November 22, 2016

Open standards to mitigate the cyber risks of robotic cars

Tomi Behm

Lead Security Services Product Manager, Tieto

Will your car take the front seat in cyber wars of the future?

This is a relevant question begging for answers before millions of autonomous vehicles – or self-driving robotic cars – can be legally allowed to roam the roads. In addition to ethical issues, cyber security is top priority for automakers and legislators.

My opinion is that the best way to mitigate cyber security risks in any environment is openness and the adoption of  industry wide standards. As connectivity makes cars part of the Internet of Things, automakers could and should closely follow the current discussion around global cyber security standards for IoT.

Without a doubt, the prime motivator for creating robotic cars is the expectation of improved road safety. It’s a well-known fact that human error is the main cause of road accidents. Thus, if we replace this pesky human factor by an algorithmic driver, a lot of good should follow.  

But for a robotic car to work properly, it must be able to securely communicate with other vehicles, the roadside environment, and the manufacturer for software upgrades and for exchanging telemetry data.

The network connection means that nasty stuff also has a possibility to enter the picture.  

As all good things, robotic cars are not immune to cyber attacks. Whether for fame, money or a cause, potential attackers are certainly interested in exploring what the new era of self-driving cars has to offer. Just imagine a cyber terrorist remotely taking over a gasoline truck, and using it as a weapon.  

And, unfortunately, this isn’t just fear mongering. White hat hackers have already dramatically demonstrated how cars can be attacked with relative ease, and with very affordable means. For example, brakes and other vital systems can be disabled while the vehicle is moving, even on a truck.

300 million lines of code

Cyber security is quite literally a matter of life and death for robotic vehicles. And it’s a very complicated issue. Perhaps overwhelmingly so if we take a closer look.

A modern car is like a computer on wheels. It may run 300 million lines of code – and that’s still for a car without the ability to drive autonomously. In the 2020s, a regular robotic car could process more than four terabytes of data every single day. That’s a lot of headroom for vulnerabilities, misconfigurations and bugs to hide in. And a vast attack surface for cyber crooks.

Complexity is added by the multi-tiered business model of the automotive industry. Before a car rolls off the factory line, a myriad of subcontractors of the actual OEM manufacturer have thrown in thousands of physical components as well as a growing inventory of software. And as many of the components are built to strict requirements on footprint and budget, security considerations easily take the passenger’s seat.

On the positive side, there’s no lack of awareness. If you browse the agendas of virtually any major cyber security event, you’ll find at least one car hack demo. The automotive industry also has its own forums to discuss the cyber security issues in connected and self-driving cars, although it can be argued that these matters should be rather discussed in the open to ensure proper oversight.

Another ”positive” point: Money is what most motivates cyber criminals. Thus, potential attacks on robotic cars may not be life-threatening. Instead, they could take the form of temporary hijacks that are removed after the driver pays a hefty ransom.

The solution: open security standards

At Tieto Security, we don’t want to see any of the risks materialize. Then how do we tackle them: cut short the attack vectors, as cyber security lingo would phrase it?  

Our suggestion is that the design of connected and robotic cars requires an open, common and transparent set of cyber security standards. Just as in IoT, but taking into account the domain of traffic. In order to create such standards, the automotive industry, the players developing future road infrastructure and the global cyber security community needs to cooperate very closely and above all openly  

Finally, before accepting a new car model for live traffic, a manufacturer should submit such model to rigorous testing by both official and private bodies.. Or why not let the whitehats, who’ve been able to hack the cars so far have a go at it. Or  better yet, make it a competition with a reward. Such bug bounty programs have  already proven to be successful in many other industries.

Cyber security in traffic is a hot topic in Helsinki at the moment. This autumn, the city of Helsinki made a pilot of robotic buses. Recently, Finnish experts have announced their vision of a maritime revolution of autonomous shipping. Additionally, a major robotics event this week has one whole day dedicated for the automatization of traffic.

As in all security, we can never achieve absolute security in autonomous traffic. But we can and must strive to make it as safe as humanly - or should we perhaps say robotically - possible.

Read more how Tieto Security Services can help you manage your online security.

Stay up-to-date

Get all the latest blogs sent you now!