When Your Car Can Communicate, Who Talks Back?
Data security on a connected highway
Until very recently, a car was a closed system. The only contact it had with the outside world was where the rubber met the road. Now GM has announced that its OnStar service will be expanding to provide a constant connection to the internet, and by 2017 some of its vehicles will be able to communicate with each other to “platoon” on highways. There are also real-time, in-the-cloud navigation systems and streaming audio services available in your car through your phone or your entertainment system.
But when a closed system becomes an open system, you introduce vulnerabilities. Viruses, denial of service attacks, and hacking all become possibilities when your car becomes part of the internet of things.
The worst-case scenario, according to cyber security expert Mark Spreitzer of CGI, a security firm that work with US defense and intelligence agencies, involves a malicious hacker connecting to the vehicle’s diagnostics system and issuing commands that disable brakes, report false information to the dashboard, or disrupt fuel delivery. And that’s just inside one vehicle. If that hacker can get into the infrastructure, he could spoof traffic data and mine patterns to create chaos in an urban area.
“The further we wade into tech,” said Johannes Lintzen, a vice president at Utimaco, maker of hardware security modules, “the scarier it gets.” His worst-case scenario involves someone hacking into a fleet of commercial vehicles, like tractor-trailers with full payloads on busy highways.
The more likely security scenario, according to Spreitzer, is a virus that looks for a signal, such as locking the doors, then responds by transmitting the car’s location and disabling security systems and opening the windows.
Part of security is also privacy, which is where we humans play a part. When was the last time you read an end user license agreement, or an app’s terms of service? Unless someone points out to us some heinous new change in the data mining that’s allowed by an app, we happily check the box and fire it up. It’s a tradeoff millions of us are willing to make every day: our data in exchange for convenience and cool new stuff.
Now the car, the second-most-expensive thing most people buy (after their house), is becoming the ultimate mobile device. “Security is not something a manufacturer can charge more for,” Lintzen said. “The customer assumes it is there.” So we’ll pay more for the in-car hotspot and the vehicle-to-vehicle (V2V) or vehicle-to-infrastructure (V2I) tech that makes driving safer and traffic smoother, but we’re not willing to pay outright for the security to protect all that data.
Auto manufacturers are baking that security into their cars anyway; after all, they have brands and reputations to protect. No one wants to make the car that gets hacked. It’s all about being able to trust the source of the data, whether that’s the car itself or the traffic light it’s talking to, or the traffic information it’s pulling from the cloud.
“Manufacturers install certificates when building the vehicle, thus providing reliability and integration before the vehicle reaches the customer,” Spreitzer said. CGI is working with several manufacturers, including Volvo’s ECO System, to provide that security. “CGI’s international standards-based Certificate Service includes a state of the art Digital Certificate Authority. Each certificate will be installed when the car is manufactured, ensuring reliability and integration with Volvo’s manufacturing systems, market service and cloud environment. Certificate keys prevent hackers from intercepting communications and impersonating the sender, also known as man in the middle.”
“We have best practices that we’ve learned over the past two or three decades,” Lintzen said. When the car is an endpoint in a highly connected system, everything has to be provided with an identity and authentication — cars, traffic lights, financial institutions — everything. The car has to be able to trust the data it is receiving, and the internet has to be able to trust the information the car is sending.
While the vulnerability risk is mostly on the vehicle right now, that will shift to the infrastructure as new technologies are deployed. Lintzen expects that technology to be online in a meaningful way within five years. Security experts need to be working as a partner with manufacturers and governments to make sure the architecture is secure and able to be updated.
“If we all come to the table understanding the mission of transportation and how the expectations of the consumer are changing,” Spreitzer said, “everybody is going to be successful.”