If you work in automotive today, you’re not just shipping vehicles. You’re shipping software, AI models, and an entire ecosystem of suppliers you don’t fully see, but attackers do.
That’s why I’m genuinely excited (and a little relieved) to share this:
Manifest is now a supporting partner of the Automotive Security Research Group (ASRG).
This isn’t a “logo swap and move on” kind of partnership. Together, we’re building a public-facing service and shared infrastructure to make the software and AI inside vehicles visible, verifiable, and understandable. This powerful data will be available for researchers, original equipment manufacturers (OEMs), suppliers, regulators, and eventually, drivers themselves to understand security risks and establish transparency in the software and AI increasingly installed in cars and other vehicles.
Your Car Is Basically a Rolling Supply Chain Problem
Modern vehicles are now closer to computers on wheels than to traditional cars. They constantly collect data about location, driver behavior, and vehicle status. They stream data to and from remote servers, including over-the-air updates. They communicate with WiFi, phones, and other infrastructure, and they increasingly contain AI models for everything from crash detection to voice assistants.
Every one of those connections is backed by a layered software and AI stack, stitched together from in-house code, open source libraries, third-party vendors, and increasingly, pre-trained models.
The result:
You’re not just securing a car. You’re securing thousands of dependencies and AI models with unknown lineage that aren’t easy to discover or analyze.
We’ve seen this movie before. Log4Shell showed the entire industry how painful it is to answer a supposedly simple question: “Where are we using this vulnerable component?” The scramble, the emails, the spreadsheets, the late-night calls, that’s what life looks like when your supply chain is a black box.
Now add AI into the mix. It’s no longer enough to know that “we use OpenAI” or “we use our own datasets.” When it comes to public safety, you need to know
- Where did the model come from? How was it derived?
- What data shaped it?
- How has it changed over time?
That’s the theme I keep coming back to in my work: provenance is the new perimeter. If you don’t know where something came from or what’s inside it, you can’t reasonably call it “secure.”
Why ASRG Is the Right Pit Crew
ASRG sits in a unique and important place in the automotive ecosystem. They are not a vendor, nor a regulator. They are a global non-profit community that includes researchers trying to disclose responsibly, engineers working to ship safe systems on real deadlines, OEMs and suppliers balancing transparency with IP protection, and students and practitioners who simply want to make vehicles safer. In other words, they bring together the exact mix of people you need if you actually want to make progress instead of just adding more PDF reports to a compliance folder.
At Manifest, we build the platform that generates and manages SBOMs and AIBOMs at scale, enriches them with vulnerabilities, lifecycle, and policy context, tracks provenance and integrity across software and AI components, and gives product security and supplier risk teams a shared source of truth. ASRG brings the global community, the trust, and the mission to advance automotive cybersecurity. Putting those together felt obvious: they’re the track, we’re the telemetry.
SBOMs and AIBOMs: From Homework to Headlights
Let’s be honest: in a lot of organizations, SBOMs still feel like mandatory homework.
You generate them because of ISO/SAE 21434, UNECE R155/R156, or your customer says you must. You file them away. And when a new vulnerability hits, someone opens a spreadsheet and starts praying it’s up to date.
That’s not visibility. That’s paperwork.
What we’re building with ASRG is the opposite of that:
1. A Public-Facing Transparency Service
Together, we’ll stand up a service that surfaces public, trustworthy SBOMs and AIBOMs for automotive components, along with verified provenance and integrity for both software and AI. Instead of overwhelming people with raw dependency dumps, it will deliver prioritized, real-world risk insights so teams can focus on what actually matters. Think less “static ingredient label,” more “live dashboard that tells you where the real problems are.”
2. Cross-Tier Risk Views Without Exposing IP
One of the toughest balancing acts in automotive is needing enough transparency to stay safe while still keeping enough confidentiality to stay in business. This is where we’ve invested heavily at Manifest: giving OEMs and suppliers cross-tier visibility into component-level risk without forcing anyone to reveal sensitive implementation details.
The joint service will let teams:
- See how risk rolls up across tiers of suppliers
- Understand which components and models are driving exposure
- Share just enough detail to coordinate fixes, not enough to leak secrets
3. Coordinated Disclosure With Better Context
Researchers often find serious issues in automotive systems, and OEMs and suppliers often want to do the right thing. The friction point is almost always context and communication. By plugging Manifest into ASRG’s infrastructure, we can tie vulnerabilities to specific components, SBOM entries, and models, and provide provenance context so you know which supplier or model owner to contact. That turns coordinated disclosure from detective work into something closer to incident response, and turns “security research” from awkward adversarial theater into a collaborative process that makes everyone safer.
Provenance is Critical When Public Safety is at Risk
In my work on medical devices, I’ve written about how something as mundane as End-of-Life software can turn into a patient safety issue if you don’t actively track it.
Automotive is no different.
These systems don’t live on a phone that you replace every two years. They live on roads for a decade or more. They carry kids, families, and critical goods. They share space with pedestrians and emergency vehicles. They are, in every sense, safety-critical.
In that world, a missing SBOM entry isn’t just a gap, it’s a blind spot. An untracked model update isn’t just technical debt, it’s a change to how your vehicle behaves in the real world. A vague supplier contract isn’t just legalese, it’s ambiguity about who’s responsible when something goes wrong.
This is why I care so much about provenance. For software, that means knowing what components are in the system, who maintains them, and whether they’re still supported. For AI, it means knowing where a model came from, what data shaped it, and whether anyone has tampered with it. If we can’t answer those questions confidently, we’re not really doing automotive cybersecurity; we’re just doing damage control.
Why This Sponsorship Matters to Manifest
We could have treated automotive like any other vertical: sell licenses, ship features, move on. Instead, we chose to invest in shared, community infrastructure with ASRG because security is a team sport. No single OEM, Tier 1, or SaaS platform can solve automotive cybersecurity alone; we need a common language (SBOMs, AIBOMs, provenance) and shared rails to run on.
Compliance is necessary but not sufficient. Regulations and standards are catching up fast, which is a good thing, but checking boxes won’t help if the underlying data is stale, siloed, or impossible to interpret. Transparency only works if people can actually use it. One of the things I’m most excited about in this partnership is our plan for plain-language summaries, taking deeply technical risk data and translating it into something meaningful for engineers, executives, regulators, and eventually, drivers.
This is exactly the kind of problem Manifest exists to solve: take complex, messy software and AI supply chains and turn them into something you can see, reason about, and act on with confidence.
What’s Coming Next
Over the coming months, our teams will be onboarding SBOMs and AIBOMs into a shared data environment for ASRG members and building views that highlight supplier and component-level risk across the vehicle lifecycle. We’ll also be experimenting with consumer-facing transparency features so people can actually understand the cybersecurity posture of the vehicles they rely on.
You’ll see more from both ASRG and Manifest as these capabilities roll out.
In the meantime, if you’re:
- An OEM or supplier tired of flying blind on software and AI risk
- A researcher who wants better ways to disclose and collaborate
- A security leader juggling automotive, AI, and supply chain requirements
Because at this point, securing vehicles isn’t just about passing an audit. It’s about building a world where we can innovate on the road ahead, without driving straight into avoidable risk.
