Covering Disruptive Technology Powering Business in The Digital Age

Home > Archives > Blog > Autonomous Vehicles: Are They Really Safe?
image
Autonomous Vehicles: Are They Really Safe?
image

 

By Aron Raj

Growing up, many of us admired David Hasselhoff’s Pontiac Firebird, KITT in the television series, Knight Rider. KITT was an advanced artificially intelligent, self-aware and nearly indestructible car. There was also Doc Brown’s time travel car, the DMC DeLorean from the Back to the Future movies, James Bond’s self-driving BMWs and Aston Martins as well as Herbie, the Volkswagen Beetle with an attitude from The Love Bug. Even Batman was able to summon the Batmobile to drive towards him.

While popular culture has had our imagination blown away with these autonomous vehicles in the past, technology today is allowing some of these iconic ideas to be a reality. Over the last decade, more car manufacturers and research organisations have developed working prototypes of autonomous vehicles. In July 2013, Vislab’s BRAiVE was the first vehicle to move autonomously on a mixed traffic route open to public traffic.

As of 2019, 29 US states have passed laws permitting autonomous vehicles. Over in Europe, cities in the UK, France, Belgium and Italy are also planning to operate systems for driverless cars while Germany, Spain and the Netherlands have allowed testing of robotic cars in traffic.

In Southeast Asia, Singapore ranks second in KPMG’s Autonomous Vehicles Readiness Index, behind the Netherlands, for the top countries ready to embrace autonomous vehicles. Singapore hopes to operate autonomous buses during off-peak hours by 2022. Meanwhile, in Malaysia, e-hailing service provider Grab expects to have self-driving taxis on the roads by 2022 as well.

As more governments and companies are invested in having autonomous vehicles on the roads, a crucial question that comes to mind is how secure these vehicles are. While the autonomous vehicles would have gone through enough testing to ensure they don’t malfunction on the roads, the software and programs that run these vehicles require a different approach when it comes to security.

How Secure Are Autonomous Vehicles?

With the growing number of IoT devices and the emergence of 5G, connectivity will be more seamless for everyone. Autonomous vehicles are almost fully dependent on connectivity to operate. But are connections really secure on these vehicles? Are cybercriminals able to hack autonomous vehicles and cause havoc? More importantly, what happens to all the data from these vehicles?

According to Freddy Lee, CTO of IBM Malaysia, for the automotive industry, cyber incursions can potentially lead to extensive equipment damage, loss of critical data and corporate reputation, among other things.

“It is possible, as with any industry breach. This is why automotive companies need improved cybersecurity capabilities that are contextual, cognitive and adaptive, allowing them to identify, mitigate and prevent risk continuously.”

Freddy said the challenge for the automotive industry is multifaceted: the component technologies as well as the underlying supply chains and integration are complex, the in-service lifetime is long, and the vehicle operating environment is laden with threats. He added that it takes many parts and multiple suppliers to make a car and thus, automotive manufacturing is an ecosystem in itself. However, he believes that manufacturers are maturing to the need to secure systems in connected vehicles.

Paul Hadjy, CEO and Founder, Horangi CyberSecurity, pointed out that cybercriminals who manage to compromise the vehicular systems could potentially take control of the vehicle as if they were the owners. Depending on the level of control the attackers have over the vehicles and also the vehicle’s inbuilt functionality, the attacker could alter the vehicle’s software settings (radio, video or recording functionality) and also control the vehicle remotely (speed, direction, brakes, gears, signals etc.)

“If the attackers manage to gain control of a large network of connected vehicles, the consequences would be dire. The attackers could drive these “drone” vehicles in populated or dangerous areas and cause collateral damage and endanger lives.”

He said that it is important to find out how secure the systems are, and how they are built, how the user uses them, and also the interconnectedness/segregation of the systems. He added that other than vehicular control systems, some entertainment systems operate on operating systems such as Android Auto.

“If authentication, access control and segmentation were not implemented properly, a compromised vehicle could potentially reach the corporate servers and retrieve corporate data. The same exploits used to compromise traditional servers and hosts (samba, FTP servers, zero days) work the same way in vehicle<>server, they are just another form of client/server interaction.”

Lessons Not Learned

With every new technology, cybercriminals are always looking for ways to exploit security vulnerabilities to gain profit or inflict some kind of damage. But time and again, those at the creation end of how the technology is applied, tend to overlook the security aspects of their products, resulting in severe consequences.

The lack of security standards seen over the years in IoT devices, for example, enabled threat actors to highjack said devices to penetrate corporate networks, deliver malware, perform botnet attacks, industrial espionage, and do all sorts of nasty things. While “security-by-design” is a nice catchphrase that gets thrown around after every major breach, history has shown that it is an approach that is still far from becoming the norm.

Autonomous cars dangerously run the risk of falling into the same pitfalls. In fact, a study by the Ponemon Institute found that that the cybersecurity features in modern vehicles are lacking to operate safely in an online world.

As to why developers are still not putting cybersecurity as top priority, Paul Hadjy offered one possible explanation. “Businesses always prioritise functionality over security, which results in higher cadence in development sprints. This also results in lower emphasis made towards building a more secure product.”

“Having cybersecurity built into the application is usually not the OKRs or KPIs required from software developers. However, if the management realises the need to have security in place to achieve their strategic goals and have OKRs/KPI built in to collectively build a secure software, things will definitely change for the better,” he continued.

Meanwhile, Sashidhar Thothadri, Vice President Asia, Mobile Connectivity Solutions and Analytics and IoT Solutions, Thales, said that at the heart of the connected car is the digitalisation of driving. He added that the ubiquity of computers and sensors in car components, and on the roads themselves, combine to make data gathering and processing possible on the scale required to safely disrupt century-old practices and business models.

Sashidhar explained that in the case of connected and potentially autonomous cars, the security risks are diverse. They range from stealing usage data to disabling cars, to hijacking single cars or attacking an entire fleet, or even forcing one’s car to perform “unexpected” functions. Consumers are clearly aware of and concerned about these potential issues, demonstrating the need for car manufacturers to build trust in the new mobility ecosystem. This task is paramount to driving adoption and mission critical to support the overall growth and success of connected cars.

“As the car becomes an extension of your smartphone, your banking card, your personal assistant and a lifesaver in the event of an accident, the metamorphosis from car to digital experience catalyst is well and truly underway. So yes, it is possible for hackers to turn to connected vehicles as a point of entry into the wider IoT ecosystem. From a simple means of transport, the car is transforming into a high-tech piece you can buy, rent or share; one which is continually connected and communicating with its environment. Provided security is built into its very DNA, rather than treated as an optional extra; the potential is limitless.”

Securing Autonomous Vehicles

With growing concerns on the security of autonomous vehicles, Sashidhar pointed out that security-by-design should not just be a tagline; Car manufacturers must adopt a security-first approach that has multiple layers and not just come up with patches whenever there is a problem.

“This starts with securing the connected car, its firmware and software applications through Public Key Infrastructure (PKI), key management services and identity issuance. But it’s also critical to secure the data transmitted to and from the car, both at rest and in motion, through high-speed data encryption technology. Such an approach would secure access to the car, and protect against data loss, IP theft, fraud and downtime.”

On an end-user level, Sashidhar said that individuals could take steps to keep threats at bay. This includes ensuring the vehicle’s software is up to date, exercising discretion when connecting with unknown third-party devices and be conscious of the people who have physical access to your vehicle.

On the other hand, Freddy said that according to an IBM IBV study “Accelerating Security”, a security model called design, build, drive that follows modern vehicles from rough sketch to scrap metal is a good base to start from. The design point for security should include:

  • Adherence to technical standards such as ISO26262, AUTOSAR, MISRA and Automotive SPICE
  • Establishment of a security methodology for design and development
  • Maintainability over long in-service lifetimes
  • “Failsafe” contingencies
  • Assertions related to trusted technology providers
  • Trust assertions and mechanisms for software.

Freddy added that it is also important to have a codified security policy that guides the implementation and maintenance of critical assets. The security policy must take into account the availability of systems and data, as well as integrity and confidentiality. It should also include instrument systems to monitor events and perform analytics to detect not only failures but also suspicious activity potentially indicating a security threat.

“To provide a safe travel experience for drivers, passengers and pedestrians alike, a technology redesign is necessary at the ECU (Electronic Control Units) level. Such a redesign should protect the ECU by validating the integrity of ECU firmware to resist unauthorised tampering or execution of malware. Likewise, it should provide a method allowing an ECU to verify the identity of other ECUs on a network bus, decide which controls and messages they are allowed to send, and validate that those controls and messages haven’t been tampered with or forged.”

Most importantly, Freddy said the technology redesign should secure data flowing to, from and within the vehicle. This means protecting sensitive or personal information from being captured in transit by encrypting data over the air and on the CAN. Encryption can also help prevent hijacking and spoofing of control commands.

To put it simply, Freddy believes that with the rise of highly advanced and sophisticated attacks, it’s not always possible to prevent malicious activity. However, he said that instrumenting and analysing data patterns from individual cars and fleets can detect anomalies that may be signs of coordinated attacks. By generating meaningful events in a format useful to big data solutions, analytics can identify suspicious activity before the vehicle’s systems are compromised, and the attacker causes damage.

As Sashidhar puts it, “for connected vehicles and mobility services to deliver on their promises, automotive and mobility developers will have to build trust in the ecosystem and reassure drivers. This means they have to partner with the right technology providers to implement robust security measures.”

 

(0)(0)