Smart cars might not get off the drive without more security

Smart cars might be the ultimate IoT example but without more security who would feel safe behind the wheel? Time for the channel to talk about infrastructure, security and telecoms

Smart cars might be just a few years away from appearing on the roads but they are already creating ripples in the security world as worries mount about the vulnerabilities in next generation autos.

For the channel the debate about the need for a coordinated response from the security, infrastructure and telecoms industries could also throw up opportunities for resellers providing advice and services to those users concerned about the impact of IoT on the corporate network.

In many ways the car is fast becoming the ideal testing environment for the potential of the Internet of Things concept with the vehicle able to capture information about its performance and environment. Data can then be fed into other applications that will help motorists caluclate fuel consumption and the timing of trips to the garage for replacement parts.

A connected car become part of the surface area that security products are trying to defend and up to date there are worries that not enough thought has been put into just what the security consequences will be of developing autonomous vehicles.

At an event organised by Cambridge Wireless to debate the challenges thrown up by the development of autonomous cars the fears of the security industry became clear.

“Autonomous capabilities are developing fast, with the first so called ‘Supercruise’ or ‘Highway Autopilot’ vehicles expected to appear in 2017 or 2018; but there are still major concerns that the current architectures are not yet fit for purpose to provide the levels of security required,” said Andrew Miller, chief technical officer at Thatcham.

“There have already been several scare stories that have put automotive cyber security under the spotlight and highlighted the need for real-world counter-measures,” said Mike Parris, head of secure car division at SBD.

In response the industry is coming up with its own standards to try to not only encourage more steps to be taken to ensure vehicles are secure but also to increase trust in the future passengers of the cars.

“The potential for environmental and commercial benefits and the safety of operators and passengers in connected and autonomous vehicles are all predicated on a wide range of new digital trust relationships,” said Nick Cook, Chief Innovations Officer at Intercede. “It is critical that digital trust can be established and maintained via properly managed digital identities between components, systems and people. Without it the industry cannot hope to move from concept and trial to commercial implementation.”

His worries about the need for more security were echoed by others at the event with Peter Davies, technical director at Thales e-Security, warning that any cyber attack needed to be dealt with quickly if damage was going to be limited.

“It is impossible to control the global attack surface and many of the techniques being discussed will in fact worsen the ability of distributed systems to defend themselves. Understanding what is reasonable, or semantically sensible, for a component of a certain type to be doing offers most promise in defending automotive security systems in a quantifiable way," he said.

The security industry is wrestling with the consequences of more devices being connected to the network with some of the latest gadgets being developed with a scant disregard for security.

Read more on Threat Management Solutions and Services