After news of security flaws in BMW computer systems, five experts look at the implications for autonomous vehicles.
Look, no hands: business secretary Vince Cable tries out a driverless car. HUGH BOYES
Cyber security lead at the Institution of Engineering and Technology
Some would ask if any software system can be truly hack-proof. The
bigchallenge will be how do you maintain the software in a state where
it’s secure throughout its life. We’re already looking at 100m lines of
code, and that’s for a car where the driver is still very much in
control. We’ll probably be looking at [code that is] an order of
magnitude larger for something that’s driverless. That’s an awful lot to
get right. In cars on the road today there’s been a big push to have
mobile broadband connecting into the entertainment console, but that
console doesn’t really need to be connected to control systems like the
brakes and the steering. So there are some logical steps that can be
taken to try to reduce risk, reduce the chance of someone hacking in
externally.
COUNCILLOR DENISE HYLAND
Leader of the Royal Borough of Greenwich
All the trials, including the GATEway trial in Greenwich, are
examining how driverless vehicles might be used in an everyday
environment and what is needed to make that happen safely. Ensuring
driverless transport networks are resilient to hacking and other
security vulnerabilities is a clear aim for us and, given the constant
evolution of digital systems, security against hacking is something we
will continue to review as we learn more about how the technology might
work in reality. We are confident that the Greenwich consortium, which
includes experts in cyber security, is well placed to examine these
issues.
ANDREW MARTIN
Professor of Systems Security, Oxford University
Nothing is hack-proof – everything is a trade-off between how much
you want to invest in protecting it, and how much your adversary wants
to invest in breaking it. As far as anyone knows, the number of people
who want to do malicious damage to cars is very low, and the number of
highly malicious people with the means to do such a thing is very low
indeed. Unless hackers can find a way to hack your car and turn a
profit, they won’t be interested. To get an MoT certificate, autonomous
vehicles are going to need very careful safety analysis. That doesn’t
mean they won’t be hackable, but it does mean there will be lots of
failsafes in place. I expect to see more attention paid to their
security within the expert community. There’s much more prospect of
malicious activity on all the other things that are getting connected to
the internet.
JONATHAN BROSSARD
“White Hat” hacker and director of Toucan Systems
In terms of connecting them remotely, in cars on the move you
basically do that over GSM, 3G, 4G phone networks and we don’t know how
to [make this secure] properly. It is so easy to break the communication
of phones. Software is a minimal part of it. Fundamental network
protocols are so bad that, whatever software you write on top of it, is
going to be garbage. I wouldn’t be dramatic and say there’s nothing we
can do, but I would say it’s like trying to build a huge dinosaur using
weak bricks. However, the people who are stepping in on driverless cars
are the major players – like Google, which has the best security team in
the world. From a technical perspective, driving a car from the
internet is not very difficult to achieve. The reason I’m not too
concerned is because I don’t think my kind wants to kill me.
JEFF WILLIAMS
CTO and founder of Contrast Security
The software in cars is, for the most part, only accidentally secure.
Most automobile systems aren’t connected together, it’s just a bunch of
loosely connected gear. Many systems are “air-gapped” from each other
and most can only be accessed through physical connections and very
near-range transmission but we are rapidly turning the car into a
computer on wheels. We’ll see the air gaps go away as the systems on the
car get connected. Driverless vehicles have considerably more software
than regular old cars. And that software is directly connected to the
most important systems of the automobile – steering, brakes, lights,
horn, transmission. So the attack surface of these driverless vehicles
is considerable, and surely someone will find a way to hack it. I just
hope it’s a responsible security researcher and not a malicious
psychopath.
