With companies like Tesla and Google, we are beginning to see the first signs of a driverless future – and, according to some reports, self-driving cars are already here. But while autonomous vehicles are meant to make driving safer and less stressful, they also present a whole new range of security challenges — challenges that must be addressed long before these vehicles hit the road in large quantities.
Consider a futuristic scenario in which a transportation and logistics company has taken drivers out of the equation with self-driving trucks, thus saving millions on employment and insurance costs. What would happen if hackers breached the networks that connect and manage these trucks? They could deactivate key sensors and GPS features. They could drive trucks remotely to undisclosed locations, stealing both the vehicles and their contents. They could even threaten lives.
It may sound far off and far-fetched, but a scenario like this one is the precise reason enterprises must begin assessing the risks and evaluating solutions for their future Internet-connected and autonomous vehicles.
From a security standpoint, new in-vehicle connected technologies—including laser range finders, cameras, ultrasonic devices, wheel sensors, and inertial measurement systems—will all be access points for hackers. If even one of these potential points of compromise is not properly secured, then the entire operation could come crashing down.
In addition to these access points, data and communications flowing between vehicles, mobile devices and the various “things” they connect to will need their own information governance policies to ensure safety. A protected, centralized location in the cloud would likely function as the best interoperability structure for these communications.
As for hackers, one way to prevent breaches would be a centralized secure token service. This would protect the vehicle (and devices connected to the vehicle) each time an action is requested. This way, hackers would not only have to breach the network—they’d also have to compromise the token.
Creating a security infrastructure for autonomous vehicles, of course, is a difficult task when vehicle-to-vehicle and Internet of Things infrastructures have yet to mature. But considering the fact that today’s popular smartphones and mobile applications are routinely hacked, it would be wise for OEMs, suppliers and technology providers to collaborate on security measures before the autonomous vehicle goes mainstream —because the consequences of a hacked car could be the direst yet.
