NEW ROADS: Issues of trust & security in autonomous cars
There is a gap when it comes to trusting autonomous vehicles, according to a study released in January by Autolist.com, which says that division runs along some interesting lines — suggesting that some groups may be earlier adopters of self-driving cars than others.
The survey, which included 21,322 vehicle owners, found that the number of females who don’t trust autonomous cars beats the number of males by 12.3 percent.
Autolist also found greater distrust among those using Uber versus those taking a Lyft.
“Uber riders are less trusting of autonomous technology than Lyft riders; data shows that the number of people who would not trust any form of autonomy today is 7 percent higher for Uber riders than it is for Lyft riders,” the study indicated.
A group that tends to show more trust in autonomous vehicles are prospective EV owners according to Autolist.
These folks are 23.2 percent more likely to have trust in autonomous vehicles than consumers who are not prospective EV owners.
“In addition, 20.5 percent more prospective EV owners believe some form of autonomous technology should be allowed by law today,” Autolist noted.
Though the Autolist results did not specify the reasons for trusting or not trusting autonomous vehicles, safety and security could arguably be among the major influences either way.
Regarding the latter, Auto Remarketing connected with David Masson, who is the country manager for Canada at Darktrace, which is a U.K.-based cybersecurity company with international operations, including the U.S. and Canada.
Previously, Masson served as an agent with Canadian and British intelligence agencies.
Asked what cybersecurity-related threats autonomous vehicles pose once they reach a critical mass in the market, Masson boiled it down to two networks: information technology and operational technology.
Otherwise known as IT and OT.
You’re probably more familiar with the IT network, as it revolves around data and its manipulation, transmission and use in decision-making, Masson explained.
The type of network you might find within your PC or laptop.
“And OT — operational technology — that’s the computer systems that actually make machines do things; it makes thing switch on, switch off, go left, go right, speed up, slow down; build cars themselves,” Masson said.
“I don’t know if you’ve ever seen those movies of all the robots welding cars together, that’s all run by an operational technology system,” he said.
“So you’re looking at threats to both of those. And on the IT side, you’re looking at potential threats to changing that data, false data, manipulative data, data that goes in and cons you into sending your money for your ride somewhere else rather than to the people that are supposed to receive the money,” Masson said.
Changes to the system on OT side, however, could be a “potentially a far bigger threat,” Masson said, adding, “because at the end of the day, you want to be able to rely on the fact that your brakes will brake when they’re meant to brake and not develop a mind of their own, or as more likely to be the case, develop the mind of somebody else.”
That might sound chilling.
But it’s something the industry should bear in mind from the very beginning of the process of building autonomous vehicles and the networks that run them, Masson said. He urges against building vehicles and networks and then trying to install security at the end.
Think of security from the very start and throughout the entire process.
“They also want to be considering visibility on the networks,” he said. “Say, a network that runs thousands of cars, you’ve really got to know what is on there, what’s going on and seeing it in real time. Similar thing for individual cars themselves. You really need to know what is in my car, what is doing what inside my car.”
Masson also stresses the importance of having “every-threat detection” for the vehicles and the networks.
“And I mean, now. As it happens,” he said. “So you can deal with it now before it becomes a bigger problem.”
But sometimes, humans can’t handle the scope and speed of the cybersecurity threat in the most optimal fashion.
“There’s just so much of it and it’s moving so fast, human beings can’t deal with it. So you need a system that’s going to prioritize those threats for you in real-time. And that’s really artificial intelligence and machines,” Masson said.
“And what I mean by that is, if you’ve got five threats, you can’t deal with all five at one go. You want something that says to you, ‘Deal with threat No. 4 first, then threat No. 2, then threat No. 5 and then you can do 3 and 1 afterwards.”
OEMs should also be vigilant around their supply chain. For instance, Masson points to the Target hack a few years ago that was due to a supplier.
Automakers need to ensure that anything that goes into the vehicle or networks is not harmful, he said.
But it goes both ways. Folks within that supply chain need assurance that nothing from the automaker is going to harm them, as “the supply chain can get infected by you as much as you can get infected by your supply chain,” he said.
And dealers won’t be immune to this, as they are the consumer-facing representative of an automaker, to a certain degree.
“They’ll have to make sure that their systems are safe. It’s just exactly the same as I said for the network that will run the actual autonomous vehicles. Manufacturers and dealers are going to need to know what is on our network, ‘what have we got — is it all there because we’ve put it there or (did) somebody put it there?’”
As it pertains to overall cybersecurity, ride-hailing and car-sharing services could face threats, too.
“If you’re looking at ride-hailing and car-sharing companies, that kind of thing, obviously, right now you’ve got drivers. And I’m fairly confident they’ll have frauds being committed by those drivers,” Masson said.
“So, they may not know who their drivers are in some cases. And in the future, that will be ruled out because there won’t be any drivers,” he said. “But they’re still going to want to make sure that the vehicles that they have in their networks haven’t been tampered with or changed in some kind of way.”
Editor's Note: This is the second story in Auto Remarketing's “New Roads” series, examining the latest technology and innovation impacting the retail automotive space. The first story can be found here.