Long road ahead for safe, secure & private autonomous vehicles
While next-gen connected and autonomous vehicles are being road tested daily, one of the biggest transformations in the history of the motor industry has still a long way to run if it is to deliver the safety, security and privacy we can trust, according to industry experts speaking at CW event at the Transport Systems Catapult in Milton Keynes.
“Autonomous capabilities are developing fast, with the first so called ‘Supercruise’ or ‘Highway Autopilot’ vehicles expected to appear in 2017 or 2018; but there are still major concerns that the current architectures are not yet fit for purpose to provide the levels of security required,” said Andrew Miller, Chief Technical Officer, Thatcham. “Our New Vehicle Security Assessment (NVSA) provides an international benchmark for the security of vehicles in any market, but insurers now require significantly improved on-board diagnostics security to extend physical security assessment into wireless connectivity security. This is a very complex area which requires the close cooperation of many stakeholders such as telecom and infrastructure providers.”
“There have already been several scare stories that have put automotive cyber security under the spotlight and highlighted the need for real-world counter-measures,” said Mike Parris, Head of Secure Car Division, SBD. “With an absence of relevant cyber security standards, the Automotive Secure Development Lifecycle (ASDL) is a seven step inclusive framework that is agnostic of specific methodologies and is therefore globally applicable and applies across the whole connected vehicle ecosystem to manage cyber threats in terms of safety, security and privacy. In addition, the trend towards integrating smartphones and related technologies in to the car is presenting some very significant challenges for OEMs due to the differences in product lifecycles between the automotive industry and consumer electronics.”
Manufacturers have to deliver robust in-vehicle platforms that are also resilient to influence from externally connected systems and third-party cloud services. The challenge will be to keep up with the ever-growing ‘threat profile’ and develop platforms and test solutions that deliver future-proof vehicles with certified resilience to these threats.
Peter Davies, Technical Director, Thales e-Security, told the delegates: “In the face of cyber-attacks it must be possible to understand how remediation may be rapidly applied. It is impossible to control the global attack surface and many of the techniques being discussed will in fact worsen the ability of distributed systems to defend themselves. Understanding what is reasonable, or semantically sensible, for a component of a certain type to be doing offers most promise in defending automotive security systems in a quantifiable way."
“The potential for environmental and commercial benefits and the safety of operators and passengers in connected and autonomous vehicles are all predicated on a wide range of new digital trust relationships,” said Nick Cook, Chief Innovations Officer, Intercede. “It is critical that digital trust can be established and maintained via properly managed digital identities between components, systems and people. Without it the industry cannot hope to move from concept and trial to commercial implementation.”
“The Transport Systems Catapult has identified automated vehicles as one of the largest opportunities for the UK within the fast-growing Intelligent Mobility sector, but if the general public are going to embrace this new form of transport they need to be reassured that it is efficient, accessible and, above all, safe,” said Neil Fulton, Programme Director, Transport Systems Catapult . “Cyber-security is clearly one of the challenges that people currently have understandable concerns over, so we were really happy to host this event, which brought together so much expertise in this crucial area.”
The event was sponsored by Rohde & Schwarz and organised by the CW Automotive & Transport SIG, championed by Andrew Ashby of Plextek Consulting, Tom Blackie of RealVNC, John Okas of Real Wireless and Nigel Wall of Climate Associates.