Since the invention of the internal combustion engine, the automotive industry has been going through a radical change process. Manufacturers of the automotive industry are no longer being a hardware manufacturer and evolving into a technology company. As a matter of fact, the story of autonomous vehicles and self-driving cars, which have become widespread today, goes back to the 1920s.
Although the first experiments were made in the 1920s, one of the truly automatic driving system trials was carried out by the Japanese Tsukaba Machinery in 1977. With this first driverless vehicle, in which tests were carried out with an analog computer and two cameras positioned on the vehicle in the laboratory environment, a speed of 30 km per hour was reached on specially marked streets.
After nearly 50 years have passed since these experiments, which can be considered the beginning of autonomous vehicles, the winds of radical change are blowing in the sector. Parallel to the rapid development of Industry 4.0 and digitalization, the automotive industry is also updating its dynamics under the influence of this change. In this context, Artificial Intelligence (AI)-based autonomous vehicles come to the fore in the automotive industry, while the designed artificial intelligence enables smart travels based on software technologies that do not require drivers.
“Like your computer, your vehicle can be hacked!”
There are risks, vulnerabilities and threats for every object connected to the Internet. We must also accept the reality of security that comes up with the concept of the “internet of things” defined as IoT. The automotive industry and connected vehicles are also among those affected by these cyber risks. If we take a look at some of the recent examples of cyber attacks in the automotive industry; The Wannacry attack on Honda in 2017 caused great damage to the brand. In 2018, many automotive giants, including Tesla, Toyota, Vokswagen, Fiat, Crysler, Ford and General Motors, were exposed to data leaks. In 2020, Tesla took an employee to court for sharing large amounts of private data with third parties by modifying the source code.
What are the Threats Encountered in Connected Tools?
While end users are sensitive to the risk of malware infection on their computers via the USB sticks they use, they are not aware that the same risk can be placed on their connected vehicles. The danger of using a USB stick with malware is the same on computers and cars.
There is also the threat of attack for the end user from downloaded applications installed in the in-car system. The use of unverified applications, whether in the cloud or embedded systems, carries risks.
Another risk in linked tools is the “Man In The Middle” attack. In this type of attack, the attacker listens for a communication and can manipulate the protocol in the interposed communication. Apart from these, there may be different attacks for each of the systems on autonomous vehicles.
Ensuring Cyber Security
A guideline standard for the management of risks in this area did not exist until recently. However, the ISO/SAE 21434 – Road Vehicles Cyber Security Engineering standard was published, creating a very useful framework for all cybersecurity issues for connected vehicles. Although it is a newly published and not well known standard today, we will frequently encounter examples of the application of this standard with the rapid spread of autonomous and connected vehicles.
If you are a supplier of brands that produce autonomous or connected vehicles in the automotive industry, it would be useful to take a look at this standard. In the coming days, your customer may be asked to comply with this standard.
I wish you healthy and information security days.
Be First to Comment