What kind of features did you have in mind?
[0] https://en.wikipedia.org/wiki/Engine_control_unit
There are of course after market ECU tweaks and parts that, for example, will change your throttle response with a physical piece of hardware—Pedal Commander is a simple example.
American Polestars can, for example, enable their adaptive headlights using OrBit.
a) it is only modification of existing software
b) it only targets Infotainment system
For safety, regulator, historical and frankly common sense reasons, a car is not one system. It is a system of system that communicate via a CAN BUS, https://en.wikipedia.org/wiki/CAN_bus. This is still true for electric cars. Can this be hacked? Like everything else, yes.
Can you side load a new ROM like an android device? Not that know of and hope that never becomes a reality because your phone crashing is different than you car crashing (figuratively and literally). Can you enable/disable features? Yes, usually through ECU hacking. On my P3 Volvo, I bought a cheap stripped down Chinese clone of Volvo's diagnostic tool called DiCE. Once the ECU is decrypted, which is done through brute force, you can use something like https://d5t5.com/article/vdash-volvo-diagnostic or P3Tool to change level settings like the theme of LED dash or engine tuning.
You may be interested in https://github.com/jaredthecoder/awesome-vehicle-security#re...
I think you are underestimating how complex EVs are, how much software goes into them, and what goes into coming up with an alternative software stack. Also, I doubt that the likes of Rivian, Tesla, etc. are going to just let people boot whatever on their cars. Why would they?
But at the lower levels, hacking things like battery management systems is definitely a thing that is done and somewhat supported. A lot of retrofits where ICE engines are swapped out for an electrical drive train end up repurposing drive trains from EVs.
Our (brand new) car is the most dangerous vehicle I have ever driven by a large margin because the steering, brakes and accelerator spuriously override the driver in a way that could cause an accident every couple of hundred miles. (It averages a spurious alarm or override every 10 miles or so, and flat out force departs a lane or accelerates at a person / car every few thousand).
Most of these issues could probably be fixed with so-called “deletes” that rip out parts of the active driver assist system, but they aren’t available for this model, and frankly, I’d rather pay to watch it be crushed than mess with such stuff.
KIA won't release any updates to the (Gen 2 I believe) entertainment system firmware that would add Android Auto support, like they did for other cars, but surely it's not a hardware limitation? Could it be?
I would experiment myself if I knew how and had the time...
I think, it is unfortunately, but not exists official market of custom ROMs.
For about custom ROMs, situation very much like custom ROMs for Canon camera - they don't implemented totally new features, but with hacker methods, unlocked some hidden features, already existing in hardware and software; also exist similarities with Smartphones custom ROMs - for many Smartphones only possible to reset firmware to something like "very new device without traces of wearing", plus some copies of features from same model but other region, or mods (unlock features).
Significant difference of EVs, for them much more frequently used things like "power or torque limited by software", because to faster get certification, producer could limit torque to be equal to ICE original vehicle (usually, electric motor have much higher torque than ICE with comparable other parameters), and in such case don't need to much bother with certification, as in many countries such limited electrification come with very simplified procedure.
Sure, could exist lot of hacks for entertainment system.
And many hacks you could DIY with things like USB to CAN bus controller.
What also interest, exists large market of totaled EVs in 3rd world countries, where in garages literally could refurbish Tesla from trash (suffered extreme collision after which owner decided to utilize machine, but some guys bought it as trash and resell to other country, and it got second life, and I hear many cases, when previous Tesla owners once began get messages from their account but from whole other country).
But that's nearly all, except entertainment system, other parts of EV usually considered highly regulated, so you cannot account for much customization of them.
And level of hacking is very much depend on brand - as I hear, for example, Daimler including in machines "CAN bridges" between entertainment system and ECU, and classic CAN connector could only see entertainment system messages, but access to ECU severe limited (cheaper brands usually don't use CAN bridges).
And sure as with other embedded tech, with time more new designs use locked boot and signed blobs, so with 10 years old machine you will definitely get more access than with brand new.
BTW Tesla is by definition special case, as their electronics could be from different manufacturer in each production batch, as this claimed as feature, because of which Tesla less suffered from covid related issues (when many electronics manufacturers severe drop supply). Sure, this mean, for other manufacturer could be other hack (and early batches hacked much deeper than more modern).