Autonomous cars are now becoming more of a reality as carmakers and their partners continue the development of self-driving technologies. Connected vehicles now actually exist but auto companies see that more things can still be done. As cars become more connected and head onto full autonomy, there is also a growing need to secure them. As to how, BlackBerry has recommended a seven-point framework.
According to BlackBerry, cars might become more of a membership perk than ownership objects as autonomous driving technologies improve. This is because connected and self-driving vehicles become more prone to cyber attacks and failures. The company is seeing four trends in the auto industry that are causing such vulnerabilities: vehicles access, software control, autonomous driving as well as the changing state of software. Sandeep Chennakeshu, President of BlackBerry Technology Solutions, said in a statement that protecting a vehicle from cybersecurity threats requires a holistic approach.
To address such cyber risks, carmakers could adopt seven security measures, as outlined by Blackberry in its white paper.
First, companies have to “secure the supply chain.” Auto companies need to make sure that its supply chain – as well as the delivered software and hardware components -- are all safe and secure.
Second, carmakers should “use trusted components.” They should create or employ a security architecture deeply layered in a defense from attacks. An in-depth architecture utilizes secure hardware, software as well as applications.
Third, carmakers need to “employ isolation and trusted messaging.” This means that auto firms should have separate safety critical and non-safety critical systems. Despite being isolated from each, there should be trusted communication between these safety critical and non-safety critical systems, as well as to the world outside.
Fourth, auto companies have to “conduct in-field health checks.” Through regular scanning and reporting a set of parameters while the vehicle is out on the field, carmakers could monitor a car’s health.
Fifth, carmakers need to “create a rapid incident response network.” Common vulnerabilities and exposures (CVE) – as well as advisories – should be shared through a trusted network of companies.
Sixth, auto companies should “use a lifecycle management system.” As soon as an issue is detected, carmakers have to proactively re-flash a vehicle through a secure over-the-air software updates.
Seventh, vehicle manufacturers are to “make safety and security a part of the culture.” Companies should ensure that all their auto electronics suppliers are well-trained in functional safety and security practices.
BlackBerry will be demonstrating its vision for connected cars and autonomous vehicles at the Consumer Electronics Show (CES) in January 2018 in Las Vegas.