(no title)

Without speaking specifically to Ford’s plans, authenticated CAN communications are absolutely coming. I don’t see many approaches that actually encrypt the data on the bus - instead a MAC is used for each frame with a shared key on both secure ECUs, and some protections against replay attacks and such.

I wouldn’t expect all CAN data to be protected by this kind of security - it’s a pain in the butt, and expensive. Instead, certain specific sensitive information (like whether there’s a key in the ignition!) is protected as needed.

The industry is also moving toward IP-based communications for a lot of vehicle networking, which comes with many of the benefits of the modern infosec world. Automotive has a lot of unique challenges, though - like another poster mentioned, key provisioning and management is a huge pain; latency and hard timing constraints are way more important in the onboard/embedded world; many automotive ICs have limited support for e.g., asymmetric encryption, and of course there’s a lot of pain generated from the way the industry does software development generally. It’s an interesting space.