From the Ground Up: How the Cars of the Future Will Be Secured

By on Oct 06, 2015

Autonomous systems are doing wonders for us, whether it be in factory manufacturing or recommending where you go to get your next Pumpkin Spice latte. They’re freeing up time, producing more goods and sending us to those quaint little cafés that we may have never discovered otherwise. But our autonomy-based economy has a long way to go still—especially in the world of transportation.

In a few short years, we’ll start to see driverless cars become much more common. But the technologies fueling these cars of the future will need constant updates. Like today’s oil changes, car security software updates will be commonplace, and necessary for safety reasons. In fact, we’re already seeing this.

So, why will there be a growth in security patches for cars? Simply put: the number of ways cybercriminals can exploit a vehicle is exploding. Since future cars will talk to one another, scan the road ahead, and send and receive information from the Internet, cybercriminals will have a bevy of opportunities to exploit vehicles. In fact, some cars today, with wireless key entry can be easily broken into with materials costing less than $100.

Advanced networking could exacerbate this. Advanced driver assistant systems (ADAS), advanced fleet management, smart transportation and autonomous driving—where driverless vehicles talk to one another for efficiency and safety—could all face serious security vulnerabilities.

Luckily, we’re preparing well to combat these security weaknesses, by designing security into our automotive products from the beginning. In particular, this will include three layers of security: hardware modules, hardware services and software security services. Hardware security can provide cars the necessary cryptographic performance, allowing them to securely talk to one another without risk of malicious instructions being injected into communications. Software security can also provide active scanning for malicious activity.

That’s why we at McAfee are forming the Automotive Security Review Board (ASRB), a board encompassing the top security industry talent in cyber-physical systems, to better secure the vehicles of tomorrow. With the ASRB, we’ll be working hand in hand with the auto industry to secure autonomous vehicles and our future transportation fleet.

So, let’s say you have a newfangled smart car—one complete with Internet connections, driver-assist technologies and more. What can you do to make sure your car is safe? Well, there are a few things to bear in mind:

  • Keep your software up to date. The best thing you can do for any device you own — whether it’s a smart car or a smartphone — is to keep its software up to date. For cars, software updates can come in a variety of forms. Some will come wirelessly, while others may require you to insert a custom USB stick into a special port. Review your driver’s manual or ask your dealer for more details.
  • Keep an eye on the news. Right now, cyberattacks on cars are uncommon, and cybersecurity researchers are actively looking for, and helping to mediate, potential threats. If you hear of a vulnerability in the news, check with your car manufacturer for an update, and fix your vehicle in accordance.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and Like us on Facebook.

gary

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Subscribe to McAfee Securing Tomorrow Blogs