Autonomous vehicle complexity is the enemy of security

Expert Voices

AV complexity is the enemy of security

network of red, blinking car dash "door open" signs — Illustration:Rebecca Zisser/Axios

The remote assistance, telematics, wifi and other core systems of autonomous vehicles have vulnerabilities that could let adversaries control safety-critical components like steering, braking, and the engine.

The big picture: Complex, novel systems fail in complex and unpredictable ways. AVs and their supporting infrastructure form one of the most ambitious interconnected systems ever conceived, but this complexity is the enemy of security.

Consider the problems encountered in securing even simple connected devices like webcams, doorlocks and (in recent years) conventional cars. Now imagine strapping yourself into the passenger seat of an AV, with hundreds of computers, in hundreds of millions of cars, and billions more sensors in and around the road itself, all talking to each other and connected to the internet, through yet-to-be-finished technology and yet-to-be-finalized standards. It’s no wonder 75% of Americans are concerned about autonomous vehicle security.

Fortunately, we have roadmaps for success, drawing on experience in automotive safety engineering and other cybersecurity domains:

Reducing attack surfaces — especially by eliminating capabilities and code unnecessary for normal or emergency operations — limits the frequency and impact of accidents and adversaries. Software development and debugging tools often remain in vehicles on the road, granting capabilities to adversaries without benefitting drivers.
Isolating and segmenting safety-dependent components reduces the resources required to shield them from hazardous or hostile conditions. A hacked infotainment system should not allow for control of braking or steering.
Securely deploying software updates across Ford, Tesla and other fleets increases flexibility and timeliness, at a lower cost than replacements with updated hardware.

Be smart: Security is among the most difficult issues for AVs. Where the once distinct domains of automobiles and cybersecurity have collided, good-faith collaboration can make new forms of mobility safer, sooner.

Beau Woods is a cyber safety innovation fellow at the Altantic Council's Scowcroft Center for Strategy and Security.

Read more stories like this in our new weekly Axios Autonomous Vehicles newsletter. Sign up here.

Autonomous vehicles

Latest Stories

Latest Stories

What we know about what happened to Jamal Khashoggi

Box office sales predicted for a record-breaking year

CDC is investigating a multi-state salmonella outbreak

Obama rebuts 7 common excuses for not voting

Larry Kudlow says Fed chairman is "having a bit of a revolution"

Trump touts "natural instinct" for science while doubting climate change

The companies who have backed away from Saudi business over Khashoggi

After Khashoggi’s death, Turkey sees a path to greater influence

House Democrats denounce Trump's claims of Chinese election meddling

Podcast: The latest on Saudi Arabia

Brazil's Bolsonaro rejects support of ex-KKK leader David Duke

Elizabeth Warren defends DNA test after Native American criticism

EPA brags up lower emissions while Trump doubts climate change

Davos in the Desert's biggest name keeps quiet on Saudi allegations

#MeToo topples Indian government minister

Axios Pro Rata: Saudi saga — Devoted deal — Uber IPO hype

"Do no harm" is a poor standard for self-driving cars

Facebook stares down more trust issues

Google to charge for Android apps in Europe

Axios Login: Google to charge for Android in Europe — More trust issues for Facebook — Startup pitches home e-mail server

Stories

AV complexity is the enemy of security