Self-driving cars will be the new frontier for cyber security

In the first of a new blog series, Dr Manimuthu Arunmozhi, a Lecturer in Cybersecurity and Business Analytics, and a member of the Cyber Security Innovation Research Centre at Aston University, explains how autonomous cars will offer great security careers for young people

Dr Manimuthu is a passionate cybersecurity professional with eight years of experience, and one of his specialisms is penetration testing of autonomous vehicles

Almost 20 years ago in 2004, vehicles lined up in the Mojave desert to complete a 142-mile course without a human at the wheel.

None of the cars finished the course, with racers catching fire, slamming into walls and the ‘winner’ managing just seven miles before getting stuck on a rock.

But the very next year, one vehicle completed the Darpa Grand Challenge course, paving the way for self-driving cars, and the security challenges of the future.

For students both skilled in, or curious about, cyber security, the self-driving car sector offers huge opportunities, says Dr Manimuthu Arunmozhi, Assistant Professor in Cybersecurity and Business Analytics, Operations & Information Management at Aston University.

Now, the first Darpa Grand Challenge seems like a distant memory today, with Tesla vehicles having driven 150 million miles in ‘self-driving’ mode, much of it on public roads. Meanwhile, McKinsey predicts that the self-driving car market could be worth up to $400 billion a year by 2035.

The average car already runs 100 million lines of computer code, and this is going to boom even further as the market moves towards fully autonomous self-driving cars – bringing new challenges and opportunities for cyber security professionals.

Dr Manimuthu paints a picture of a future in which each and every household owns a low-cost autonomous car. “That’s the potential of the autonomous car market. It will generate billions of dollars in revenue.”

This huge new market will have a need for thousands of cyber security professionals, Dr Manimuthu stressed, with malware and exploits evolving as fast as the technology itself.

The idea of ‘hacking’ or ‘patching’ a car might seem surreal today, but in the near future, the risks of ‘car hacking’ will be very real, and a new generation of cyber professionals must be ready to meet it.

The concept of hacking a car became reality in 2015, when two hackers were able to wirelessly ‘take over’ and then stop a Jeep on the highway, taking control of everything from the stereo to the vehicle’s air con.

Why vehicles are vulnerable

Dr Manimuthu warns that the big challenges for cyber security will come when fully autonomous vehicles – with no need for any human intervention – take to the roads.

“When there’s the capability for human intervention, someone is there to tell the system that there’s a problem.

Hackers and malware creators know there are lots of vulnerabilities and huge scope to get into vehicle systems, through hardware, software and firmware. Dr Manimuthu says with certainty that the vulnerabilities will keep on evolving.

So, when cars become fully autonomous, the hundreds of vulnerabilities seen today will multiply to thousands and thousands.

Dr Manimuthu explained: “Nobody really thought about autonomous vehicles until Tesla, but now the idea is gathering pace, with manufacturers such as Ford and Daimler experimenting, alongside tech companies such as Waymo and Zoox.”

Three facts about autonomous vehicle security 

Sensors make a difference
The technology is far older than people imagine, with a Mercedes van laden with computer equipment having driven 1,000 miles on public roads as early as 1995. The huge number of sensors used by self-driving vehicles, from cameras to LIDAR ‘laser radar’, is what makes them vulnerable. Did you know that their autonomy depends on the position of the sensors and how they are behaving? According to Dr Manimuthu, sensors come with potential for multiple new vulnerabilities.

Ethics must play a role 

The challenges of ‘securing’ a car are very different to securing a computer, for example, because when a car is moving, there’s the potential for human fatalities. This has huge implications for the way the cars of the future will be designed. Dr Manimuthu reminds us that we are developing this technology for human benefit, and that we should always keep that perspective.

“Most autonomous cars have a failsafe mechanism. When there is a steering wheel out of control or the acceleration is not working or the braking failure happens, then there needs to be a system to keep passengers safe.”

Wireless connectivity is key

Security patches for autonomous cars will be delivered via 5G – and wireless connectivity will be key to ensuring the vehicles work safely. Even in a tunnel, autonomous vehicles must be able to connect, Dr Manimuthu says.

Dr Manimuthu believes the technology has the potential to be a ‘game changer’ as the idea of self-driving continues to spark the public imagination.

Feeling inspired to pursue higher or further education to land yourself a career in autonomous vehicle security?  Reach out to us to discuss further.