Why Improving the Cybersecurity Framework of Self-Driving Cars is Essential?
In a world where every industry is going through automation or leveling themselves up with Artificial Intelligence, why should automobiles stay behind? High profile players like Tesla, Pony.ai, Waymo are putting their best foot forward in an effort to remold the automobile industry by presenting us with self-driving cars. Even Uber has invested in developing self-driving cars for its ride-sharing business, teaming up with Hyundai to make flying taxis no longer a dream.
However, we need to check a few things before these vehicles enter the mainstream consumer market. The vehicle must be suitable for commercial use and secure from cyber-attacks. Just like any connected technology, these, too, provide ample chances for cybercriminals to exploit the loopholes or breach it by compromising the systems and steal sensitive information from the owners or simply gain access to the system. In simpler words, cybercriminals can too step up the game of car theft.
Hence manufacturers and car developers must put more emphasis on enhancing cybersecurity protection. Recently, Whitehat hacker GreenTheOnly discovered that Tesla computer units were being sold on eBay. These resold units contained personal information about previous owners like the owner’s home and work location, all saved wifi passwords, calendar entries from the phone, call lists, and address books from paired phones, Netflix, and other stored session cookies. This means that there is a lack of consideration of customer data protection by a leading autonomous vehicle company, and neither does it routinely erase personal data from replaced components. Further, owners with new hardware retrofitted in their car, are at risk of a personal data breach, which the company failed to notify immediately. This points out the grim fact that Cybersecurity is still being overlooked or not sufficiently prioritized.
Last year, in a paper by Dartmouth College called Counter-Mapping the Spaces of Autonomous Driving, author Luis F. Alvarez León stated about the vast potential of massive commercialization of autonomous vehicles that could provide us with new data sources as a way to improve our society. “Self-driving cars have the potential to transform our transportation network and society at large. This carries enormous consequences given that the data and technology are likely to reshape the way our cities and communities operate fundamentally.” But he also cautioned that these data remained locked in the black boxes of the manufacturer. He spoke about his apprehension of the accessibility of such critical data.
“We don’t know who can see the data, appropriate it, or profit from it. With insufficient government regulation of data from self-driving cars, this raises significant concerns regarding privacy, security, and public safety,” he explained. He further continues, “If we’re going to adopt self-driving cars, then we should really make absolutely sure that they are as secure as they can be.”
Similar to safety regulations and technological viability and alacrity, Cybersecurity must be a mandatory trait for these futuristic vehicles. Recently, O2 UK finished a project funded by Innovate UK, the UK Government-funded innovation agency, and the Centre for Connected and Autonomous Vehicles (CCAV) to support the development of cybersecurity testing capabilities. The investigation was on determining the types of cyberattacks and attackers that pose a threat to CAV networks. Based on the findings, they aimed at developing models that could be used to classify, manage, and mitigate cybersecurity risks for intelligent transport systems, which will be vital for ensuring the safety and security of road users in the future.
This year Zenzic, an organization dedicated to accelerating the self-driving revolution in the UK, revealed the recipients of £1.2 million in funding from a competition focused on Cybersecurity in self-driving vehicles. One of the seven recipients, theResiCAV project focuses on using current tools and techniques to apply on static analysis of cars on real-time monitoring and response. This can help in building a resilient cybersecurity system for autonomous vehicles, while also providing an infrastructure to detect and address digital threats. Meanwhile, another winner, CAVShield, had worked on data privacy aspects of connected and autonomous vehicles (CAVs) to identify methodologies for real-time identification and measurement of vulnerabilities in CAV networks to enable widespread implementation to protect large vehicle fleets. This includes the long-term commercial viability of cyber-related services for the CAM industry.
It is good to hear updates about reinforcing the Cybersecurity of the autonomous vehicles. But we are still far from establishing trust and worry-free reliance on them. What we need now is a uniform cybersecurity framework for autonomous vehicles for ongoing trials and deployment of autonomous vehicles on the road.
“The connected and self-driving vehicle sector is set to be worth £62 billion by 2030, with safer roads and smoother, more accessible journeys for all. Whether we’re turning cars into Wi-Fi-connected hotspots or equipping them with millions of lines of code, we must consider the new challenges of putting this technology into practice, “ said George Freeman, Future of Transport Minister.