Attention
This website is best viewed in portrait mode.
Publication Name: Express Computer.in
Date: February 01, 2024
Securing the future of mobility: The role of cybersecurity in autonomous vehicles
The auto industry has undergone an extreme transformation driven by technology, particularly software innovations that elevated safety, sustainability, connectivity, and the overall user experience. Advancements in the field of EVs, autonomous driving, and software updates have revolutionised and enhanced the vehicle’s performance, and improved vehicle design, manufacturing, and operational services. The integration of advanced technologies like human-machine Interface has redefined user interaction, all accessible remotely.
Autonomous cars are no longer a futuristic concept but a tangible reality, the future of mobility, equipped with sophisticated sensors, artificial intelligence, and intricate communication systems. However, with these advancements comes the looming threat of cyberattacks, prompting a paradigm shift in how we approach the security of autonomous vehicles solving these cybersecurity issues in autonomous cars has become a priority for manufacturers and users: protecting their systems in a scenario where cyberattacks are on the rise.
Rise of autonomous vehicles
From traditional fossil fuel-powered engines to EVs and now evolving to Autonomous vehicles, the automobile industry has witnessed tech-led evolution largely in recent years. Bharath Rao, Co-Founder, and CEO, Emobi says, “Driverless taxis and autonomous vehicles testing has reached a level of maturity where Original Equipment Manufacturers (OEMs) are refining their Augmented Reality (AR) and Virtual Reality (VR) modules to enhance reliability and the overall experience for both riders and operators.”
The trend of electrifying vehicles is expected to continue further. As existing Machine Learning (ML) and Artificial Intelligence (AI) platforms improve, larger fleets—especially in sectors like mining, logistics, ports, and airports—will increasingly become autonomous.
“AR and VR technologies, as well as their implementation across vehicle platforms, are undergoing significant development to facilitate the transition toward minimal human interventions in automotive operations in the future. In many ways, the current implementations of AR and VR in vehicle operations serve as essential precursors to fully autonomous vehicles. The implications and ramifications of widespread autonomous vehicle usage will be substantial, with core technologies having implications across various industries”, says Rao.
The rise of autonomous vehicles has ushered in a new era of transportation. It is estimated that 2040 will see the big take-off of this technology. Waymo, Google’s autonomous driving project, which presented a robotaxi model in 2022 and whose availability is still awaiting approval, together with Tesla are some of the companies that are investing the most in the development of these vehicles and their safety.
The latest level of automation is expected to be ready by 2030, showcasing vehicles capable of navigating without any human intervention and making the leap to the world’s roads. However, a high-speed internet connection will be vital, which might also make these vehicles vulnerable to cyber threats.
Need for cybersecurity measures in autonomous vehicles
Autonomous vehicles are equipped with an array of sensors and advanced technologies generating a vast amount of data as they navigate the roads. This data feed helps the vehicle to analyse and make real-time decisions while building machine intelligence for future reference. However, this level of digitisation of the vehicle’s operating system might open gates for cyber threats and raise concerns regarding privacy, security, real-time location data, and hacking of the vehicle’s system.
As the vehicles remain well connected through different modes including the internet, cellular networks, and more, they are susceptible to cyber threats. A cyber attack on an autonomous vehicle can lead to disabling or even crashing a vehicle, remote hacking, tampering with sensor data and pose a significant threat to passenger safety and public well-being. Addressing these challenges requires a comprehensive and proactive approach to safeguarding the vehicle’s network connections, and operating systems, and ensuring real-life GIS monitoring for timely action to avoid any mishap.
Prakash Kumar, Head IT, Carl Zeiss suggests, “Living in an inherently unsafe world, our vigilant efforts to fortify systems against hacking are crucial. Acknowledging the inevitability of software vulnerabilities, autonomous vehicles, with their substantial computing power, resemble industrial control systems more than personal devices. Both involve minimally intelligent computers guiding mechanical processes. The vulnerability lies in potential attacks on the remote source and telemetry systems. If an autonomous car employs remote patching, hackers could compromise it through Man-in-the-Middle attacks, intercepting manufacturer-car communication.
Manufacturers, on the other hand, are doing their best to take care of the issue by minimising external data interfaces, strongly protecting the manufacturer’s remote systems, establishing strong means of authenticating remote telemetry, and having a closed system for code execution. But as an infosec person believes – nothing is fully secure.
Navigating the challenges and solutions in automotive cybersecurity
Advanced technologies like keyless entry and voice assistance are being incorporated into modern vehicles. According to Upstream’s 2022 Global Automotive Cybersecurity Report, about 82 percent of overall global attacks were carried out remotely, needing no physical access to the car. To ensure the safety of the vehicle as well as the passengers, it is essential to put into place robust security measures to guard against potential threats and attacks. This includes encryption technologies, authentication protocols, secure data storage systems, and regular updates to software patches.
Challenges like data breaches and privacy concerns, unauthorised access and hacking, ransomware threats, and malicious manipulation of vehicle behavior are anticipated to escalate rapidly. These issues not only pose significant threats to the cybersecurity landscape but also give rise to consequential problems such as damage to brand reputation and a decline in consumer confidence. Ensuring robust cybersecurity measures, including encryption technologies, authentication protocols, secure data storage systems, and timely software patch updates, is imperative to mitigate these challenges and uphold the trust of consumers in autonomous vehicles.
One of the actions to prevent certain attacks is the involvement of car manufacturers who are implementing threat detection systems and prevention measures such as the installation of firewalls, intrusion detection, and continuous monitoring of vehicle networks. For example, autonomous vehicle manufacturers, like Daimler, adhere to stringent regulatory standards such as ISO/SAE 21434, ensuring that their cybersecurity measures align with industry best practices and legal requirements.
Additionally, regular software updates like Tesla’s use of end-to-end encryption for over-the-air software updates ensure that communication between the server and the vehicle is secure, minimizing the risk of unauthorised access, and fix security vulnerabilities and use encryption of data transmitted between vehicle systems and external systems to protect the vehicle against unauthorised access.
Rigorous testing and validation protocols must be implemented to validate the vehicle’s performance under diverse conditions and continuous monitoring of the vehicle’s environment using advanced sensors aids in real-time threat detection. These comprehensive efforts collectively contribute to fortifying the security and performance of autonomous vehicles.
Biswajit Biswas, Chief Data Scientist, Tata Elxsi, adds, “Security has to be built in each layer of communication, leaving no room for vulnerability. For a critical system like autonomous vehicles, security is built inside out rather than outside in. Design plays a vital role in safeguarding autonomous vehicles from potential data breaches or cybersecurity risks. ‘Security by Design’ is a vital aspect as it integrates security features into the design of the vehicle’s architecture right from the start. A proactive approach is taken while designing to identify and address potential security risks. Design principles include incorporating factors like authentication, hardware security, privacy controls, data encryption and more. This helps significantly reduce the risk of data breaches and enhances the overall cybersecurity posture of autonomous vehicles.”
Future outlook: Cybersecurity as a continuous process
As autonomous cars continue to evolve the importance of cybersecurity cannot be overstated. Cybersecurity is a crucial requirement of any digital-driven product and it has to be inculcated in the design while the product is being developed. Therefore, by integrating security features into the design, adopting advanced technologies, and collaborating on industry-wide standards, manufacturers aim to ensure the safety, security, and trustworthiness of autonomous driving technology. With the onset of technologies like Gen AI, machine intelligence can be boosted to the extent that autonomous vehicles can detect not just road threats but cyber threats by an autonomous vehicle and take corrective actions as and when required.