Together with the connected car, the autonomous vehicle is the future of mobility. However, solving cybersecurity issues in the autonomous car has become a priority for manufacturers and users: protecting their systems in a scenario where cyberattacks are on the rise.
The autonomous car is a reality that promises to take hold in the coming years. It is estimated that 2040 will see the big take-off of this technology. The truth is that now, in addition to being means of transport, they have become Internet-connected devices and therefore vulnerable to possible cyberattacks, something that worries many players in the automotive world.
This industry is developing in a context that stands out for a year, 2022, which was marked by major attacks: three of them were specifically targeted at Ukraine due to the Russian invasion, and another against Costa Rica. In addition, companies such as Uber and Microsoft also suffered major cyberattacks. Even the International Red Cross was not spared by hackers.
What is an autonomous vehicle?
Before discussing cybersecurity in the connected car, it is important to understand the characteristics of connected cars, which are capable of sensing and understanding the environment around them. Broadly speaking, it is a means of transport that, through the use of sensor systems, Artificial Intelligence, AI, and algorithms, is able to make journeys without the need for human intervention.
In the universe of these vehicles, there are six levels of autonomy, depending on their ability to assess the environment and take control of the car, making decisions when necessary, just as a human would. On the first level would be those with sensors that inform the driver of the presence of nearby events or objects or simple driver assistance. The most sophisticated levels of high automation already include the use of Wi-Fi connections and AI algorithms, used to learn from different driving conditions, in order to be able to make complex journeys on their own and without a driver, although their use is still being finalised.
Waymo, Google’s autonomous driving project, which presented a robotaxi model in 2022 and whose availability is still awaiting approval, together with Tesla are some of the companies that are investing the most in the development of these vehicles and in their safety.
The latest level of automation is expected to be ready by 2030 and make the leap to the world’s roads. In this way, vehicles will be seen driving without any human assistance whatsoever. However, high-speed Internet connection will be vital, which is also the source of the problems these vehicles can cause.
The cyberthreats of autonomous vehicles
The autonomous vehicle will be connected in many different ways. It will be linked to the driver’s smartphone, to the mobile network that will give access to road data, to the GPS system, to the vehicles around it to communicate with them for safe and efficient driving, and to a huge number of devices and sensors that will emerge in increasingly connected cities.
All of these connections increase the exposure of the system to potential malicious intruders, which is why cibersecurity is a vital concept in autonomous driving. Very briefly, the main problems to which these vehicles are exposed are the interference of a third party in the driving, which would mean the loss of control of the vehicle, as well as the theft of the data generated by the car.
Nor should we forget the possibility of theft, as the connected car will have the weakness that its security systems can be overridden from anywhere in the world.
How to improve cybersecurity in connected vehicles
One of the actions to prevent certain attacks is the involvement of car manufacturers who are implementing threat detection systems and prevention measures such as the installation of firewalls, intrusion detection and continuous monitoring of vehicle networks. They also release regular software updates to fix security vulnerabilities and thus improve protection.
They also use encryption of data transmitted between vehicle systems and external systems to protect the vehicle against unauthorised access.
Legal implications and implemented security measures
The legal implications of having your vehicle hacked are also a concern. Who will be responsible for a possible accident if the breach of the system cannot be proven? Will it be the manufacturer or the developer of the software that has shown itself to be vulnerable? These are issues that are beginning to be assessed by experts in the industry in order to anticipate their consequences.
What is important, however, is the effort that the automotive industry is making to prevent these problems from occurring. Although the work is still under development and it is difficult to predict what kind of security connected vehicles will look like in just ten years’ time, some systems are already beginning to gain confidence.
Systems against DoS and DDoS attacks, sharing the existence of threats through technology V2I, V2V technology, or creating comprehensive blocking programmes that are triggered by the detection of any security problem are just a few of those that provide engineers in the industry with the most security.
However, it seems likely that cybersecurity in autonomous cars will be one of the critical issues for the developers of these vehicles, which need to be as safe as today’s cars, but must also be as resistant to cyberattacks as never before on the road.