The security and safety risks of driverless cars have quickly become a hot topic issue for both regulators and consumer advocates. Many oppose the very notion of driverless cars due to the potential for catastrophic failure, while others advocate that they are safer than human drivers. In either case, self-driving cars are on the way and people need to be ready for the security requirements of one of the most complex and potentially dangerous computer systems to ever enter the market.
Manufactures estimate that driverless cars and fully autonomous vehicles will reach the market by the early 2020’s. The question of safety surrounding autonomous vehicles comes down to not just the vehicles themselves, but also the way they interact with humans in general. Autonomous vehicles are programed to obey laws to the letter, but as anyone can attest, many human drivers do not. Watch any busy street or city intersection and you will see an almost constant stream of drivers who behave erratically just to shave off a few extra seconds from their commute time. This means that the onboard systems need to be advanced enough to account for, and react to, human error and unpredictability. As if this wasn’t a problem enough, autonomous cars are essentially a networked computer on wheels, which means it is also vulnerable to the hacking and malware attacks that can befall normal computer systems.
The prospect of a hacked autonomous vehicle is a frightening one. Since driverless cars rely entirely on sensors and advanced GPS systems to navigate, a compromised system could easily result in an accident or death. All it would take is for a vehicle to be given directions to ignore traffic lights, or to careen off a bridge. Without a failsafe system in place, or strong built in security, the passenger or commuters would be at its mercy.
While the potential for chaos is certainly there, not all is lost. Autonomous vehicles are going to be under extreme scrutiny when it comes to security and operational requirements. In the business world, while security patches are usually available shortly after a vulnerability is discovered, it is always up to the end user to make sure they are applied. Autonomous vehicles will require a constant connection to a control server to function and will receive updates automatically. Additionally, while computers are designed to accommodate a wide variety of software, autonomous vehicles run on a closed operating system. This is similar to Apple or Chrome OS, but locked down to a much higher degree. This doesn’t mean that malware or hack attempts won’t occur, but it does take away the human error component, which is typically how malware propagates. This leaves direct attacks as the main threat, a prospect that already has some industries rushing to create a solution.
Just this month, Blackberry launched a trial cybersecurity software package for autonomous vehicles that it hopes will prevent real time hijack attempts. The system is designed specifically for manufacturers themselves. This means that there is no chance for an owner to neglect to update the software or miss a payment and have it discontinued. The security software is designed to constantly monitor all hardware and software components of the vehicle and will provide immediate warning of failure or tampering. The security suite has already caught the eye of Jaguar Land Rover and Blackberry hopes this will be just the beginning.
Unfortunately, whether or not these security measures prove sufficient is anyone’s guess at this point. Security experts have had decades to develop preventative measures for traditional computer systems but autonomous vehicles are an entirely new venture with countless unexplored attack vectors. As the technology continues to develop so will the types of threats that it will need to address, and as with any new technology, early adopters might be in for a bumpy ride.
