For teams responsible for delivering software into connected vehicles, software supply chain security carries significant consequences. A vulnerable update can pose real-world risks to both systems and drivers. With those stakes in mind, one large automotive manufacturer has reshaped its approach to platform engineering and security.
Rather than pushing responsibility onto individual development teams, the organization treats supply chain security as an infrastructure problem that must be solved at the platform level. The organization built an internal developer platform to remove security decision-making from individual developers and embed it directly into the platform.
"We cannot deploy software in the vehicle that may have some vulnerabilities," says Gaurav Saxena, director of engineering at a major automaker. "It can pose a risk to both the vehicle and the driver.”
Supply chain security is often framed as a compliance or policy issue. But at the developer level, Saxena says, risk appears much earlier in day-to-day workflows. Much of the software that reaches production depends on previously-built components, which are typically reused across teams. As the software ages, new vulnerabilities emerge. Saxena says his company's developer platform addresses this problem.
Related:AI Agents Undermine Progress in Browser Security
"We provide shared dev tools and services so that developers can focus on the business needs and not worry about the security," Saxena says. "We as platform engineers provide that out of the box."
Securing the Build Pipeline by Design
Saxena leads the organization responsible for internal developer platforms, data infrastructure, and reliability engineering. His team supports more than 50 engineers and provides shared services that power cloud-to-device and device-to-cloud workflows.
The platform team begins by controlling how container images are built. Rather than relying on large, general-purpose images, they use minimal, purpose-built images that include only the dependencies required to run a specific application. According to Saxena, reducing image size also reduces risk. Fewer dependencies mean fewer potential attack vectors and less exposure if a vulnerability is discovered later.
Each image is built from known components and accompanied by a software bill of materials that includes recursive dependency tracking. Images are cryptographically signed so the organization can verify their origin and ensure they have not been altered. These signed images and their SBOMs are then published to the JFrog Artifactory repository, which enforces access controls, enables vulnerability scanning, and provides build-info traceability, linking artifacts back to source commits.
... continue reading