The future of connected cars: overcoming the cyber-security threat

The future of connected cars: overcoming the cyber-security threat

Professor Pete Lockhart discusses the increased threat from cyber-security with the proliferation of connected and autonomous road vehicles.

Over the past few years, the hype focused on the emergence of autonomous or driverless cars has increased and so too have the questions around cyber-security. A number of big brands have made early inroads into the development of autonomous vehicles, including Ford, Tesla and also Uber, whose “driverless cars” were tested in California in 2016. 

One notable similairity that these brands share is that they're all a new breed of motor manufacturer, technology companies who've made the decision to venture in the world of automotive. Even Tesla, which started life in automotive, is still widely thought of and behaves like a technology start-up. But, where these companies lead, others are set to follow. Jeff Klei, president of Continental AG's North American region, predicts that as many as 54 million autonomous vehicles will be on the road by 2035.

For this futuristic vision to become a reality, more of our cars need to become connected, but as connectivity increases so does the potential for cyber-attacks.  

With the technology now at our disposal to potentially transform the automotive industry, just how are manufacturers dealing with this increasing threat? 

The battle between manufacturers and hackers 

Today, many new cars now have connected features as standard and we expect the number in the UK to rise to 8.6 million by 2020. As more and more of the car becomes connected it will become possible for hackers to seize control of the vehicle or any one of its component parts. Allowing a hacker to brake, steer or accelerate a vehicle has far-reaching and dangerous consequences. Therefore, it is in the manufacturer's best interest to consider cyber-security assessments as commonplace. 

Research carried out by the International Data Corporation (IDC) in 2016 revealed that almost half of British drivers are still concerned about the security of driver-aid applications such as cruise control and self-parking. Yet what the majority of consumers do not realise is that cyber-security considerations need to go far beyond assessing these relatively commonplace features when it comes to buying a car. 

We have seen some manufacturers starting to take notice by investing heavily in security, such as Tesla, Fiat Chrysler and GM, in a bid to reduce the threat of cyber-attacks. However, it's an on-going struggle for manufacturers. While one component may be secure on its own, weaknesses can be introduced as soon as it's combined with another. 

One way to alleviate against the risk is to introduce a baseline level of security that works across the industry, safeguarding that every car is built with security embedded into the very first stages of design. 

5*starS is a global centre for the development, testing and commercialisation of connected autonomous vehicles. It brings together a number of expert partners including Roke to address the increased threat from cyber-security caused by the proliferation of connected and autonomous vehicles by incorporating this baseline level of security into every connected car. 

The consortium will research and develop an innovative assurance methodology to guarantee that connected autonomous vehicles, components and systems have been designed and tested to the relevant cyber-security standards throughout their whole lifecycle. The ultimate aim of the consortium is to develop a 5-star type consumer rating framework.  

A connected world is a safer one    

Though this may appear to be more trouble than it's worth, the benefits of producing a future of connected cars is life changing for motorists. Not only will drivers be able to spend their journey time doing something more meaningful, whether that be working on the go, reading a book or catching up with sleep, drivers and pedestrians will be safer. For example, if a pedestrian is about to step out in front of a vehicle, the vehicle can brake before the driver has a chance to react though various sensors and AI.  

The wider benefit for the environment and long-term economy is also too great to ignore. It is predicted that fewer cars will be on the road, as car sharing is expected to replace outright ownership, which in turn will drive down CO2 emissions. Vehicles will also be able to communicate with road sign, traffic lights, other cars and traffic management offices, meaning they will automatically know the best route through towns and cities, saving time for passengers and reducing congestion. 

However, despite the benefits associated with connected vehicles, how easy will it be for manufacturers to evolve their supply chains to focus on cyber-security prevention? Currently there is a lack of consensus on how to deal with this among the majority of manufacturers and according to IDC research, many manufactures believe there could be a security lag of up to three years before cars with driverless features are up to scratch in terms of defending against cyber-attacks. 

One thing is clear, it will only be through independent thinking, testing and third-party certification that the automotive industry can fully guard against cyber-security threats to win public confidence and ensure the success of the connected vehicle. 

Contributed by Pete Lockhart, commerical director, Roke

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.

This article originally appeared at

Copyright © SC Magazine, UK edition

Most Read Articles

Hackers using brute-force attacks to infiltrate e-mail systems protected by MFA

Hackers using brute-force attacks to infiltrate e-mail systems protected by MFA

Re-designed Gmail poses new potential threat to 1.4 billion users

Re-designed Gmail poses new potential threat to 1.4 billion users

GitHub now warns you about flaws affecting your Python code

GitHub now warns you about flaws affecting your Python code

My Health Record: the case for opting out

My Health Record: the case for opting out

Would you like to receive

Our Newsletter?