Volvo Car Corporation is headquartered in Gothenburg, Sweden, and operates across Sweden, Belgium, the United States, and China. Founded in 1927, the company is in the middle of a full-scale pivot to electric vehicles - targeting 50–60% electrified sales by 2025 and 90–100% by 2030. That transformation means the attack surface is expanding fast: every connected EV is a rolling network of ECUs, cellular modems, Bluetooth stacks, and over-the-air update pipelines, all of which need to be defended across the vehicle lifecycle.
The threat model is concrete. A modern Volvo EV is a software-defined platform running safety-critical code alongside consumer-facing infotainment and cloud-connected services. Compromise paths include remote code execution via compromised OTA channels, supply-chain infiltration through third-party components, CAN bus injection, and exploitation of mobile companion apps. Security engineering here spans in-vehicle systems, backend infrastructure, secure boot and firmware signing, network segmentation, and continuous monitoring of deployed fleets.
Technical domains within the organization include safety technology, smart mobility solutions, electric vehicle technology, and sustainability-focused R&D. The company's culture emphasizes ownership and collaboration, with an expectation that security practitioners work embedded alongside vehicle engineers and software teams rather than in isolated audit functions. Safety, quality, and environmental consciousness are stated as primary decision drivers - security work is framed within those priorities, not separate from them.