Connected vehicle cybersecurity: Opportunity and responsibility

Is the auto industry our next innovation driver?

Last week, as leaders of the automobile industry gathered in Detroit to announce a new effort to protect our increasingly networked vehicles from future cyber attacks, President Barack Obama was calling for more investment in the development of connected car technologies that will save American lives and money.

ADVERTISEMENT
Industry leaders and the president understand that today’s cars are staggeringly complex machines – and rapidly becoming even more complex, with connectivity to the outside world and each other. In five to seven years experts believe we will have self-driving, or autonomous cars, similar to the ones that Google and several automakers are now testing. To gain automotive expertise, Google just added former Ford CEO Alan Mulally to its board.

This convergence of technologies is creating new opportunities for economic growth and jobs, as well as the potential to save lives, time and money.

“One study shows that Americans spend 5.5 billion hours stuck in traffic each year, which costs us $120 billion in wasted time and gas -- that's 800 bucks per commuter,” President Obama said during his recent visit to the Turner-Fairbank Highway Research Center in McLean, where many of these technologies are being tested.

Along with these benefits, however, come risks.

Automobiles’ dramatic increase in connectivity to the Internet provides many more entry points to the vehicle’s electronic systems for attackers to exploit. Cars now have more connectivity than most personal computers.

Manufacturers are keenly aware of this issue. Last week, at the Battelle CyberAuto Challenge, the Alliance of Automobile Manufacturers and Association of Global Automakers announced plans to create an Information Sharing and Analysis Center (ISAC) to address the cyber security threat, similar to those created by the energy, financial services and other industry sectors.

This is an important step. But it will be years before the first robust, efficient, hardened automotive system architecture rolls off the assembly line. The scale, model-line and geographical diversity of today’s fleet and the need for international standards create huge challenges.

What’s needed in the meantime is a system to detect anomalies that can be integrated quickly into automobiles to provide a defense. This technology must be universal, and platform-agnostic. It must be able to defend against threats to any onboard ECU or computer system. And it must be able to identify new threats without constant updates, which means that it should not be the signature-based threat-detection systems we are all familiar with in our laptops.

We also must invest – as Obama said – in research and development programs, as well as programs that create the cyber auto skills necessary to keep America competitive.

The effort will take the best of industry and government, working together, to achieve global automotive cybersecurity. It will take bipartisan commitment and a desire to lead.     

We’re at the crossroads where connectivity and autos converge. It’s critical that we recognize and grab these opportunities to improve our lives and create new industries, while taking responsibility for managing potential risks and threats that the connected car presents.  We can only begin to imagine a world where our cars, roads and lives are more connected. What we know for sure is that there’s no stopping innovation.  

Kelly is president of Battelle’s National Security Division.