.This trend has contributed to higher short-term GHG emissions,but it also highlights the potential to lower port waiting times through targeted port optimization strategies(World Bank 2025c).Keys to Energy-Efficient ShippingxxivFigure E.1 Trends in transport work,ship operational efficiency,and GHG emissions since 2008500 %-10%-20%-30%-40%0 0820092010201120122013201420152016201720182019202020212022Total CO2 emissionsOverall operational efficiencyTotal transport demandSource:Smith and Francis(2024b);Clarksons(ongoing).Operational efficiency is the EEOI,which measures the CO2 emissions per unit of transport work.Carbon intensity steadily improved by around 30 percent over the period 2008-2018(Faber et al.2020).A contributing factor to the improvement in carbon intensity after 2008 was the marked increase in the average size of ships,particularly for container ships,bulk carriers,and gas carriers.Another factor was the aforementioned speed reduction.The improvement in carbon intensity slowed to 1.1 percent per year in the 2018-2022 period,according to data from Smith and Francis(2024b).Crucially,this highlights that a decline in carbon intensity can help reduce GHG emissions.However,if transport work increases enough and ships are overwhelmingly propelled by fossil fuels,absolute GHG emissions can still rise despite improvements in energy efficiency.The reduction in productivity during this period suggests that there is potential to improve carbon intensity by,for example,reducing time spent in port,as GHG emissions generated while berthed are not offset by transport work,unlike those generated while sailing.Energy efficiency regulationIn addition to market forces,the IMO introduced energy efficiency regulations,which could result in further improvements in efficiency.In 2011,the IMO adopted a regulation on the design efficiency of ships,which required ships built from 2013 onwards to have a design efficiency better than a reference value.The adoption of EEDI was accompanied by an operational measure,the Ship Energy Efficiency Management Plan(SEEMP).This regulation aims to monitor and improve the operational efficiency of all ships throughout their lifespan by requiring shipowners to develop plans for improving energy efficiency and collect data to monitor the carbon intensity of their fleet(IMO 2011).Keys to Energy-Efficient ShippingxxvThe EEDI is a technical energy efficiency design metric that requires a minimum energy efficiency level per capacity mile(measured in grams of CO2 per capacity mile)for different ship type and size segments.The EEDI is based on the vessels design characteristics,rather than the ships operational performance.It has a strong enforcement mechanism as a vessel is not allowed to sail without a valid International Energy Efficiency Certificate(IEEC)(IMO 2011).The average energy efficiency specifications of newbuild ships ordered since 2013 have improved significantly(Faber and others 2020).These improvements have largely been met through derated engines;however,this directly affects the EEDI equation through reduced power,while not impacting a ships operability,as the market was already operating at lower speeds(Mrsk Mc-Kinney Mller Center for Zero Carbon Shipping 2023).However,there has also been an increase in the uptake of energy efficiency technologies across different segments of the shipping fleet.There are significant advantages to targeting energy efficiency regulation for newbuild ships.Retrofitting a ship with energy efficiency technologies can be more expensive than implementing these technologies during the design and construction stage for newbuilds and could require a vessel to remain in drydock for several months(Nelissen and others 2023).Furthermore,some technical measures,such as hull shape,can significantly reduce power consumption and therefore GHG emissions,but can only be implemented in the design stage of a newbuild vessel.However,as EEDI only applies to newbuilds,and since ships have an average lifespan of 20-30 years,the impacts of EEDI on the overall design efficiency of the global fleet over the first five years of its implementation have been relatively small(UMAS 2020).Recently,the IMO has adopted further legislation that requires existing ships to meet similar standards as new ships(the Existing Energy Efficiency Index(EEXI),as well as regulations which set targets for the operational energy efficiency of ships(the Carbon Intensity Indicator or CII)(IMO 2021a;IMO 2025).Both regulations came into effect in 2023.The EEXI is a design-based technical efficiency standard that extends the EEDI to ships built before 2013,which were not subject to the original EEDI requirements.Initial surveys revealed that for most vessels,shaft power limitation or engine power limitation are the preferred options to achieve EEXI compliance,due to their ease of implementation and effectiveness in reducing calculated GHG emissions(Mrsk Mc-Kinney Mller Center for Zero Carbon Shipping 2023).This reduction of available onboard power is unlikely to lead to a short-term reduction of CO2 emissions,since most vessels routinely operate at speeds and engine loads between 38 percent and 50 percent of their maximum continuous rating,3 well below the maximum allowed under the EEXI(Rutherford and others 2020).However,in the future,the EEXI may limit the ability of vessels to speed up under favorable commercial conditions or to catch up on schedules due to port delays.The Carbon Intensity Indicator(CII)is a measure used to assess a ships operational efficiency.It is calculated as the CO2 emissions arising from all laden and ballast legs,anchorage time,and port stays,divided by the ships deadweight capacity times the total distance sailed in a year,in grams of CO2 emitted per cargo carrying capacity and nautical mile(IMO 2021a).Following IMOs review of short-term measures,Resolution MEPC.400(83)(IMO 2025)introduced the reduction factors(Z-factors)for the years 2027-2030,at a rate of roughly 2.6 percent per year.It is estimated that 3 Data for 2019,for containers,oil tankers and bulk carriers.Engine loads that would be allowable under the EEXI range from 65%to 77%of the maximum continuous rating of an engine(Rutherford and others,2020).Keys to Energy-Efficient Shippingxxvithe reduction factor would need to be set at 6-7 percent a year for 2027-2030 to ensure ships meet the IMOs“strive”target for a 30 percent reduction in total annual GHG emissions by 2030(Bullock and others 2025).Furthermore,unlike the EEDI and EEXI,which require the ship to have an energy efficiency certificate that complies with the regulation to operate,the CII does not have a strong enforcement mechanism.If only a low(D for 3 years of E for 1 year)CII has been achieved over several years,an action plan(the SEEMP Part III corrective action plan)must be put in place to remedy and achieve a minimum CII.How does the report measure the impact of energy efficiency measures?The maximum potential contribution of energy efficiency measures is modeled using a techno-economic model called CE-Ship.CE-Ship projects future shipping activity and estimates the resulting energy use and GHG emissions under different scenarios.Figure E.2 provides a schema of the models modules and steps to calculate the impact energy efficiency measures could have on energy use and GHG emissions.Keys to Energy-Efficient ShippingxxviiFigure E.2 Structure of the CE-Ship techno-economic modelBase year energy use and emissions(2022)Fleet moduleTransport work scenariosShip type/sizeFleet activityEfficiency moduleFuel moduleCalculation moduleGHG emissionsand intensityRegulatory efficiency improvementsTechnical and operational efficiency measuresTotal energy efficiencyEnergy demand(Future)Fuel mixCO2Source:World Bank,based on CE Delft.Keys to Energy-Efficient ShippingxxviiiThe analysis considers:Base year energy use and GHG emissions:Historical fleet and GHG emissions data for 2008,as the IMO GHG reduction targets are set relative to 2008.Historical GHG emissions are also benchmarked to 2018(the last year studied in the GHG emissions inventory of the Fourth IMO GHG Study)and to 2022 data to reflect the trends from 2018 to 2022.Both international and domestic shipping GHG emissions are considered,following vessel classifications from IMOs Third and Fourth GHG studies(IMO 2014;Faber and others 2020).4 Fleet module:In the model,baseline GHG emissions are extended to 2050 using two BAU pathways,with low and high demand scenarios from the Fourth IMO GHG Study(Faber and others 2020).For bulkers and containers,a significant growth in transport demand is projected,reaching up to 200 percent by 2050.The tanker sector experiences a decrease in demand for oil transport,but an increase in gas and chemicals transport.In addition to transport demand,GHG emissions are driven by changes in fleet composition(the number and average vessel size per ship type and size category).Bulk carriers and gas carriers are assumed to increase in size to reflect recent trends.It is expected that the increase in the size of container ships will be limited by the large associated terminal investment;however,the number of container ships in the largest size bins is expected to grow.Energy efficiency module:GHG emissions are influenced by the IMOs energy efficiency policies and the uptake of energy efficiency measures.Marginal abatement cost curves are used to determine the order of measures that are applied sequentially.Fuel module:The model does not assume any changes to the future fuel mix due to a potential increase in the uptake of green fuels.This is a simplifying assumption to understand the impact of energy efficiency measures on GHG emissions,GHG intensity,and energy efficiency.Results calculations:In the BAU,the uptake of energy efficiency measures is driven by regulation,where only the IMOs EEDI and EEXI regulations are applied.This baseline is compared to energy efficiency abatement scenarios.The energy efficiency potential of the abatement scenarios is constrained by the fleet uptake of the energy efficiency measures,which take into account the technical applicability and technology maturity.Measures are applied sequentially from most cost-effective to least cost-effective.The individual modules of the CE-ship model are used to provide insights into the possible scale of GHG emissions reduction through energy efficiency alone.4 For cruise ships,ferries,yachts and miscellaneous service vessels,fixed demand and no energy efficiency improvements into the future were assumed.Keys to Energy-Efficient ShippingxxixThe report is structured as follows:Chapter 1:Estimates the overall theoretical contribution of energy efficiency measures to meeting the IMOs checkpoints and net-zero target on the path to 2050 for the global fleet and largest emitting fleet segments,namely bulk carriers,container ships,and tankers.Chapter 2:Assesses the individual theoretical contribution of different energy efficiency measures to meeting the IMOs policy objectives for the global fleet and the largest emitting fleet segments and discusses the cost-effectiveness of abatement for these measures.Chapter 3:Explores the cost of a transition to green fuels where energy efficiency measures are employed compared to a scenario with only green fuels.Chapter 4:Introduces the general barriers to the uptake of energy efficiency measures in the shipping industry and deep dives into some of the most promising measures and stakeholder initiatives,the barriers to their uptake,and lessons learned,outlining best practices and solutions.Chapter 5:Concludes and translates the findings into key messages for policymakers,industry,ports,and port community stakeholders.How much can Energy Efficiency Measures Reduce Ship Emissions?1Keys to Energy-Efficient Shipping2Alongside the use of green fuels,improving the energy efficiency of the global shipping fleet is important to meet the sectors emission reduction goals.But how much can energy efficiency improvements really contribute to achieving these targets?The analysis in this chapter quantifies how much operational and technical energy efficiency measures can contribute to(i)overall greenhouse gas(GHG)reductions,(ii)GHG intensity,and(iii)energy efficiency of the global fleet.The model assesses the impact of energy efficiency measures based on two key factors:the growth of trade and the level of energy efficiency applied.The reductions from the energy efficiency scenarios are compared to the two BAU scenarios,reflecting the IMOs current energy efficiency regulations5 and different transport demand growth pathways.They are also compared to the IMOs 2023 GHG Strategy goals,including its 2030,2040,and 2050 targets.6 To be consistent with the IMOs policy goals,the study incorporates the full lifecycle of GHG emissions,or Well-to-Wake emissions,covering indirect emissions from fuel production through to emissions from direct combustion by the ships engine.To understand the applicability of energy efficiency measures on specific ship types,the analysis zooms in on bulk carriers,container ships,and tankers7 as they account for nearly 80 percent of the global shipping GHG emissions.1.1 Maximum abatement scenariosThe outcomes for maximum GHG emissions reductions,or abatement,result from the uptake of energy efficiency measures,including ship speed reductions.In total,30 energy efficiency measures,divided into over 15 unique groups,are considered.8 Reducing ship speed can significantly reduce fuel consumption and,therefore,emissions.The modeling in this study does not consider possibilities for enhancing capacity by improving the productivity of the fleet(for example,by reducing berth time through port call optimization).The emissions reductions from speed reduction therefore represent a conservative estimate because the model assumes more ships are needed to fulfil the same demand.Onshore power supply is also not explicitly considered,although reduced auxiliary power demand is included among other technology groups.The implementation rate of technical and operational measures is assumed to increase over time,as measures become more technologically mature and new vessels enter the market,as shown in Figure 1.1.The uptake rate attempts to model what is technologically feasible,assuming no barriers exist.The model distinguishes between the uptake rates of market-ready technical measures and innovative technical measures.For innovative measures,specifically wind-assisted ship propulsion,air lubrication,solar panels,and a super-light ship,there is a limited uptake of five percent among eligible vessels in 2030.Most of the measures have significant uptake levels of 90 percent in eligible vessels in 2030.Both cost-effective and non-cost-effective energy efficiency measures are used for the maximum abatement scenarios.5 The EEDI and EEXI are the only IMO regulations considered.6 IMOs 2023 GHG Strategy explicitly states that“the levels of ambition and indicative checkpoints should take into account the well-to-wake GHG emissions of marine fuels”and the IMOs GFI standard.Well-to-wake emissions include upstream emissions.Excluding upstream emissions could lead to an underestimation of the total emissions associated with marine fuels,potentially favoring a fuel that has lower downstream but higher upstream emissions.7 Tankers include oil tankers,chemical tankers,liquified gas tankers,and other liquids tankers according to IHS Markits StatCode 5 Ship Type Level 2 classification.8 The measures use the same categorization as the Fourth IMO GHG Study.Keys to Energy-Efficient Shipping3Figure 1.1 The modeled uptake speed of measures among eligible ships0 0Pp0 22203020402050Technology uptake among eligible shipsMature energy efficiency measureInnovative energy efficiency measureSource:World Bank.In the model,four abatement scenarios account for variations in transport demand growth and the degree of feasible speed reduction(Table 1.1).The difference between the Moderate Efficiency and Maximum Efficiency scenarios is the application of a 10 percent and 30 percent speed reduction,respectively.The speed reductions are compared to 2022 average ship speed values and represent the range of technically feasible speed reductions for all ship types and sizes.Accordingly,the GHG emissions reduction potential is significantly larger in the Maximum Efficiency scenarios.The scenarios are further divided into High Demand and Low Demand scenarios based on their transport demand growth.The resulting four scenarios are compared to 2008 GHG emissions levels,or to Business-As-Usual emissions growth with High Demand and Low Demand.To isolate the effects of energy efficiency,the abatement scenarios do not consider a shift towards green fuels.Therefore,vessels are assumed to continue using fossil fuels,namely HFO,MGO,and LNG,which are quite similar in carbon content.Hence,the trend for improved GHG intensity is directly related to energy efficiency.Therefore,changes to GHG emissions and GHG intensity in the scenarios result from improvements in energy efficiency alone.Keys to Energy-Efficient Shipping4Table 1.1 Overview of abatement scenariosScenarioEnergy efficiency abatementTransport demand growth1Moderate Efficiency-Low DemandMaximum energy efficiency measures with a 10 percent speed reductionLow2Moderate Efficiency-High DemandMaximum energy efficiency measures with a 10 percent speed reductionHigh3Maximum Efficiency-Low DemandMaximum energy efficiency measures with a 30 percent speed reductionLow4Maximum Efficiency-High DemandMaximum energy efficiency measures with a 30 percent speed reductionHighSource:World Bank.As transport demand increases towards 2050 in the scenarios,the effects of energy efficiency improvements on total GHG emissions become more limited.This is because in a scenario with higher overall transport demand,more ships are needed to carry cargo between countries.The reduction in greenhouse gas intensity of global shipping would therefore need to offset the increase in transport demand(in ton-miles),for total emissions to decline.1.2 Maximum abatement potentialThe modeling indicates that the implementation of energy efficiency measures has significant abatement potential,but this potential varies in its ability to meet the IMOs GHG emissions reduction goals over time.The maximum abatement potential of three out of four abatement scenarios achieves higher emissions reductions than the 20 percent target set by the IMO in 2030,and the Maximum Efficiency scenario exceeds the 30 percent target in both low and high demand scenarios(Figure 1.2).However,for the IMOs 2040 and 2050 targets,the maximum abatement potential for all four abatement scenarios cannot achieve the required reductions in GHG emissions.This means that even in a scenario with maximum uptake of energy efficiency measures,there is a clear need for green fuels before 2040.Keys to Energy-Efficient Shipping5Figure 1.2 The Maximum Efficiency-High Demand emissions reduction pathway,relative to 2008 Historical dataProjection60 %0%-20%-40%-60%-80%-100%-120%-140 05201020152020202520302035204020452050GHG emissions development(2008=0%)Business-as-usual(High Demand)Minimum IMO GHG reduction goalsMaximum Energy Efficiency-High Demand ScenarioStriving IMO GHG reduction goalsSource:World Bank.Table 1.2 shows the abatement potential through energy efficiency measures for the total cargo-carrying fleet as well as three main ship segments(bulk carriers,container ships,tankers).The emission reduction potential is largest for bulk carriers and container ships,especially for scenarios with low growth in transport demand.For certain ship segments,there is projected growth in GHG emissions by 2050 compared to 2008,attributed to increases in transport demand and changes in fleet composition.There is less overall emission reduction potential from energy efficiency measures for non-major fleet segments such as vehicle carriers and ferries,segments that are included in the global fleet.For these vessel types,the model assumes either no growth or reduced growth in transport demand,making the results more stable over time(see Appendix A for details).Table 1.2 Modelled absolute emissions reduction potential,relative to 2008Year203020402050Total fleet*23%up to 39%up to 40%up to 42%Bulk carriers22%up to 50%up to 51%0%up to 50%Tankers-6%up to 18%-16%up to 21%-22%up to 30%Container ships13%up to 43%-1%up to 43%-19%up to 41%*Includes miscellaneous ship types such as pleasure yachts for which no improvements are modeled.Negative values mean GHG emissions increase.Source:World Bank.Keys to Energy-Efficient Shipping6For a more accurate comparison of the energy efficiency potential,it is worthwhile examining model outcomes using GHG emissions intensity rather than total emissions savings.Table 1.3 shows the range of outcomes in terms of emission intensity.These results control for changes in transport demand and therefore provide a more accurate comparison of energy efficiency between ship types.The improvement potential for energy efficiency is lowest for tankers,which experience a shift in trade composition from oil to gas and chemicals.Chemical and gas tankers are in general transported by smaller vessels which have a higher average GHG intensity,and therefore the weighted average for tankers increases.Table 1.3 Modelled GHG intensity reduction potential,relative to 2008Year203020402050Total fleet*53%-63X%-68a%-71%Bulk carriers58%-71c%-76g%-78%Tankers40%-51%-534%-52%Container ships52%-66Y%-71b%-74%*Only includes ships which transport freight goods.Source:World Bank.Because there are no major changes in the modelled fuel types,the trend in GHG intensity is directly related to energy efficiency and therefore follows the same trajectory as GHG intensity.1.3 Detailed results for the overall global fleetAs outlined earlier,GHG emissions were modeled under scenarios of low and high growth in transport demand over time.Accordingly,the maximum abatement scenarios yield different emissions savings,depending on which transport demand scenario and energy efficiency scenario is modeled relative to the 2008 baseline(Figure 1.3).The GHG emissions of the BAU scenarios follow similar pathways to the projections of maritime ship emissions in the Fourth IMO GHG study.Emissions in the two BAU scenarios increase as transport demand rises towards 2050.Due to the application of technical and operational measures,the two abatement scenarios show significantly lower GHG emissions.The improvements are best visible for 2030,for four reasons:The increase in transport demand from a 2022 baseline is relatively less for 2030 compared to 2040 and 2050 All energy efficiency measures are applied to existing and newbuild vessels,depending on applicability As many mature energy efficiency measures can already be implemented in 2030,there is a high peak in energy efficiency improvement in 2030.However,as uptake potential is reached,Keys to Energy-Efficient Shipping7reduced improvements towards 2040 and 2050 are possible.For mature energy efficiency measures,the residual uptake potential is only 10 percent after 2030,as by that time,a 90 percent uptake among eligible vessels could be achieved Speed reduction has a large emissions reduction potential.The model assumes that vessels reduce operating speeds compared to 2022 in 2030.Between 2030 and 2050,the reduced speed in 2030 remains constant.As a result,the largest benefits from an operating speed reduction occur only until 2030.Figure 1.3 Modeled absolute emissions development to 2050GHG emissions development(2008=0%)2005201020152020202520302035204020452050-50%-40%-30%-20%-10%0 0U,high demand growthBAU,low demand growthModerate Efficiency-High Demand ScenarioModerate Efficiency-Low Demand ScenarioMaximum Efficiency-High Demand ScenarioMaximum Efficiency-Low Demand ScenarioHistoric emissionsSource:World Bank.After 2030,energy efficiency improvements on vessels are offset by increases in transport demand.For the low transport demand scenarios,this results in stable emission levels,whereas for the high demand scenarios,GHG emissions begin to increase towards 2050.The results show that the 30 percent(“striving for”,or upper bound of the IMOs emission reduction ambition in 2030)can already be achieved through the Maximum Efficiency-High Demand and the Maximum Efficiency-Low Demand scenarios.The IMOs commitment to ensuring an uptake of zero or near-zero GHG emission technologies,fuels and/or energy sources of at least 5 percent(“striving for 10 percent uptake”)of the energy used by international shipping by 2030 cannot be met using only energy efficiency measures.Wind-assisted propulsion has an abatement potential of five percent in 2030,but it is assumed that it cannot be applied to all ship types,including container ships.As a result,an additional uptake of zero or near-zero GHG emission fuels is necessary to meet the targets.Keys to Energy-Efficient Shipping8As mentioned earlier,emission intensity shows improvements in energy efficiency more clearly than looking at total GHG emissions only.The GHG intensity of the fleet improves in both the energy efficiency abatement scenarios and in the BAU scenarios(Figure 1.4).This is because existing ships become more efficient,and more efficient newbuilds enter the fleet.Also,as measures mature,the uptake in the total fleet increases.This is especially true for innovative measures,such as wind-assisted propulsion.However,the improvement in GHG intensity does not offset the increasing transport demand,required to keep reducing overall emissions(Figure 1.4).Figure 1.4 Modeled emissions intensity development to 2050WTW GHG intensity development(2008=0%)2005201020152020202520302035204020452050-80%-70%-60%-50%-40%-30%-20%-10%0U,high demand growthBAU,low demand growthModerate Efficiency-High Demand ScenarioModerate Efficiency-Low Demand ScenarioMaximum Efficiency-High Demand ScenarioMaximum Efficiency-Low Demand ScenarioHistoric intensitySource:World Bank.1.4 Detailed results for bulk carriers,tankers,and container shipsIn the BAU scenario,the GHG emissions of all ship types are expected to grow due to the growth in transport demand.Interestingly,the emissions increase is largest for tankers,while the growth in transport demand is smaller than that of bulk carriers and container ships.As mentioned earlier,this effect results from a shift in transport demand within the segment,moving from relatively GHG-efficient oil tankers to less efficient chemical tankers and gas carriers.In the Maximum Efficiency-High Demand scenario,GHG emissions reduce until 2030 but start increasing again to 2050 for all three main ship types(Figure 1.5).This is due to the significant impact of energy efficiency measures in 2030,during which transport demand growth remains limited.Keys to Energy-Efficient Shipping9Figure 1.5 Absolute GHG emissions for the three fleet segments to 2050GHG emissions development(2008=0%)2005201020152020202520302035204020452050-60%-40%-20%0 0%Tanker(BAU)Tanker(Maximum Efficiency)Container(Maximum Efficiency)Bulker(Maximum Efficiency)Container(BAU)Bulker(BAU)Source:World Bank.GHG emissions for three fleet segments(bulker,container,tanker)under BAU-High Demand and the Maximum Efficiency-High Demand scenario to 2050.For GHG intensity,the reduction in GHG intensity in the Maximum Efficiency-High Demand scenario is significantly larger due to the increased application of energy efficiency measures(Figure 1.6).The increase in energy efficiency uptake is highest in 2030 and then becomes more limited towards 2050.As a result,the main decrease in GHG intensity is in 2030.TankersAs noted earlier,the High Demand BAU scenario shows an increase in intensity for tankers,driven by a shift in underlying commodities from oil to gas and chemicals.Chemicals and gas are,in general,transported by smaller vessels which have a higher average GHG intensity than oil tankers.The weighted average GHG intensity for tankers therefore increases towards 2050 for the BAU scenario.Looking at the maximum abatement scenario(Maximum Efficiency-High Demand),tankers would decrease their GHG intensity between 2022 and 2030;however,due to the change in fleet structure,GHG intensity increases between 2030 and 2050.Consequently,total GHG emissions increase between 2030 and 2050,especially in the high demand scenario(Figure 1.5).Having said this,in the Low Demand scenario,total tanker transport demand decreases between 2022 and 2050,leading to a decrease in total GHG emissions between 2030 and 2050 for both abatement scenarios.Bulk carriers and container shipsBulk carriers and container ships show an improvement in GHG intensity for both the BAU and the Maximum Efficiency-High Demand scenarios(Figure 1.6).For container ships,the overall GHG emissions reductions are increasingly offset over time due to a comparably larger growth in transport demand,widening the gap relative to bulk carriers(Figure 1.5).Keys to Energy-Efficient Shipping10Figure 1.6 Emissions intensity for the three fleet segments to 2050WTW GHG intensity development(2008=0%)Tanker(BAU)Tanker(Maximum Efficiency)Container(Maximum Efficiency)Bulker(Maximum Efficiency)Container(BAU)Bulker(BAU)2005201020152020202520302035204020452050-90%-80%-70%-60%-50%-40%-30%-20%-10%0%Source:World Bank.GHG intensity is shown for the three fleet segments(bulker,container,tanker)under BAU-High Demand and the Maximum Efficiency-High Demand scenario to 2050.How much do Specific Measures cut Emissions,and how Effective are they?2Keys to Energy-Efficient Shipping12Improved energy efficiency contributes to overall reductions in GHG emissions and the emissions intensity of the shipping fleet.But how much do individual measures contribute to these benefits,and how cost-effective are they?This chapter analyzes the modeled contributions of individual measures to total GHG emissions reductions.2.1 Types of energy efficiency measuresEnergy efficiency measures are divided into technical and operational measures.Technical measures typically involve modifications to the ships design or equipment,whereas operational measures can improve energy efficiency by optimizing ship operations.Some measures are handled onboard by the owner or operator,while others require close coordination between the ship and the port.For example,ports can provide onshore power supply solutions,which will enable ships to cut fuel oil consumption for auxiliary power9 when docked.Just-in-Time(JIT)arrival systems aim to improve overall port call efficiency,but require ships and ports to exchange frequent information in a coordinated fashion upfront.2.1.1 Technical measuresA technical energy efficiency measure refers to physical technology or equipment that can increase the ships energy efficiency during operations.They can be categorized as ship design measures,hydrodynamic measures,machinery measures,alternative energy measures,maintenance strategies,and after-treatment measures.The propulsion system is essential for navigating a ship through water by transforming energy into thrust.It plays a crucial role in determining fuel consumption and comprises the main engine and sometimes multiple propellers,linked by a propeller shaft(Figure 2.1).The main mechanisms to enhance a ships efficiency from energy-saving technologies are to reduce the power needs of the engines.For example,reducing the frictional resistance of the ship in the water or by using wind-assisted propulsion to reduce the power demand from the engines,thereby enhancing the overall efficiency of the machinery system.9 In some cases,boilers can also be connected to onshore power and could be electrified onboard a ship(Osipova and Carraro 2023).Keys to Energy-Efficient Shipping13While the main engine provides propulsion and operates primarily at sea,the ships auxiliary engines(for example diesel generators)supply electrical power both at sea and in port.For steam production,the exhaust gas boiler recovers heat mainly from the main engines exhaust during sailing,whereas auxiliary boilers use fuel to produce steam when the main engine is not running,such as during port stays.Figure 2.1 Marine propulsion system and sources of resistanceHullWaterlineEngineDraftRudderPropellerThrustWavesWindShip speedShip resistanceSource:World Bank.Sources of resistanceResistance comes from air(aerodynamic resistance)and water(hydrodynamic resistance).Hydrodynamic resistance constitutes most of the total resistance encountered when moving a ship through water.This resistance arises from both frictional resistance and residual(wave-making)resistance.Frictional resistance,determined by the length of the hull,the condition of the hull,and the speed,among other factors,can represent up to 75 percent of hydrodynamic resistance(Faber and others 2020).The draft of the ship,or how deep the ship immerses in the water,increases when the ship is carrying cargo.The resulting total surface area below the waterline,also known as the wetted surface area,therefore,increases frictional resistance.Larger,fuller bodied ships,such as bulk carriers and tankers,have a larger wetted surface area,leading to a higher frictional resistance.At lower speeds,frictional resistance dominates as other resistance types are small.Frictional resistance represents about 70-90 percent of the ship total resistance for low-speed ships,such as bulk carriers and tankers,and sometimes less than 40 percent for high-speed ships,such as container and passenger ships(Wrtsil 2020).With increasing ship speed,the residual,or wave-making resistance grows more rapidly than the frictional resistance until it eventually becomes the more dominant component.Thus,reducing a ships speed reduces residual resistance and its share of total resistance.Keys to Energy-Efficient Shipping14Hydrodynamic,mostly wave-making,and aerodynamic resistance are impacted by prevailing weather conditions.Weather impacts the speed,direction,and frequency of wind and waves(Faber and others 2020).Reducing speed in bad weather saves fuel because it reduces the ships struggle against increased resistance and instability caused by waves,wind,and motion.The ships outer shell,or hull,attracts marine organisms,which accumulate over time during operations.Also known as hull fouling,marine growth impacts the condition of the hull as it deteriorates the formerly smooth paint coating and deforms steel plating.As a result,frictional resistance increases.2.1.2 Operational measuresOperational measures can improve energy efficiency by improving ship operations.Unlike technical measures,operational measures do not modify the ships design,machinery,or equipment.Such improvements can be made to the operating profile of the vessel,such as through speed reductions,logistical enhancements(including port call optimization),data-driven decision-making,or improved maintenance and crew training.Better use of data and training can,for example,help to operate a vessel at optimum engine loads,reducing fuel consumption.Implementing operational measures generally does not require significant capital expenditure.However,studies highlight the need for quality and continuous training to enhance crew capabilities for energy-efficient operations(Bayrak,Derya and Muslu 2025;Zoubir and others 2025).2.2 Promising energy efficiency measuresThe savings potential of technical and operational energy efficiency measures varies.There is little consensus on default assumptions for specific measures.Based on a literature review,this sub-chapter details the most promising technical and operational measures and their assumed range of GHG emissions savings when implemented.To determine what measures can be considered promising,the review requires that the measure meet at least one of three criteria:Measures that have high average savings potential and low uptake Measures that cost-effectively decarbonize emissions at berth Measures that effectively enhance the savings of measures with a high savings potential when they are combined.Information about the savings potential is fragmented.While some studies only report the minimum and maximum savings,others provide only the average savings.Promising technical measures include wind-assisted ship propulsion(WASP),waste heat recovery,10 contra-rotating propeller(CRP),and air lubrication.Figure 2.2 illustrates the wide range of reported savings,11 where the average savings can even overlap with the minimum values reported in other studies(see Appendix D for savings details and sources).10 From applications which use Organic Rankine Cycles(ORCs),which convert low to medium temperature heat,such as engine exhaust,to usable power.11 Savings reported include emissions,fuel,net fuel,power,and net power.See Appendix D for the specific units reported per measure.Keys to Energy-Efficient Shipping15Figure 2.2 Range of savings from different technical measuresMeasureSavings(%)010203040Wind-assisted propulsionSavings ranges with min,max,and average pointsWaste heat recoveryContra-rotating propellerAir lubricationRangeMinMaxAverage reportedSource:World Bank.Keys to Energy-Efficient Shipping16Figure 2.3 shows the range of savings from promising operational measures,which are onshore power supply(OPS),Just in Time Arrival(JIT Arrival),and weather routing.While onshore power has a lower savings potential,it is necessary to decarbonize GHG emissions at berth.Weather routing,in turn,has synergies with technical measures,such as wind-assisted propulsion.Figure 2.3 Range of savings from different operational measuresMeasureSavings(%)0510152520Onshore powerSavings ranges with min,max,and average pointsWeather routingJIT arrivalRangeMinMaxAverage reportedSource:World Bank.2.3 The contribution of individual measures to GHG reductionA key question is how much individual technical and operational measures can reduce total GHG emissions from ships over time and how cost-effective these measures are.This section isolates the contribution of technical and operational energy efficiency measures to reducing emissions relative to 2008.It then presents marginal abatement cost curves that show the tons of emissions reduced(or energy saved)above business as usual relative to their cost-effectiveness.2.3.1 Different measures The GHG reduction potential in 2030,2040,and 2050 compared to 2008 can be divided into the following contributors:Historical reduction achieved in the period 2008-2022 Reduction or increase from BAU changes(for example due to transport demand and fleet size and composition)1212 Fleet size equals the number of ships in a fleet.Fleet composition describes the structure of the fleet in terms of the average size of ships within a ship type and size category.Keys to Energy-Efficient Shipping17 Reduction from wind-assisted ship propulsion systems(WASP)Reduction from other technical measures(technical improvement)Reduction from speed reduction Reduction from other operational measures(operational improvement).Emissions in the abatement scenarios are impacted by changes in future transport demand,fleet size and composition,and energy efficiency measures.For example,an increase in the number of larger ships in a ship type category would increase efficiency in meeting the same transport demand.Similarly,a higher transport demand scenario would require more ships,thereby reducing the potential for emissions reduction.To separate out the effects of changes that would naturally occur in a BAU scenario,changes in emissions are analyzed using two scenarios:1.BAU scenarios that measure the effects of current IMO policies,changes in transport demand,and fleet size and composition compared to 2022.2.Energy efficiency abatement scenarios to model abatement potential only,assessing the emissions reduction effects of technical and operational measures.Wind-assisted propulsion and speed reductions were identified as promising technical and operational measures,respectively,and analyzed separately.For the period 2022-2050,emission levels are calculated for scenarios without energy efficiency measures(as detailed above),which makes it possible to isolate effects from a BAU scenario.The remaining emission reduction can be attributed to the energy efficiency measures employed in the energy efficiency abatement scenarios.The emission reductions can then be allocated to wind-assisted propulsion,other technical measures,speed reduction,and other operational measures based on their order in the marginal abatement cost curve and uptake at the ship type and ship size level.Figure 2.4 shows the following contributors:GHG emissions from global shipping between 2008 and 2018 have decreased by about 11 percent GHG emissions from global shipping between 2018 and 2022 were flat,increasing by less than 0.5 percent Future changes in transport demand and fleet composition lead to an increase in emissions(negative emission reduction).Expected increases in transport demand outweigh any gains from trends in increasing ship size for some ship types and size categories and BAU improvements in energy efficiency The absolute emission reduction contributions of energy efficiency measures increase from 2030 to 2050,due to(i)higher adoption levels and(ii)an increase in the size of the fleet,i.e.,number of vessels that use energy efficiency measures.Accordingly,the net total reduction in emissions,relative to 2008,for each year,i.e.,2030,2040,and 2050,and for each scenario,is equal to the sum of each contributor.Keys to Energy-Efficient Shipping18Figure 2.4 Emissions abatement potential to 2050,per contributor-40%-20%0 5020402030low demandhigh demandMaximumEfficiencylow demandhigh demandModerateEfficiencylow demandhigh demandlow demandhigh demandlow demandhigh demandlow demandhigh demandIncrease 2018-2022Reduction from other operational measures(2022)Reduction from wind propulsion(2022)Reduction from speed reduction(2022)Increase from Business-As-UsualReduction 2008-2018Reduction from other technical measures(2022)GHG reduction compared to 2008 levelsMaximumEfficiencyModerateEfficiencyMaximumEfficiencyModerateEfficiencySource:World Bank.Shows the GHG emission abatement potential from energy efficiency scenarios for the total fleet towards 2050 relative to 2008 split up into positive and negative drivers of emission efficiency.For energy efficiency measures,the largest potential for emissions reduction comes from speed reduction,particularly in the Maximum Efficiency-High Demand scenario.Operational improvements,such as hull maintenance,have the second highest potential to reduce emissions in the short run to 2030.Beyond 2030,the contribution of technical measures to emissions reduction increases.By 2050,wind-assist propulsion systems can reduce absolute emissions from global shipping by up to three percent,assuming full uptake.Keys to Energy-Efficient Shipping192.3.2 Marginal abatement cost for ship energy efficiency measuresIn general,measures are selected in order of cost-effectiveness,with the most cost-effective measure applied first.Therefore,each of the modelled measures was assessed in terms of its Marginal Abatement Cost(MAC).This can be graphically represented using a MAC curve,which shows the tons of GHG emissions abated ordered from the most cost-effective measure to the least cost-effective(Figure 2.4).13 Cost effectiveness is typically expressed in USD per ton CO2 eq,where costs include capital expenditure(CAPEX),incremental operational expenditures(OPEX)of the measure,and fuel costs savings(Appendix C).If fuel costs savings exceed annual CAPEX and OPEX,the measure achieves net savings.Here,the marginal abatement cost,expressed in USD per ton CO2eq,is negative,showing that a measure is cost-effective.In cases where annual CAPEX and OPEX are higher than the fuel savings,an energy efficiency measure is not cost-effective.In such a scenario,the marginal abatement cost,expressed in USD per ton CO2eq,is positive.The MAC curves presented in Figure 2.5 to Figure 2.9 are shown for the Maximum Efficiency-High Demand scenario in 2030.The fuel prices reflect fossil fuel prices,as most vessels will still be propelled by fossil fuel.2.3.3 Results for the global fleetTo understand the cost-effectiveness of energy efficiency measures and possible investment into such measures onboard ships in the short-term,Figure 2.5 presents the MAC curve for the total fleet for 2030,compared to the BAU-High Demand scenario.14 Comparing to a BAU scenario helps to clearly see how much GHG emissions change due to specific actions or policies,while controlling for other factors like how much transport is used and the size of the fleet.This provides a clearer picture of the actual impact of actions to reduce emissions,rather than changes caused by market forces,fleet shifts,or existing energy efficiency policies.For the total fleet,energy efficiency measures are grouped as the applicability of individual measures varies for different fleet segments.For instance,while rotor sails(a type of wind-assisted propulsion technology)are well-suited for bulk carriers,they are not compatible with all types of tankers.For tankers,hard sails have a better use case and,therefore,potential.By analyzing measures in a grouped approach,the analysis can consider different measures within a ship segment.Hence,the analysis considers fifteen different groups of measures,of which nine are cost-effective at total fleet level.This translates to approximately half of the total GHG emissions savings from energy efficiency measures,resulting in a reduction of 250 million tons of emissions at no net cost.At the total fleet level,the largest emission reduction is achieved from reducing speed,which accounts for 42 percent of the total emissions abatement.Under the Moderate Efficiency-High Demand scenario,the emissions reduction represents 23 percent of total emissions abatement.Speed reduction has a positive marginal abatement cost.This is a conservative cost estimate,as it assumes that the fleet size would need to grow to maintain current transport supply levels,thereby raising the capital costs for newbuild vessels.However,in certain segments,the demand for additional ships could be reduced by improving fleet productivity,such as minimizing waiting times 13 A MAC curve is read from left to right,with the lowest-cost,highest-impact measures appearing first.The width of the horizontal line shows the annual GHG emissions reduction potential,while its height is showing the average cost per GHG emissions reduced.14 Figure 2.5 and Figure 2.9 are weighted by GHG emissions across fleet segments,reflecting differences in both fleet size and energy use by vessel type.Keys to Energy-Efficient Shipping20through port optimization strategies,like JIT Arrival.This is especially the case for the Moderate Speed scenario,where findings from Smith and Francis(2024a)show that the average speed reduction potential from optimizing voyage speed to minimizing time in anchor is 5-10 percent for most of the major cargo segments(bulkers,container ships,gas tankers,and oil tankers)between 2018 and 2022.Amongst the innovative measures included in the modeling,wind power and air lubrication have the highest emissions savings,but only represent less than one percent of total savings due to their low uptake in 2030.Figure 2.5 Cost-effectiveness and abatement potential of individual measures for the total fleet in 2030 under fossil fuel pricesMarginal abatement cost(USD/ton CO2eq)Optimization of waterfow hull openings0150200501002503003504004505003004005002001000-200-100Emissions abatement(Mton CO2eq)Steam plantimprovementsHull maintenanceWind-assisted propulsionPropeller maintenanceHull coatingAuxiliary systemsPropeller improvementsMain engine improvementsSpeed reductionAir lubricationWaste heat recoverySuper light shipsReduced auxiliary power demandSource:World Bank.Results are presented for the Maximum Efficiency-High Demand scenario.Solar panels were included in the modelling but were omitted from the visual for presentation purposes due to their small contribution to emissions abatement.2.3.4 Results for tankersFor tankers,nine out of fourteen measures are cost-effective by 2030,representing 60 percent of the total tanker GHG emissions savings(Figure 2.6).Steam plant operation improvements,a measure specific to tankers,is among the most cost-effective.Reducing sailing speeds is not cost-effective but still has a high potential to reduce emissions.Speed reduction is not cost-effective Keys to Energy-Efficient Shipping21for tankers due to the higher share of auxiliary engine energy use.Although main engine fuel consumption decreases with slower speeds,the auxiliary engine,which powers onboard systems like cargo temperature control equipment,often operates continuously regardless of ship speed.Assuming that the voyage length increases at slower speeds,the overall energy from auxiliary engines forms a larger proportion of the total energy demand.This increases the cost of speed reduction while also dampening the decrease in emissions of propulsion engines.Figure 2.6 Cost-effectiveness and abatement potential of individual measures for the tanker fleet in 2030 under fossil fuel pricesMarginal abatement cost(USD/ton CO2eq)Emission abatement(Mton CO2eq)Steam plantoperation improvementsReduced auxiliarypower usage(low energy lighting etc.)Frequency convertersWind-assisted propulsion(hard sails)Waste heatrecoveryAir lubricationSpeed reduction(30%)Electronic enginecontrolPropeller performance monitoringLow-friction hull coatingHull hydro blastingOptimization water flow hull openingsContra-rotatingpropeller0204060801001201401603004001002000-200-100Source:World Bank.Results are presented for the Maximum Efficiency-High Demand scenario.Solar panels were included in the modelling but were omitted from the visual for presentation purposes due to their small contribution to emissions abatement.2.3.5 Results for bulk carriers While different in size,bulk carriers can be viewed as a relatively homogenous vessel type in their design specifications.For instance,bulk carrier designs feature large deck areas that can be used for the installation of equipment and technology.Most energy efficiency measures are cost-effective for bulk carriers by 2030,accounting for 95 percent of total bulk carrier GHG emissions savings,with rotor sails being among the most cost-effective(Figure 2.7).Measures that account for the highest emissions reduction with negative marginal abatement cost are notably speed reduction,contra-rotating propellers(CRPs),and propeller performance monitoring.Keys to Energy-Efficient Shipping22Figure 2.7 Cost-effectiveness and abatement potential of individual measures for the bulker fleet in 2030 under fossil fuel pricesMarginal abatement cost(USD/ton CO2eq)Emission abatement(Mton CO2eq)Propeller performancemonitoringWaste heat recoveryWind-assisted propulsion(Flettner rotor)Reduced auxiliarypower usage(low energy lighting etc.)FrequencyconvertersLow-frictionhull coatingAir lubricationSpeed reduction 30%Electronicengine controlHull hydro blastingContra-rotatingpropeller010203040506070809010011012013014015025030035040045050100200-50-150-1000Optimization water flow hull openingsSource:World Bank.Results are presented for the Maximum Efficiency-High Demand scenario.Solar panels were included in the modelling but were omitted from the visual for presentation purposes due to their small contribution to emissions abatement.2.3.6 Results for container shipsAround eleven energy efficiency measures can be applied on container vessels.Fewer measures are applicable compared to bulk carriers and tankers,as deck space is needed for container stowage and the free movement of cranes and containers required during loading and discharging.Wind-assisted propulsion was therefore excluded from the model as it currently has a limited applicability.The results show that most measures are cost-effective for container ships;cost-effective GHG emissions savings represent 95 percent of the total container ship emissions savings.Speed reduction has the highest reduction potential.As the average sailing speeds of containers exceed that of bulk carriers and most tankers,speed reductions for container ships also result in better cost-effectiveness if applied.Keys to Energy-Efficient Shipping23Figure 2.8 Cost-effectiveness and abatement potential of individual measures for the container fleet in 2030 under fossil fuel prices Marginal abatement cost(USD/ton CO2eq)Emission abatement(Mton CO2eq)102040506070809012013014015001603010050100-500-150-100Propeller performancemonitoringWaste heat recoveryReduced auxiliary power usage(low energy lighting etc.)Low-frictionhull coatingFrequencyconvertersAir lubricationSpeed reduction 30%Electronic engine controlHull hydroblastingOptimization water flow hull openingsContra-rotatingpropellerSource:World Bank.Results are presented for the Maximum Efficiency-High Demand scenario.2.3.7 Considerations for green fuelsTo achieve the IMOs policy objective of reaching net-zero GHG emissions by approximately 2050,the adoption of green fuels will be necessary.Ammonia,produced from renewable electricity,is a promising candidate fuel to replace conventional fossil-based marine fuels(Englert,Losos,Raucci,&Smith,2021).Additionally,green ammonia is used as a proxy for a zero-emission fuel,which is estimated to be the least costly fuel in the long term but remains more expensive than conventional fuels(Salgmann,Weidenhammer,&Englert,2024;DNV.2024a).The abatement potential is expressed in energy abatement(in petajoules,PJ).For the total fleet,the analysis developed MAC curves for 2050 using ammonia fuel prices as the benchmark fuel price(as opposed to a fossil-fuel based marine fuel).The results show that almost all energy efficiency measures are cost-effective,except for waste heat recovery systems,super light ships,and solar panels(Figure 2.9).Cost-effective measures represent 95 percent of total energy savings.First,the analysis reveals that in an environment with high or volatile fuel prices,energy efficiency measures pay off more often.Second,for ships sailing on green fuels,energy efficiency Keys to Energy-Efficient Shipping24measures have more cost reduction potential even at long term prices(which may be lower than todays green ammonia production cost).For those ships,investing in energy efficiency offers long-term rewards.Figure 2.9 Cost-effectiveness and abatement potential of individual measures for the total fleet in 2050 under ammonia pricesMarginal abatement cost(USD/GJ)Energy abatement(PJ)Steam plant improvements01,0002,0003,0004,0005,0006,0007,0008,0009,000Propeller maintenanceWaste heat recoverySolar panelsSuper lightshipsReduced auxiliarypower demandMain engine improvementsAir lubricationSpeed reductionOptimization of water flow hull openings204080-40-20060PropellerimprovementsAuxiliary systemsHull coatingHull maintenanceWind-assisted propulsionSource:World Bank.Results are presented for the Maximum Efficiency-High Demand scenario.3How can Energy Efficiency Reduce the Cost of the Maritime Energy Transition?Keys to Energy-Efficient Shipping263.1 Cost of the energy transitionChapter 1 analyzed how energy efficiency measures can contribute to IMO member states policy objectives,concluding that making the global merchant fleet more energy efficient is insufficient to meet the IMOs more stringent GHG emissions reduction targets in 2040 and 2050.Hence,even before 2040,green fuels need to be in the fuel mix.Currently,green fuels emissions fuels,such as methanol and ammonia,which could help achieve these targets,are,however,more expensive.To chart a cost-effective pathway to reaching the strategys milestones,it is important to understand how energy efficiency can lower the overall transition cost,balancing cost-efficiency with emissions reduction benefits for global shipping.This chapter assesses the cost-efficiency of a pathway that maximizes energy efficiency measures complemented by green fuels,compared to an energy transition that only deploys green fuels.3.2 Cost reductions through energy efficiencyThe analysis calculated the total cost of reaching the IMOs GHG reduction goals,considering annual fuel cost,as well as CAPEX and OPEX of energy efficiency measures and green fuels.The cost of zero-emission shipping operations is modeled based on the lowest-cost green fuel in the Comprehensive Impact Assessment requested by the IMO(DNV 2024).Hence,for this analysis,e-ammonia,ammonia produced from renewable electricity,is used as a proxy.For ammonia,CAPEX is reflected in fleet investments to make vessels ammonia-capable,with the annuity of these capital outlays taken into account.OPEX includes bunkering,maintenance and repair,and crew training(DNV 2024).Fuel costs are considered separately and include raw material,production,distribution of fuel,and supply and demand considerations.The analysis was conducted using three types of scenarios,each with both high-and low-growth variants for transport demand:A BAU scenario,where the shipping fleet uses fossil fuels,and as a result does not meet the IMO goals An ammonia scenario,where the shipping fleet relies on e-ammonia to meet the IMO goals.Production costs for green ammonia are reflected in the fuel costs rather than in CAPEX costs A maximum energy efficiency scenario,where the shipping fleet reduces speed by 30 percent and employs energy efficiency measures,combined with e-ammonia to meet the IMO goals.Currently,the cost of using fossil-based marine fuel is about$200 billion per year.This is the baseline fuel cost,which would continue to grow due to an increase in trade demand,and,consequently,the fossil energy used by ships over time.To meet the IMOs interim GHG emissions targets,using e-ammonia as a green fuel is more expensive,primarily because it is priced higher than conventional fossil fuels.The total annual fuel cost of the shipping fleet could grow up to$600-700 billion by 2050.The annual cost of reaching the lower(Figure 3.1)and upper(Figure 3.2)end of IMOs interim reduction targets in 2030 and 2040 varies in accordance with the different ambition levels.Keys to Energy-Efficient Shipping27However,these transition costs can be lowered significantly by investing in energy efficiency measures.Increased investment and the application of energy efficiency measures can achieve a total cost reduction of up to nearly$220 billion per year,and up to$190 billion per year by 2050 compared to the ammonia scenario(see Figure 3.1).To save up to$270 billion in green ammonia fuel costs per year,an additional annualized investment of about$35 billion in energy efficiency across the fleet is required.Figure 3.1 Annual cost savings from deploying energy efficiency during the energy transition0100200300400500600700800203020402050USD(in billion)Costs without Energy EfficiencyCosts with Energy Efficiency$170 bnsavings$220 bnsavings$190 bnsavings Source:World Bank.Note:Represents annual savings in a High Demand growth scenario,when meeting the higher end of the IMO GHG reduction goals.Figure 3.2 and Figure 3.3 show the annual costs for reaching the lower and upper end of IMO GHG reduction goals.Meeting future emissions reduction goals with only e-ammonia results in an increase of up to$380-500 billion in 2050,depending on the transport demand.These costs can be significantly lowered by increased investment in energy efficiency measures.Keys to Energy-Efficient Shipping28Figure 3.2 Annual costs of meeting the lower end of the IMO GHG reduction goals203020402050203020402050203020402050800700600500400300200100-BAU(100%Fossil fuel)Fossil fuels(Low growth)Energy efficiency(Low growth)Fossil fuels(High growth-additional)Energy efficiency(High growth-additional)Candidate fuels(Low growth)Candidate fuels(High growth-additional)100%AmmoniaEE measures,30%speedreduction and ammoniaCosts(Billion USD)Source:World Bank.Total annual costs(in$billion)for the global shipping fleet for reaching the lower end of the IMO GHG reduction goals according to IMOs 2023 GHG Strategy.Keys to Energy-Efficient Shipping29Figure 3.3 Annual costs of meeting the higher end of the IMO GHG reduction goals203020402050203020402050203020402050800700600500400300200100-BAU(100%Fossil fuel)100%AmmoniaEE measures,30%speedreduction and ammoniaCosts(Billion USD)Fossil fuels(Low growth)Energy efficiency(Low growth)Fossil fuels(High growth-additional)Energy efficiency(High growth-additional)Candidate fuels(Low growth)Candidate fuels(High growth-additional)Source:World Bank.Total annual costs(in$billion)for the global shipping fleet for reaching the higher end of the IMO GHG reduction goals according to IMOs 2023 GHG Strategy.Remaining Barriers to Adopting Energy Efficiency Measures4Keys to Energy-Efficient Shipping31The existence of various barriers in shipping explains the low implementation rate of technical and operational energy efficiency improvements in todays global fleet.This chapter outlines the primary barriers to the uptake of energy efficiency measures.Two examples of promising measureswind-assisted propulsion and port call optimizationare used to highlight the barriers specific to these measures.Solutions currently being applied by shipping stakeholders are provided.4.1 UptakeThe industry lacks comprehensive data on the universal adoption of energy efficiency technologies,necessitating reliance on data samples to gauge the extent of their uptake.A cross-sectional survey of 275 shipowners and ship operators,covering 5,500 ships(Rehmatulla,Calleya,and Smith 2017),showed that while a variety of different technologies have been implemented,only a small number of those measures are widely adopted by a large proportion of shipowners.Amongst the hydrodynamic and machinery categories,pre-/post-swirl devices,15 propeller/rudder integration,energy-saving lighting,and engine tuning had the highest absolute level of implementation.In general,the survey found that the most widely implemented devices had only a small energy efficiency savings potential at the ship level,while measures with the highest savings potential(for example,air lubrication,contra-rotating propellers,and wind-assisted propulsion)had the lowest levels of implementation.Even for technologies with the highest uptake,the share was low,ranging from 11-18 percent for pre-/post-swirl devices and 20-26 percent for energy-saving lighting for the ships in the sample.RightShip introduced the design efficiency based GHG Rating(A-E)in 2012 to support supply chain decarbonization and have tracked the uptake of energy saving technologies across the global fleet drawing on verified data submitted by vessel operators.Analysis of a 7,000-vessel bulk carrier sample(60 percent of the in-service fleet)shows that the most prevalent energy efficiency technologies are hydrodynamic improvements(for example rudder optimization,hull ducts/fins,propeller boss cap fins)(RightShip 2025).Air lubrication,wind-assisted propulsion,and advanced low-friction anti-fouling coatings remain less common but have grown over the past five years.The entry into force of the 2023 EEXI regulation has also driven a marked increase in engine power limitation(EPL)and shaft power limitation,which may have contributed to reduced near-term investment in other energy efficiency technologies.Technologies that are less mature(such as wind-assisted propulsion)are expected to take longer to diffuse into the industry(Section 4.3.1 provides a deep dive of the barriers to uptake of wind-assisted propulsion).15 Pre-or post-swirl devices reduce fuel consumption by improving the flow around the propeller.Pre-swirl devices improve the flow conditions into the propeller and post-swirl devices improve the flow out of the propeller.Keys to Energy-Efficient Shipping324.2 Different barriersIn general,three different groups of barriers to energy efficiency can explain the low uptake of energy efficient measures to date:economic,behavioral,and organizational(Figure 4.1,described in more detail in Table 4.1).Economic barriers are explained by market failures and non-market failures.16 Market failures lead to an inefficient allocation of resources due to,for example,imperfect information(Sorrell and others 2000),whereas non-market failures are driven by responses to factors such as the cost of capital or technological risk.In return,behavioral barriers relate to decision makers non-financial behavior.These include their inability to process information,their inertia in adopting energy efficiency measures,their values about energy efficiency,and credibility and trust issues with an information provider or party they need to collaborate with to implemen
2025-10-29
136页
5星级
POCKET GUIDE 2025/2026 EMPLOYMENT 7 PRODUCTION 14 REGISTRATIONS 23 TRADE 37 VEHICLES ON ROADS 47 INFRASTRUCTURE 53 ROAD SAFETY 58 ENVIRONMENT 63 INNOVATION 72 TAXATION 76 ABOUT ACEA 88ACEAs Pocket Guide is the must-have resource for the latest intelligence on the automotive industry and market,updated annually.Following last years ambition to provide insight on the electric vehicle(EV)uptake,we have added a new chapter on infrastructure.The new edition paints a revealing picture for our industry as concerns about competitiveness rise in the context of an increasingly unpredictable trade environment.Despite these challenges,our industry continues to lead the way in R&D investment,with a sizeable 85 billion spent in 2023.Not only is that 12 billion more than the preceding year,but its double the amount invested by the next biggest sectoral investor a demonstration of our commitment to delivering on zero-emission road transport while keeping Europe a technology leader.EU car production slowed in 2024,reaching 11.5 million vehicles approximately 750,000 fewer than in the previous year a worrying signal as Europe struggles to maintain its appeal as a hub for automotive production.Commercial vehicle production also dropped by almost 10%.Overall,production remains far below pre-pandemic levels.Global car sales experienced a 2.7%increase last year,with Europes market share slightly rising to nearly 22%.EU car sales continued their ascending trend,with battery-electric models seeing their market share shrinking for the first time.Commercial vehicle registrations followed a similar trend,with electric vans and trucks remaining stagnant.Only buses sustained momentum,nearly doubling their share since 2021.We have brought around 290 electrically-chargeable models to the EU market today,but the share of vehicles on Europes roads with a plug remains markedly low,underscoring the need for more robust measures to stimulate the market and replace older vehicles.While most EU governments offer some form of incentive or tax scheme for EV buyers,less than half offer incentives for building charging infrastructure.With an average of five battery-electric cars per recharging point in the EU,three countries France,Germany,and the Netherlands account for almost 60%of all EU public recharging points.In 2024,the EU experienced a notable decline in both the value and volume of vehicle trade.Despite this,the value of EU vehicle exports exceeded imports,resulting in a trade 3THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/2026surplus of 94 billion for the European economy.The US and the UK remain the top two destinations in both units and value,underscoring the importance of safeguarding smooth trade with our top two partners.Trkiye is also becoming an increasingly important trade partner,not only for imports but also as an attractive export market.The EU also continues to lead the way in global road safety,with road fatalities decreasing by 1.3%compared to the previous period,with drops recorded in 16 member states.Our industrys continued investment in vehicle automation and safety will bring further road safety benefits as newer models hit the road.The sector also made strides in improving our environmental footprint.CO2 production emissions per vehicle hit new lows and have now fallen by a significant 53%since 2005.Production water usage per vehicle also sank,having now fallen by more than 54%for the same period.While there are some positive takeaways from this years edition,the challenges our industry faces are unprecedented.Not only do we face an electric vehicle market struggling to progress as expected,but also a perfect storm of fierce competition,soaring trade tensions,rising business costs,and a complex EU regulatory framework.The ACEA Pocket Guide emphasises the importance of ensuring that critical industries thrive by allowing for investment and trade to occur freely.Sigrid de VriesACEA Director GeneralThe upcoming Strategic Dialogue meetings with EU leaders will be a game-changer in ensuring that the right conditions are in place to maintain our industrys competitiveness,while delivering on climate goals.Whether its trade,investment,road safety,employment,or beyond,our industry touches many facets of our everyday lives,keeping businesses and society on the move.Amongst the flux in the world,our ambition remains the same:ACEAs Pocket Guide continues to act as a reliable and trustworthy resource in guiding both law makers and industry on the road to a more competitive and sustainable shared future.The ACEA Pocket Guide underlines why it is so important to ensure critical industries like ours are allowed to thrive by investing and trading freely.A holistic and coordinated industrial strategy that exceeds other regions ambitions and puts in place the right conditions for competitiveness matters.4 EMPLOYMENTMotor vehicle manufacturing(EU)2.5 million jobs=8.1%of EU manufacturing employment2023Total(EU manufacturing,services,and construction)13.6 million jobs=6.9%of EU employment 2023 PRODUCTIONMotor vehicles(global)92.8 million units2024Motor vehicles(EU)13.8 million units=14.9%of global vehicle production2024Passenger cars(global)75.5 million units2024Passenger cars(EU)11.4 million units=15.1%of global car production2024 REGISTRATIONSMotor vehicles(global)92 million units2024Motor vehicles(EU)10.6 million units=13.7%of global vehicle registrations2024Passenger cars(global)74.8 million units2024Passenger cars(EU)9.3 million units=14.2%of global car registrations2024New cars by power source(EU)battery electric 13.6%,petrol 33.3%market share2024New vans by power source(EU)electric 6.1%,diesel 84.5%market share2024New trucks by power source(EU)electric 2.3%,diesel 95.1%market share2024New buses by power source(EU)electric 18.5%,diesel 63.1%market share2024 TRADEMotor vehicle exports(extra-EU)178.2 billion2024Motor vehicle imports(extra-EU)84.3 billion2024Trade balance(extra-EU)93.9 billion20245 VEHICLES ON ROADSMotor vehicles(EU)285.6 million units2023Passenger cars(EU)248.8 million units2023Motorisation rate(EU)646 vehicles per 1,000 inhabitants2023Average age of cars(EU)12.5 years2023Average age of vans(EU)12.7 years2023Average age of trucks(EU)14.1 years2023Average age of buses(EU)12.2 years2023 INFRASTRUCTURERecharging points(EU)882,020 units2024 ROAD SAFETYRoad fatalities per million inhabitants(EU)46 people 2023Road fatalities(EU)-15.4%since 20142023 ENVIRONMENTCO2 emissions from new cars(EU)108g CO2/km2024CO2 emissions from car production-62.1%since 20052024 INNOVATIONAutomobiles and parts sector(EU)84.6 billion=34%of the EUs total R&D spending2023 TAXATIONFiscal income from motor vehicles (EU major markets)414.7 billion20246THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/20267SOURCE:EUROSTATEU AUTOMOTIVE SECTOR:DIRECT AND INDIRECT EMPLOYMENT In thousands,202313.1m manufacturing jobs11.1m indirect jobs2.5m direct jobs13.6m jobs10.4m non-manufacturing jobsINDIRECT MANUFACTURING687Computers and peripheral equipment61 Electric motors,generators,and transformers626DIRECT MANUFACTURING 2,452 Motor vehicles 1,094 Bodies(coachwork),trailers,and semi-trailers 165 Parts and accessories1,193 2.5m jobs0.7m jobsAUTOMOBILE USE4,187Sale of vehicles 1,465 Maintenance and repair of vehicles 1,434Sale of vehicle parts and accessories658 Retail sale of automotive fuel in specialised stores418 Renting and leasing of vehicles213 TRANSPORT5,350 Freight transport by road3,490Other passenger land transport1,860CONSTRUCTION887 Roads,bridges,and tunnels28874.2m jobs5.4m jobs0.9m jobs8EMPLOYMENTThe EU auto sector employs about 14 million across the value chain1.Provisional2.Including railwaysEMPLOYMENT9SOURCE:EUROSTATThe EU auto sector accounts for around 7%of the blocs employmentEU AUTOMOTIVE SECTOR EMPLOYMENT In million jobs,201920231 Direct manufacturing Indirect manufacturing Automobile use Transport Construction1.Provisional data for 2023.Historical data can be subject to revision in case of updates from Eurostat0246810121420192020202120222023 0.6% 2.6%-2.0% 1.0% 1.9EMPLOYMENTThe EU automotive sector accounts for over 10%of EU manufacturing jobsAUTOMOTIVE SHARE OF EU MANUFACTURING JOBS%share,20231SOURCE:EUROSTAT1.ProvisionalIndirect automotiveNon-automotive 2.3%0.7m2.5m27m3.1m89.6%Direct automotive8.1.4%Automotive11EMPLOYMENTThe EU auto industry accounts for over 10%of manufacturing jobs in six member states1.ProvisionalEU DIRECT AUTOMOTIVE EMPLOYMENT Share of total manufacturing by country,20231SOURCE:EUROSTAT018%8%6%4%2%SlovakiaRomaniaSwedenCzechiaHungaryGermanyEUROPEAN UNIONPolandSloveniaSpainFranceBelgiumPortugalBulgariaAustriaMaltaItalyEstoniaLithuaniaNetherlandsFinlandLatviaDenmarkIrelandCroatiaLuxembourgGreeceCyprus15.7.7.9.6.5.0%7.8%7.0%7.0%6.7%5.9%5.7%5.2%5.1%4.8%4.3%3.4%3.1%2.9%2.3%2.1%1.2%1.1%0.9%0.6%0.4%0.2%8.1EMPLOYMENTEU auto makers directly employ around 2.5 million Europeans in automotive manufacturingDIRECT EU AUTOMOTIVE MANUFACTURING EMPLOYMENT 202311.ProvisionalSOURCE:EUROSTAT7,732FINLAND150,299SPAIN887,386GERMANY172,410CZECHIA76,802SLOVAKIA104,652HUNGARY159,907ROMANIA25,497BULGARIA223,591POLAND3,680ESTONIA2,375LATVIA7,103LITHUANIA42,892PORTUGAL87,283SWEDEN214,958FRANCE167,588ITALY85CYPRUS1,168MALTA1,683GREECE37,498AUSTRIA15,714SLOVENIA2,475CROATIA30,173BELGIUM21,470NETHERLANDS2,990IRELAND4,047DENMARK200LUXEMBOURG2,451,658EU13EMPLOYMENTEach EU automotive manufacturing worker produces an average of six vehicles annuallyVEHICLE PRODUCTION PER DIRECT AUTOMOTIVE MANUFACTURING EMPLOYEE By country,20231SOURCE:EUROSTAT,S&P GLOBAL MOBILITY1.Based on employment most recent data available018161412108642SpainSlovakiaBelgiumNetherlandsCzechiaFrancePortugalItalyGermanyHungaryFinlandSloveniaSwedenRomaniaAustriaPoland16.414.011.29.68.17.47.45.25.04.93.93.93.73.22.92.7EUROPEAN UNION6.0THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/202614SOURCE:S&P GLOBAL MOBILITYGLOBAL VEHICLE PRODUCTION In million units,%share,20092024 Greater China Europe North America Japan&South Korea South Asia South America Middle East&Africa15PRODUCTIONChina is the worlds top vehicle producer,manufacturing one-third of vehicles globally20092014201920240510152025303523%8%6%3#%9%4%2(4#%4%3%2%2PRODUCTIONSOURCE:S&P GLOBAL MOBILITYGlobal car production slightly contracted in 2024 compared to the previous yearGLOBAL CAR PRODUCTION In million units,%change,%share,20152024 Greater China Europe Japan&South Korea North America South Asia South America Middle East&Africa908070605040302010201520162017201820192020202120220 2.6% 5.7% 2.1%-16.7%-0.5 23 10.7%-6.2% 8.5%-1.6% 2.75.7.1.5.0.4%2.9%2.4 2417PRODUCTIONGlobal commercial vehicle production decreased by 5%in 2024GLOBAL COMMERCIAL VEHICLE 1 PRODUCTION In million units,%change,%share,201520241.Includes busesSOURCE:S&P GLOBAL MOBILITY2220181614121086420201520162017201820192020202120222023 2.9% 1.1%-11.7% 7.4%-2.5%-2.5% 6.0% 2.3%-4.2%-5.0.6$.7.1.5%7.0%5.7%2.4%North America Greater China Europe South Asia Japan&South Korea South America Middle East&Africa202418PRODUCTIONAbout 14 million vehicles were made in the EU in 2024,about 1 million less compared to 2023EU VEHICLE PRODUCTION 2024SOURCE:S&P GLOBAL MOBILITY46FINLAND22,7602,01033,809SWEDEN270,807LITHUANIAAUSTRIA72,33525SLOVENIA60,9031,44555,066224,454ITALY309,3361,872,988467,4691,40032,554SPAIN849,437498,5762,70368,270FRANCE229,09592,0421732,205PORTUGAL435,541839HUNGARY473,110ROMANIASLOVAKIA1,446,8554,2901,429CZECHIA224,017336,3477,01943,885POLAND4,497142,087198,021GERMANY3,942,396197,62420138,413BELGIUM7,51564960,319NETHERLANDS4993,75084,294CARSTRUCKS2BUSESVANS1EU11,408,4691,901,203478,10325,2551.Light commercial vehicles up to 3.5 tonnes2.Medium and heavy commercial vehicles over 3.5 tonnes2019PRODUCTIONEU car production fall substancially in 2024 compared to the previous yearEU CAR PRODUCTION In million units,%change,20152024SOURCE:S&P GLOBAL MOBILITY4812162015201620172018201920202021202220230 2.0% 7.6% 1.2%-6.7%-6.2%-23.5%-3.7% 11.6%-1.9% 8.4 2420PRODUCTIONThe EU battery-electric car production increased exponentially these past ten yearsEU BATTERY-ELECTRIC CAR PRODUCTION In units,%change,2015-2024SOURCE:S&P GLOBAL MOBILITY-4.0% 25.9% 13.1% 36.1% 58.4% 79.1% 120.8% 60.5% 40.1% 41.0 152016201720182019202020212022202320240200,000400,000600,000800,0001,000,0001,200,0001,400,0001,600,0001,800,00021PRODUCTIONEU commercial vehicle production slipped dramatically in 2024EU COMMERCIAL VEHICLE PRODUCTION In million units,%change,201520241.Light commercial vehicles up to 3.5 tonnes2.Medium and heavy commercial vehicles over 3.5 tonnesSOURCE:S&P GLOBAL MOBILITY2.52.01.51.00.502015201620172018201920202021202220233.0 3.8% 8.4% 8.5% 3.4%-20.9%-1.8% 4.0%-1.6%-9.5% 20.5%Vans1 Trucks2 Buses202422PRODUCTION254 automotive plants operate in the EU1.Battery-electric vehicleAUTOMOBILE ASSEMBLY,BATTERY,AND POWERTRAIN PLANTS 2025SOURCE:ACEAFINLAND32SWEDEN615FRANCE3413ITALY251CROATIA11SLOVENIA22AUSTRIA574ROMANIA63PORTUGAL2011SPAIN105HUNGARY51SLOVAKIA85CZECHIA5026GERMANY156POLAND3BELGIUM64NETHERLANDS104015UNITED KINGDOMCARSVANSTRUCKSBUSESPOWERTRAINSBATTERIESTOTALEU UK1022930426065254 All plants BEV1 production11LITHUANIATHE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/202623SOURCE:S&P GLOBAL MOBILITYGLOBAL NEW VEHICLE REGISTRATIONS In million units,%share,2009202424REGISTRATIONSEurope accounts for a fifth of global vehicle sales Greater China North America Europe South Asia Japan&South Korea Middle East&Africa South America200920142019202405101520253021 (%8%9%7%7(!%9%8%6%6)0#!%9%7%7%4%5%5%5%REGISTRATIONSEurope accounts for about 22%of global car sales,up from 21%in 2022SOURCE:S&P GLOBAL MOBILITYGLOBAL NEW CAR REGISTRATIONS In million units,%change,%share,20152024 Greater China Europe North America South Asia Japan&South Korea Middle East&Africa South America201520162017201820192020202120222023 3.0% 5.2% 2.5%-15.3% 10.2%-4.9% 4.0%-0.21.2!.6 .6.7%6.8%5.1%4.002030405060708090-0.9 24 2.7®ISTRATIONSEurope accounts for more than 18%of global commercial vehicles salesSOURCE:S&P GLOBAL MOBILITYGLOBAL NEW COMMERCIAL VEHICLE 1 REGISTRATIONS In million units,%change,%share,201520241.Includes buses 105101520201520162017201820192020202120222023 1.5% 1.4%-7.5%-1.7% 9.3%-1.1% 4.3%-10.4.2$.3.2.5%7.9%5.3%4.6% 1.8%North America Greater China Europe South Asia South America Japan&South Korea Middle East&Africa2024-0.9REGISTRATIONSAuto makers sold around 12.6 million new vehicles in the EU in 2024SOURCE:ACEANEW EU VEHICLE REGISTRATIONS By country,in thousand units,202414FINLAND7445SWEDEN27042AUSTRIA2545LUXEMBOURG4711CROATIA6512GREECE1371MALTA8234ITALY 1,5593CYPRUS1576BELGIUM448437FRANCE 1,71811SLOVENIA53437BULGARIA15129ROMANIA21040PORTUGAL1,017202SPAIN12230HUNGARY9313SLOVAKIA23232CZECHIA2,817375GERMANY55297POLAND381149NETHERLANDS12134IRELAND17333DENMARK255ESTONIA174LATVIA3010LITHUANIAPC1CV&BC2EU10,6321,9501.Passenger cars2.Commercial vehicles,and buses and coaches28REGISTRATIONSSOURCE:EUROPEAN COMMISSION,S&P GLOBAL MOBILITYVehicle sales largely mirror economic trendsNEW VEHICLE REGISTRATIONS AND GDP IN THE EU 20172026 New EU vehicle registrations(million units)EU GDP(annual%change)2017201820192020202120222023202420252026-8%-6%-4%-2%0%2%4%6%81011121314151629REGISTRATIONSSOURCE:ACEAEU car sales remained stable in 2024NEW EU CAR REGISTRATIONS In million units,%change,2015202448121620152016201720182019202020212022202320240 5.4% 10.0% 1.6% 1.9% 13.9% 7.8%-4.5%-2.4%-23.7% 0.80REGISTRATIONSEU commercial vehicle sales rose again in 2024,by 5.5%SOURCE:ACEANEW EU COMMERCIAL VEHICLE REGISTRATIONS In million units,%change,20152024 Vans1 Trucks2 Buses3 2.52.01.51.00.520152016201720182019202020212022202320240 14.3% 11.4% 5.1% 4.2% 2.4%-14.7%-18.9% 9.6% 5.5% 15.1%1.Light commercial vehicles up to 3.5 tonnes2.Commercial vehicles over 3.5 tonnes3.Buses and coaches over 3.5 tonnes 31REGISTRATIONSOne car is sold for every 42 persons in the EU annuallyNEW CARS PER 1,000 INHABITANTS By country,in units,2024SOURCE:ACEA,EUROSTATIrelandCzechiaSpainPortugalEstoniaSlovakiaCroatiaCyprusPolandMaltaFinlandGreeceHungaryLithuaniaLatviaRomaniaBulgaria25232121212018171716151413131310987020406080NetherlandsSloveniaLuxembourgBelgiumGermanyDenmarkAustriaItalySwedenFrance6938342928262526EUROPEAN UNION2432REGISTRATIONSSmall and medium cars make up around 41%of EU salesSOURCE:S&P GLOBAL MOBILITYNEW EU CAR SALES BY SEGMENT In million units,%share,20152024 Small(A B)Lower medium(C)Upper medium(D)Luxury(E F)MPV1 SUV205101553%4%2%7 232024202220212020201920182017201620151.Multi-purpose vehicles2.Sport utility vehicles 33REGISTRATIONSThe EU market share of battery-electric cars has contracted for the first time in 2024SOURCE:ACEA1.Includes extendedrange electric vehicle2.Includes full and mild hybrids3.Includes natural gas,LPG,ethanol,and fuel-cell electric vehiclesNEW EU CAR SALES BY POWER SOURCE Market share,20212024 Petrol Diesel Battery electric Plug-in hybrid1 Hybrid electric2 Alternative fuels3 Total alternatively-powered vehicles20233.0%7.7.6.65.3%.8 2120222.8%3.0%8.9%9.4%9.1.1.6.49.96.4.8.7.6G.3Q.1 243.1%7.1.6.93.30.9T.84REGISTRATIONSSOURCE:ACEAThe EU market share of electrically-chargeable vans declined to 6%in 2024NEW EU VAN1 SALES BY POWER SOURCE Market share,202120241.Light commercial vehicles up to 3.5 tonnes2.Includes battery and plug-in hybrid vehicles3.Includes full and mild hybrids4.Includes natural gas,LPG,ethanol,and fuel-cell electric vehicles Diesel Petrol Electrically chargeable2 Hybrid electric3 Alternative fuels4 Total alternatively-powered vehicles20232.3%1.5%6.3.7%7.2 211.7%1.4%3.8.2%3.0 222.5%1.2%5.2.7%5.4%6.1%9.1.0 242.0%1.5%6.0.5%6.1%9.65REGISTRATIONSThe market share of alternatively-powered trucks was relatively stable at around 5%SOURCE:ACEA1.Data for Bulgaria and Malta not available2.Commercial vehicles over 3.5 tonnes3.Includes battery and plug-in hybrid vehicles4.Includes full and mild hybrids5.Includes natural gas,LPG,ethanol,and fuel-cell electric vehiclesNEW EU1 TRUCK2 SALES BY POWER SOURCE Market share,20212024 Diesel Petrol Electrically chargeable3 Hybrid electric4 Alternative fuels5 Total alternatively-powered vehicles20210.5%0.02%0.1.9%3.6 220.8%0.02%0.05.2%3.0 230.1%2.6%0.04.0%2.3%4.1%3.8%4.9 240.03%2.6%0.03.1%2.3%4.96REGISTRATIONSThe market share of electrically-chargeable buses has nearly doubled in four yearsSOURCE:ACEA1.Data for Bulgaria and Malta not available2.Buses and coaches over 3.5 tonnes3.Includes battery and plug-in hybrid vehicles4.Includes full and mild hybrids5.Includes natural gas,LPG,ethanol,and fuel-cell electric vehiclesNEW EU1 BUS2 SALES BY POWER SOURCE Market share,20212024 Diesel Petrol Electrically chargeable3 Hybrid electric4 Alternative fuels5 Total alternatively-powered vehicles12.8%9.1b.1.9.3.4%0.003h.8.6%7.1.4%0.02%0.1f.9.6 212022202331.23.17.8%9.8%8.5c.1.5%0.01 2436.8%THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/202637The trade surplus generated by the EU auto industry fell by 6%in 20241.Commercial vehicles up to 5 tonnes2.Commercial vehicles over 5 tonnesSOURCE:EUROSTATEU NEW VEHICLE TRADE By type,in million,2024TRADE38Trade in valueCarsVans1Trucks2BusesTOTAL2024Imports73,2306,2772,1052,66584,276Exports154,9538,61113,885744178,192Trade balance81,7232,33411,780-1,92193,9162023Imports80,2636,8243,1622,48792,736Exports166,8599,30316,031913193,106Trade balance86,5962,47912,869-1,574100,370%change 24/23Imports-8.8%-8.0%-33.4% 7.2%-9.1%Exports-7.1%-7.4%-13.4%-18.5%-7.7%Trade balance-5.6%-5.8%-8.5% 22.1%-6.49TRADEEU vehicle imports and exports declined by 5%and 7%respectively1.Commercial vehicles up to 5 tonnes2.Commercial vehicles over 5 tonnesEU NEW VEHICLE TRADE By type,in units,2024SOURCE:EUROSTATTrade in volumeCarsVans1Trucks2BusesTOTAL2024Imports3,421,231303,969137,06145,5273,907,788Exports4,559,785407,453173,93017,8595,159,0272023Imports3,612,113359,908116,42015,4424,103,883Exports4,874,209461,065220,80513,4205,569,499%change 24/23Imports-5.3%-15.5% 17.7% 194.8%-4.8%Exports-6.5%-11.6%-21.2% 33.1%-7.4TRADEThe value of EU vehicle imports has decreased for three out of the five main countries of originMAIN COUNTRIES OF ORIGIN OF EU NEW VEHICLE IMPORTS In million,20202024SOURCE:EUROSTAT2020202120222023202402,0004,0006,0008,00010,00012,00014,00016,000 Trkiye China United Kingdom Japan South Korea41TRADE0.10.20.30.40.50.60.70.80.9China,Trkiye,and the UK are the top three countries of origin for EU vehicle imports(in units)MAIN COUNTRIES OF ORIGIN OF EU NEW VEHICLE IMPORTS In million units,2024SOURCE:EUROSTATChinaTrkiyeJapanMoroccoMexicoThailandUnitedKingdomSouthKoreaSouth AfricaUnitedStates 2.1%-0.9% 2.8% 9.1 23 20240-9.6%-18.5%-11.8%-14.4%-30.5%-16.9BTRADEThe US and the UK are the two most valuable markets for EU vehicle exportsMAIN DESTINATIONSFOR EU NEW VEHICLE EXPORTS In million,20202024SOURCE:EUROSTAT2020202120222023202405,00010,00015,00020,00025,00030,00035,00040,00045,000 United Kingdom United States China Trkiye Switzerland43TRADEThe UK,the US,and Trkiye are the top three destinations for EU vehicle exports(in units)SOURCE:EUROSTATMAIN DESTINATIONS FOR EU NEW VEHICLE EXPORTS In million units,2024ChinaNorwayAustraliaCanada00.20.40.60.81.01.21.41.6South Korea-5.0%-11.5%-11.1%UnitedKingdomUnited StatesTrkiyeJapan 2023 2024-2.5%-10.5%-3.2%-28.1%-1.7%-13.1%-26.2%Switzerland44TRADEChina is the top country of origin by value for EU battery-electric car importsMAIN COUNTRIES OF ORIGIN OF EU BATTERY-ELECTRIC CAR IMPORTS In million,20202024SOURCE:EUROSTAT20202021202220232024 China South Korea Japan United States United Kingdom02,0004,0006,0008,00010,00012,00045TRADE1,0002,0003,0004,0005,0006,0007,0008,0009,000The UK and the US are the most valuable markets for EU battery-electric car exportsMAIN DESTINATIONS OF EU BATTERY-ELECTRIC CAR EXPORTS In million,20202024SOURCE:EUROSTAT United Kingdom United States Norway Trkiye Switzerland20202021202220232024046TRADEMore than one-third of EU vehicle exports go to other European(non-EU)countriesSOURCE:EUROSTATDESTINATIONS FOR EU NEW VEHICLE EXPORTS Value market share,2024SOURCE:EUROSTATSouth AmericaCentral AmericaAsiaOceania1.5%1.8.9%2.6TA UK Eastern Europe(non-EU)North America41.5$.1rica4.1%Middle East5.5%THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/202647VEHICLES ON ROADS48VEHICLES ON ROADSThere are 646 vehicles per 1,000 inhabitants in the EUVEHICLES PER 1,000 EU INHABITANTS 1 2023SOURCE:ACEA1.Data for Bulgaria and Malta not availableItalyLuxembourgCzechiaFrancePortugalSloveniaPolandAustriaGermanyNetherlandsBelgiumSlovakiaFinlandEstoniaCroatiaDenmarkSwedenIrelandLithuaniaHungaryRomaniaLatvia818789785687681674656639635635634600596588575569561544541539531500496431CyprusSpain200300400500600700800900EUROPEAN UNION646645Greece49VEHICLES ON ROADSThere are almost 250 million vehicles on EU roadsEU VEHICLE FLEET:SIZE AND SEGMENT DISTRIBUTION In million units,20142023SOURCE:ACEA Passenger cars Commercial vehicles and buses11.Includes light,medium,and heavy commercial vehicles,and buses and coaches150200250300248.836.82015201620172018201920202021202220232014 1.8% 0.7% 2.2% 2.4% 2.0% 1.1% 1.4% 1.1% 1.40-0.7PVEHICLES ON ROADSTrucks have the highest average age of all vehicle typesAVERAGE AGE OF EU VEHICLE FLEET By country,in years,2023SOURCE:ACEA1.Light commercial vehicles up to 3.5 tonnes2.Medium and heavy commercial vehicles over 3.5 tonnes3.Buses and coaches over 3.5 tonnesCARSTRUCKS2BUSES3VANS1EU AVERAGE12.512.714.112.213.114.913.213.7FINLAND7.011.09.4SWEDEN8.48.49.68.1DENMARK5.86.89.37.0AUSTRIA10.010.011.510.4SLOVENIA13.819.512.814.8ITALY17.622.617.521.1GREECE10.49.911.910.3NETHERLANDS11.616.59.99.2BELGIUM6.57.58.07.0LUXEMBOURG7.89.411.210.9FRANCE12.08.811.510.7IRELAND14.214.411.714.9SPAIN13.616.013.915.5PORTUGAL13.010.69.815.2ESTONIA14.411.410.913.4LATVIA14.713.512.89.5LITHUANIA15.114.716.213.2POLAND10.39.68.110.6GERMANY16.214.615.018.4CZECHIA15.113.710.915.9SLOVAKIA15.013.211.312.4HUNGARY15.416.317.516.2ROMANIA13.411.612.014.5CROATIA51VEHICLES ON ROADSThe average age of cars,vans,and trucks is rising,while that of buses is decliningSOURCE:ACEAEVOLUTION OF AVERAGE AGE OF EU FLEET By vehicle type,in years,20212023Cars12.512.312.0Vans12.712.512.0Trucks14.113.914.2Buses12.212.512.710.011.012.013.014.015.052VEHICLES ON ROADSLess than 4%of cars on EU roads are electrically chargeableSHARE OF ALTERNATIVELY-POWERED VEHICLES IN THE EU FLEET By segment,%share,2023SOURCE:ACEA1.Includes battery and plug-in hybrid electric vehicles2.Includes full and mild hybrids Cars Vans Trucks Buses0.00.51.01.52.02.53.03.54.04.55.0Electrically chargeable1Hybrid electric2Natural gas and LPG3.9%3.2%3.2%1.3%0.2%1.4%0.1%0.05%0.8%3.0%2.2%4.2%THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/202653INFRASTRUCTURE54INFRASTRUCTUREThree EU countries(France,Germany,and the Netherlands)account for almost 60%of all EU public charging pointsRECHARGING POINTS ACROSS EUROPE In thousand units,2024SOURCE:EAFO05010015020053.8SWEDEN2.5ICELAND3.6IRELAND76.8BELGIUM183.0NETHERLANDS2.7LUXEMBOURG12.1PORTUGAL45.2SPAIN155.9FRANCE58.2ITALY1.8CROATIA7.0GREECE0.1MALTA0.5CYPRUS3.0BULGARIA4.6ROMANIA30.4AUSTRIA2.2SLOVENIA4.2HUNGARY17.5SWITZERLAND3.2SLOVAKIA6.4CZECHIA9.6POLAND1.1ESTONIA1.2LATVIA2.9LITHUANIA160.0GERMANY88.1UNITED KINGDOM16.7FINLAND30.2NORWAY35.9DENMARK55INFRASTRUCTUREOn average,there is one public charging point per every five cars in the EUSOURCE:ACEA,EAFOBATTERY-ELECTRIC CARS ON ROADS PER RECHARGING POINT 2023 EU averageNorwayIrelandUnited KingdomIcelandHungarySwitzerlandGermanyPortugalLuxembourgRomaniaSloveniaDenmarkFranceEstoniaSwedenLatviaPolandAustriaFinlandCroatiaItalyLithuaniaCzechiaCyprusSpainSlovakiaNetherlandsBelgiumGreece05.010.015.020.025.0EU56INFRASTRUCTUREThere is less than one public charging point per 1,000 inhabitants in over half of EU member statesSOURCE:EAFO,EUROSTATRECHARGING POINTS PER 1,000 INHABITANTS 202410.26.66.56.05.45.13.93.33.0NetherlandsIcelandBelgiumDenmarkNorwaySwedenLuxembourgAustriaFinland0246810122.31.91.91.31.11.01.01.00.90.80.70.70.60.60.60.50.50.50.40.30.20.2FranceEUROPEAN UNIONSwitzerlandGermanyUnited KingdomPortugalLithuaniaSloveniaItalySpainEstoniaGreeceIrelandLatviaSlovakiaCzechiaCyprusCroatiaBulgariaHungaryPolandRomaniaMalta2.057INFRASTRUCTUREThere are less than 300 hydrogen refilling points in the EUSOURCE:EAFOHYDROGEN(H2)REFILLING POINTS IN THE EU 2024INFRASTRUCTURE High pressure(700 bar)Low pressure(350 bar)1551142016201720182019202020212022202320242015050100150200250300THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/20265859ROAD SAFETYThe EU has by far the best road safety record in the worldSOURCE:CARE(COMMUNITY ROAD ACCIDENT)DATABASE,WHO GLOBAL HEALTH OBSERVATORYROAD FATALITIES PER MILLION INHABITANTS By region1,2021,20231.WHO regions 2.Calculated by ACEA using data by country 147 road fatalities per million inhabitantsWORLDWestern PacificSouth-EastAsia152161Others(Europe)2AmericaEuropeanUnion8414146AfricaEasternMediterranean19416460ROAD SAFETYRoad fatalities have fallen significantly since 2011 despite an increase in the number of cars on EU roadsSOURCE:ACEA,CARE(COMMUNITY ROAD ACCIDENT)DATABASENUMBER OF EU VEHICLES AND ROAD FATALITIES 20142023 EU road fatalities(in thousands)Vehicles on EU roads(in millions)240250260270280290300141618202224262014201520162017201820192020202120222023-15.4% 13.5$.1251.724.4256.3261.923.823.4268.3273.823.322.8271.818.8274.819.9278.5281.620.720.4285.661ROAD SAFETYAverage EU road fatalities have plummeted by around a quarter since 2013SOURCE:CARE(COMMUNITY ROAD ACCIDENT)DATABASEROAD FATALITIES PER MILLION INHABITANTS By country,2013,2023 2013 2023 EU average 2013 EU average 2023020406080100BulgariaRomaniaLatviaCroatiaGreecePortugalLithuaniaItalyPolandHungarySlovakiaFranceCzechiaAustriaEstoniaGermanyNatherlandsFinlandMaltaDenmarkSwedenBelgiumLuxembourgSloveniaSpainCyprusIreland465562ROAD SAFETYEU road fatalities declined by 1%in 2023SOURCE:CARE(COMMUNITY ROAD ACCIDENT)DATABASEROAD FATALITIES IN THE EU By country,2023 Road fatalities%change 23/22%change 23/2220,396EU-1.3%FINLAND183-6.6%SWEDEN229 0.9%NETHERLANDS608-7.2%LUXEMBOURG26-27.8%FRANCE3,167-2.9%MALTA16-42.9%ITALY3,039-3.8%CROATIA274-0.4%CYPRUS34-8.1NMARK162 5.2LGIUM501-7.2%SLOVENIA82-3.5%AUSTRIA402 8.6%POLAND1,893-0.2%ESTONIA59 20.4%GERMANY2,839 1.8%LATVIA142 25.7%HUNGARY472-12.1%ROMANIA1,545-5.4%CZECHIA502-4.7%SPAIN1,806 3.4%PORTUGAL642 3.9%GREECE637-2.6%LITHUANIA160 33.3%IRELAND184 18.7%BULGARIA526-0.9%SLOVAKIA2660.0%THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/20266364ENVIRONMENTIn almost two-thirds of European countries,cars have emitted less CO2 than in 2023CO2 EMISSIONS FROM NEW CARS BY COUNTRY In g CO2/km,202411.ProvisionalSOURCE:EEAFINLAND64.8 6.1%SWEDEN62.0-1.2%NETHERLANDS65.3-11.8%LUXEMBOURG99.2-7.1%FRANCE94.1-2.8%ITALY119.8-0.3%CROATIA126.0-0.9%CYPRUS95.9-24.1NMARK60.3-17.4%NORWAY11.8-20.1LGIUM78.9-7.6%SLOVENIA128.6 3.9%AUSTRIA105.8 1.5%POLAND133.4 0.3%ESTONIA131.8-2.2%GERMANY117.2 3.7%LATVIA129.4-2.0%HUNGARY123.8-2.8%ROMANIA121.2 4.3%CZECHIA132.7-2.5%SPAIN117.6 0.1%PORTUGAL87.1-3.4%GREECE108.8-3.5%LITHUANIA128.3-1.3%IRELAND107.1 14.3%BULGARIA131.4 1.6%SLOVAKIA137.7 2.1%ICELAND92.5 48.2%MALTA-17.8u.1EU 0.38.0EU ICELAND NORWAY 0.36.9 20241 average emissions(g CO2/km)%change 24/23%change 24/23 65ENVIRONMENT 130g CO2/km 96130g CO2/km 95g CO2/kmLess than a quarter of new cars emit 95g CO2/km or lessNEW CARS BY EMISSION CLASSES IN THE EU In million units,%share,2017202411.Provisional;from 2021 onwards the WLTP will replace fully the NEDC for the purpose of the CO2 emission standardsSOURCE:EEA1086422017201820192020202120222023012#&0%9 !#$9898fdaYB9 24122B5fENVIRONMENTCO2 emissions from new cars are down by 7%since 2021CO2 EMISSIONS FROM NEW CARS IN THE EU In g CO2/km,%change,2015202411.Provisional;NEDC(2015-2020),WLTP(2021-2024)SOURCE:EEA808590951001051101151201251302015201620172018201920202021 1.6%-3.2%-1.3% 1.8% 0.3 222023-11.3% 7.0% 0.3%-5.0%-2.1 24167ENVIRONMENTCar makers have slashed production energy use per unit by over 16%since 2005 Energy total(million MWh/year)Energy per unit produced(MWh/car)Car production trend CAR PRODUCTION:ENERGY CONSUMPTION 20052024SOURCE:ACEA202530354045502.02.22.42.62.83.03.2million MWhMWh/car-32.1%-16.4 052007200920112013201520172019202120222023202468ENVIRONMENTCar makers have cut production CO2 emissions per unit by over half since 2005 Total CO2 emissions(million t/year)CO2 emissions per unit produced(t/car)Car production trendCAR PRODUCTION:CO2 EMISSIONS 20052024SOURCE:ACEA4.05.06.07.08.09.010.011.012.013.014.00.20.30.40.50.60.70.80.91.01.11.2-53.4%million tonnestonnes/car-62.1 052007200920112013201520172019202120222023202469ENVIRONMENTCar makers have reduced production water use per unit by over half since 2005 Total water(million m/year)Water per unit produced(m/car)Car production trend CAR PRODUCTION:WATER CONSUMPTION 20052024SOURCE:ACEA1020304050607080901002.02.53.03.54.04.55.05.56.06.5m3/carmillion m3-54.2%-62.8 052007200920112013201520172019202120222023202470ENVIRONMENTLevels of car manufacturing waste largely follow production trends Total waste(million t/year)Waste per unit produced(kg/car)Car production trendCAR PRODUCTION:WASTE 1 200520241.Excluding scrap metal and demolition wasteSOURCE:ACEA0.00.20.40.60.81.01.21.41.66065707580859095100million tonneskg/car-32.6%-17.0 052007200920112013201520172019202120222023202471ENVIRONMENTCar makers have reduced production VOC emissions per unit by over half since 2005SOURCE:ACEA VOC emissions total(thousand t/year)VOC emissions per unit produced(kg/car)Car production trend CAR PRODUCTION:VOC 1 EMISSIONS 200520241.Volatile organic compounds0102030405060701.01.52.02.53.03.54.04.5-63.2%-54.7%thousand tonneskg/car200520072009201120132015201720192021202220232024THE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/20267273INNOVATIONEU auto makers account for a third of all EU R&D investmentSECTORAL R&D SHARE IN THE EU%share,2023SOURCE:THE 2024 EU INDUSTRIAL R&D INVESTMENT SCOREBOARDHealthcare equipment&servicesChemicalsBanksIndustrial engineeringAerospace&defenceElectronic&electrical equipmentSoftware&computer servicesAutomobiles&partsOthersTechnology hardware&equipment3%3%3%4%3%5%6%94%Pharmaceuticals&biotechnology74INNOVATION102030405060708090EU auto makers invest around 85 billion annually in R&D,more than twice the amount as the pharmaceutical and biotech sectorEU R&D INVESTMENT IN THE TOP 10 INDUSTRIAL SECTORS In billion,2023SOURCE:THE 2024 EU INDUSTRIAL R&D INVESTMENT SCOREBOARDAutomobiles and partsPharmaceuticals and biotechnologySoftware and computer servicesElectronic and electrical equipmentAerospace and defenceBanksHealthcare equipment and servicesTechnology hardware and equipmentIndustrial engineeringChemicals084.640.121.515.613.18.77.77.77.06.175INNOVATIONAuto makers invest 85 billion in R&D in the EUAUTOMOTIVE R&D INVESTMENT BY REGION In billion,%change 2021 2022 20230102030405060708090EUJapanUSChinaRest of the world 15.5% 1.5%-7.9% 14.9% 1.6%SOURCE:THE 2024 EU INDUSTRIAL R&D INVESTMENT SCOREBOARDTHE AUTOMOBILE INDUSTRYPOCKET GUIDE 2025/20267677EU vehicle exports brought in 140 billion in 2021TAXATION1.Includes light,medium and heavy commercial vehicles,and buses2.Data for Malta not available3.Includes Belarus,Bosnia-Herzegovina,Kazakhstan,North Macedonia,Serbia,Uzbekistan4.Based on production type5.Includes Hong Kong,Taiwan and all the other South Asian countries77TAXATIONTAX BENEFITSAustriaBelgiumBulgariaCroatiaCyprusCzechiaDenmarkEstoniaFinlandFranceGermanyGreeceHungaryAcquisitionOwnershipCompany carINCENTIVESPurchaseInfrastructureSOURCE:ACEATAX BENEFITS AND PURCHASE INCENTIVES:ELECTRIC CARS 202578TAXATIONSOURCE:ACEATAX BENEFITS AND PURCHASE INCENTIVES:ELECTRIC CARS 2025TAX BENEFITSAcquisitionOwnershipCompany carINCENTIVESPurchaseInfrastructureIrelandItalyLatviaLithuaniaLuxembourgMaltaNetherlandsPolandPortugalRomaniaSlovakiaSloveniaSpainSwedenOnly half of EU countries offer incentives for electric car charging infrastructure79TAXATIONTAX BENEFITSAcquisitionOwnershipAustriaBelgiumBulgariaCroatiaCyprusCzechiaDenmarkEstoniaFinlandFranceGermanyGreeceHungaryINCENTIVESAcquisitionInfrastructureTAX BENEFITS AND PURCHASE INCENTIVES:ZERO-EMISSION COMMERCIAL VEHICLES 2025SOURCE:ACEA80TAXATIONTAX BENEFITS AND PURCHASE INCENTIVES:ZERO-EMISSION COMMERCIAL VEHICLES 2025SOURCE:ACEATAX BENEFITSAcquisitionOwnershipINCENTIVESAcquisitionInfrastructureIrelandItalyLatviaLithuaniaLuxembourgMaltaNetherlandsPolandPortugalRomaniaSlovakiaSloveniaSpainSwedenLess than half of EU countries provide incentives for electric commercial vehicle infrastructure81TAXATIONAustriaBelgiumDenmarkFinlandFranceGermanyGreece bn2022 bn2024DKK bn20253 bn2024 bn2023 bn2023 bn20253Purchase or transfer1.VAT on vehicle sales servicing,repair&parts3.28.91.622.931.80.62.Sales®istration taxes0.40.59.10.32.00.53.Annual ownership taxes2.82.110.21.10.69.51.34.Fuels&lubricants5.68.612.04.146.338.24.55.Others:Driving license fees0.00.010.20.03 Insurance taxes0.41.21.40.56.09.50.5 Tolls2.41.00.0214.87.4 Customs duties0.5 Other taxes0.31.22.00.2TOTAL(national currencies)15.223.532.77.694.697.17.6TOTAL()215.223.54.47.694.697.17.61.Latest available data;only country for which sourced data is available are listed2.Euro foreign exchange reference rates on 17 April 2025;source:ECB3.EstimatesFISCAL INCOME FROM VEHICLES IN MAJOR EU MARKETS 1 SOURCE:ACEA82TAXATION1.Latest available data;only country for which sourced data is available are listed2.Euro foreign exchange reference rates on 17 April 2025;source:ECBFISCAL INCOME FROM VEHICLES IN MAJOR EU MARKETS 1 SOURCE:ACEAVehicles contribute about 415 billion to public budgets in major EU marketsIrelandItalyNetherlandsPortugalSpainSweden bn2024 bn2023 bn2024 bn2024 bn2024SEK bn2021Purchase or transfer1.VAT on vehicle sales servicing,repair&parts1.020.04.04.611.325.52.Sales®istration taxes1.01.71.30.50.73.Annual ownership taxes0.97.45.10.93.015.54.Fuels&lubricants3.337.47.82.922.757.05.Others:Driving license fees0.030.60.10.01 Insurance taxes0.13.81.31.32.8 Tolls0.22.30.32.8 Customs duties0.1 Other taxes4.40.81.80.81.3TOTAL(national currencies)6.677.020.910.939.8104.9TOTAL()26.677.020.910.939.89.583TAXATION27%GreeceFinlandEstoniaItalySloveniaAustriaBulgariaFranceMaltaCroatiaDenmarkSwedenHungaryIrelandPolandPortugalSlovakiaBelgiumCzechiaLatviaLithuaniaNetherlandsSpainCyprusGermanyRomaniaLuxembourg25.5%$#! r VAT rates in the EU range from 16%to 27%VAT SHARE IN NET CAR PRICES%share,2025SOURCE:ACEA84TAXATIONAnnual tax income averages at 1,900 per vehicle in major EU marketsSOURCE:ACEAAVERAGE ANNUAL TAX PER VEHICLE IN MAJOR EU MARKETS 1 In per vehicle,20251.Per country estimates based on total number of vehicles on roads1,295SPAIN1,539PORTUGAL1,815GERMANY2,651AUSTRIA2,036FRANCE3,355BELGIUM2,323IRELAND1,671SWEDEN2,374FINLAND1,363DENMARK1,954NETHERLANDS1,655ITALY1,132GREECE1,0001,5002,0002,5003,00085TAXATION Petrol Minimum EU rate petrol0100200300400500600700800NetherlandsItalyGreeceIrelandFinlandFranceDenmarkGermanyPortugalBelgiumSloveniaEstoniaLuxembourgLatviaSlovakiaLithuaniaCroatiaCzechiaRomaniaSpainAustriaSwedenCyprusPolandHungaryBulgariaMalta359The Netherlands,Italy,and Greece rank top for the highest petrol excise dutiesEXCISE DUTIES ON UNLEADED PETROL In/1,000 litres,2024SOURCE:ACEA86TAXATIONItaly,Belgium,and Ireland rank top for the highest diesel excise dutiesSOURCE:ACEAEXCISE DUTIES ON DIESEL In/1,000 litres,2024 Diesel Minimum EU rate diesel7006005004003002001000ItalyBelgiumIrelandFranceSloveniaLithuaniaNetherlandsFinlandPortugalDenmarkGermanyRomaniaLuxembourgLatviaGreeceCroatiaCyprusEstoniaAustriaCzechiaPolandSpainSwedenHungarySlovakiaBulgaria330MaltaDRIVING MOBILITY FOR EUROPEThe European Automobile Manufacturers Association,or ACEA,unites Europes 16 major car,truck,van and bus makers.We are the voice of the auto industry:a technological world leader and the backbone of the EU economy.Our members keep Europe on the move,providing diverse solutions for moving people and goods from A to B.Together,we are progressing on the road to zero-emission and zero-fatality transport.We are addressing major technology shifts and the changing mobility needs of Europeans.ACEA is working towards a new era of mobility,where all Europeans can access affordable transport solutions that are:Green&Clean Smart&Efficient Safe&ReliableOur aim is to drive Europes mobility transformation while at the same time ensuring that the auto industry remains a strong Global&Competitive player.WHAT ACEA DOESACEA acts as one with common industry positions that also reflect the overarching interests of European citizens,transport users and operators,and auto industry workers.We bring our collective expertise to policy makers,sharing a wealth of factual information to enable well-informed decisions.We foster a societal debate around mobility,and are open to working with all interested parties to advance the common aim of clean,smart,and safe mobility.ACEA|September 2025ACEAEuropean AutomobileManufacturers Association 32 2 732 55
2025-10-29
89页
5星级
Transport,Logistics andSupply ChainINDUSTRY REPORTFall|2025CREAT IN GM&A STRATEGIES FOR BUSINESS OWN.
2025-10-24
30页
5星级
September 29,2025 Observations and Lessons Learned From OIG Reviews of the Next Generation Air Tran.
2025-10-20
27页
5星级
FEDESSA European Self StorageIndustry Report 2025October 2025Contents4 Methodology 6 Market Size 8 E.
2025-10-20
35页
5星级
Quarterly Air Transport Chartbook IATA Sustainability and Economics Q2 2025 2 Quarterly Air Transpo.
2025-10-17
27页
5星级
PLANNER SOURCING REPORTGLOBAL EDITION2026PLANNER SOURCING REPORTWelcome to the global edition of the.
2025-10-16
31页
5星级
Corporate Due Diligence,Auto Industry,and Battery Supply ChainsACorporate Due Diligence,Auto Industr.
2025-10-16
21页
5星级
Reviving the Commercial Aircraft Supply ChainWhats holding back the commercial aircraft supply chain.
2025-10-16
71页
5星级
DHL Hong Kong Air Trade Leading Index(DTI)Q4 2025 REPORT Commissioned by DHL Express(Hong Kong)Limi.
2025-10-15
15页
5星级
MOBILIT Y DEMAND MANAGEMENT:A CRITICAL TOOL TO INFLUENCE MOBILIT Y BEHAVIORFurther insights into “Th.
2025-10-15
24页
5星级
Supported bySupply chain sustainability practices in JapanSupply chain sustainability practices in J.
2025-10-15
28页
5星级
罗兰贝格:预见2026:中国行业趋势报告(90页).pdf
智源研究院:2026十大AI技术趋势报告(34页).pdf
三个皮匠报告:2025银发经济生态:中国与全球实践白皮书(150页).pdf
中国互联网协会:智能体应用发展报告(2025)(124页).pdf
三个皮匠报告:2025中国商业航天市场洞察报告-中国商业航天新格局全景洞察(25页).pdf
国声智库:全球AI创造力发展报告2025(77页).pdf
中国电子技术标准化研究院:2025知识图谱与大模型融合实践案例集(354页).pdf
三个皮匠报告:2025中国情绪消费市场洞察报告(24页).pdf
艺恩:2026“情绪疗愈”消费市场趋势盘点报告(31页).pdf
三个皮匠报告:2025中国固态电池市场洞察报告-产业爆发前夕如何重塑锂电新格局(26页).pdf
0731-84720580
商务合作:really158d
友链申请 (QQ):1737380874
最新报告
中英对照
全文搜索
报告精选
PDF上传翻译
多格式文档互转
入驻&报告售卖
会员权益
机构报告
券商研报
财报库
专题合集
英文报告
数据图表
会议报告
其他资源
研报
新质生产力
DeepSeek
低空经济
大模型
AI Agent
AI Infra
具身智能
自动驾驶
宠物
银发经济
人形机器人
企业出海
算力
微短剧
薪酬
白皮书
创新药
行业分析
个股研究
年报财报
IPO招股书
会议纪要
宏观策略
政策法规
其他
人工智能
信息科技
互联网
消费经济
汽车交通
电商零售
传媒娱乐
医疗健康
投资金融
能源环境
地产建筑
传统产业
英文报告
其它
行业聚焦
芯片产业
热点概念
全球咨询智库
人工智能
500强
新质生产力
会议峰会
新能源汽车
企业年报
互联网
公司研究
行业综观
消费教育
科技通信
医药健康
人力资源
投资金融
汽车产业
物流地产
电子商务
传统产业
传媒营销
其它
十五五规划系列报告合集(共48套打包)
2026低空经济/低空产业报告合集(共47套打包)
AI、科技与通信
广告、传媒与营销
消费、零售与支付
HR、文化与旅游
金融、保险与投资
能源、环境与工业
医疗制药与大健康
物流、地产与建筑
其他行业
AI ▪ 科技 ▪ 通信
数字化
金融财经
智能制造
电商传媒
地产建筑
医疗医学
能源化工
其他行业
收藏
下载
2026-02-02
AI查数
行业数据
政策法规
商业模式
产业链
竞争格局
市场规模
产业概述
其它
2026年
AI读财报
年报
一季报
半年报
三季报
IPO招股书
社会责任报告
A股
IPO申报
港股
美股&全球
新三板
微信扫码登录
手机快捷登录
账号登录
