Peter Virk writes that once the security of connected vehicles is standardized, the doors are opened to standardize a myriad of additional capabilities
Cars were once just a means of transporting passengers from point A to point B. Now, car rides are an experience. Many are fortunate enough to have heated/cooled seats, wireless charging for in-car phones, or a Wi-Fi/Bluetooth connection that allows them to stream their favorite songs. Cars can now provide passengers with optimum luxury and comfort.
Automakers now face the challenge of creating an exciting in-car experience that outperforms their competitors with every innovation. Communication is the core of this innovation. Cars can and will communicate with other cars, make use of local networks, connect to the cloud and much more. However, with all the joys of communication comes extreme caution.
A recent paper published by the Legal Committee of England and Wales warns that terrorists can hijack remote vehicles to use as weapons – without having to become involved in the incident themselves. For example, a 2015 Jeep Grand Cherokee hack is a stark warning of what could happen. This is particularly concerning as we see the increasing popularity of remote driving technology in controlled environments such as warehouses, farms and mines, and hear rumors about the technology coming to roads and private vehicles in the next decade or so. The report raises the need to determine how such vehicles are regulated on public roads. The more programs, the greater the connectivity, the greater the surface of cyberattacks.
The 2015 Jeep Grand Cherokee hack is a stark warning of what could happen
It is difficult to secure connected vehicles, which can contain more than 100 independently developed software and hardware components, due to the multiplicity of vendors involved in assembling them. The complex automotive supply chain makes enforcing common cybersecurity standards daunting.
Securing vehicles from cyber threats is getting more and more difficult with every additional connection, electronic component, and software-driven system. This industry cannot afford the same mistakes that the technology and software industries have made. Until regulated cybersecurity protocols are incorporated into the manufacture of vehicles and their components, modern cars can be effectively insecure networks.
Obstacles in turning green cars
Electric cars are becoming more and more popular amid a global campaign to decarbonise. While this is great for the environment, it also raises new concerns about software security. There are about 100 million lines of code in today’s internal combustion engine vehicle. In electric cars and future self-driving vehicles, there will be significantly more.
Along with safety systems that are improving year by year, electric vehicles benefit from systems that can judge and optimize energy production, battery usage, and charging functions. The powertrain is regulated by a software platform; Security features are regulated by software; Even the car’s power supply is managed by the software. This leaves every aspect of the vehicle vulnerable to cyber security vulnerabilities. A vehicle that is more connected than ever, and more dependent on technology than ever, with an internal network of components connected to the outside world, that the world has come to expect more than ever, is a huge open target for online predators.
To address this issue, we need to think beyond the car. A well-made vehicle must be connected to the power grid to get its power. Think about what this network is connected to and the damage it would do to the economy – to the population – if you removed their energy source. This is why cyber security is so important to every part of the car ecosystem.
How to stay ahead: Machine learning opens doors to the future of cars
So what does the auto industry need to ensure safety, but also to gain long-term user confidence? A smart car or smart electric vehicle can generate terabytes of data per day. This can be analyzed and applied on a larger scale to make smart cities and their infrastructure more secure and efficient. Data is generated by connected fleets, as well as by distributed directory and human resource systems that indicate which user activities are permitted and which are not, providing clues to mitigating threats.
Machine learning (ML) also excels in this environment. By broadly understanding the activity surrounding the assets under their control, ML-based solutions allow analysts to explore the relationship between events over time and across disparate hosts, users, and networks. Money laundering can provide contextual information to reduce potential risks and costs of a breach. Mobility professionals must fully understand machine learning and become proficient in designing a suitable, secure solution for a smart vehicle.
It is impossible to predict all the ways in which cybercriminals will attack, but it is clear that privacy will be central. Policymakers must ensure that the system that governs the next generation of transportation protects the lives and privacy of the people they serve. The United Nations established cybersecurity guidelines for automakers, which laid the groundwork for increased vehicle security; All countries should follow suit. In fact, once the security of connected vehicles is standardized, the doors open to standardize the myriad of additional capabilities in cars. This allows exciting innovation to become much easier and faster across the entire industry.
A complex automotive supply chain makes enforcing common cybersecurity standards daunting
Small businesses and startups may not have unlimited access to the data and equipment that can power their new ideas for great and futuristic car experiences. In these cases, there is an opportunity for the big players in the industry to share data insights and platforms equipped with flexible and secure technology to support these players. This will help startups and established players shorten innovations, reduce risks, and bring great ideas to market faster. As they continue to build and use hardware platforms, OSS, and cloud service providers, the entire automotive industry is accelerating their capabilities.
Vehicles are smart machines, but they are machines nonetheless, and the interference can be disastrous. Likewise, when the right systems protect vehicles, a range of opportunities are available. When the security of connected vehicles is effectively addressed, smart vehicles can truly realize their potential.
About the author: Peter Virk is Vice President, IVY Product and Ecosystem at BlackBerry