How can connected car security issues be detected and mitigated?
IEEE senior member Alexander Wyglinski discusses why the vehicular tech industry needs to shift gears to put the brakes on connected car security threats.
Whenever you bring up the topic of IoT and vehicles, connected car security issues are inevitably part of the conversation. Embedded sensors are integral components of cars today, and the methods of detecting and mitigating any embedded sensor security threats are evolving.
Numerous forms of transportation systems, including cars, trucks, trains and planes, employ a network of embedded devices that are responsible for dedicated functions of that vehicle platform. For example, a road vehicle, such as a car, would have embedded devices handling fuel injection, power steering, transmission, anti-lock brakes and so on. As a result, these vehicles transform into a network of devices, which exposes them to external threats from malicious actors.
There have been several demonstrations where the embedded devices of road vehicles have been compromised, such as emergency brakes and power windows. These threats have often infiltrated the vehicle's onboard networks using wireless technologies, such as Bluetooth or tire pressure monitoring system devices.
In one of the more infamous attacks, researchers wirelessly hacked into a Jeep Cherokee through its in-vehicle connectivity system that controls the car's navigation and entertainment. From miles away, the researchers were able to kill the engine, engage the brakes and even disable the brakes altogether.
As a result of these connected car security issues, the primary challenges currently faced by the vehicular technology community are identifying when a vehicle has been compromised and then knowing how to mitigate the impact of a threat once it has accessed the vehicle's onboard network.
In terms of mitigating threats, researchers have looked at lightweight cryptographic techniques in order to protect the data being transferred on the vehicle's internal network. As for identifying threats that already exist on the network, signal processing, machine learning and data science approaches are being employed to help recognize network behaviors that potentially correspond to external threats.
Although there is still much work that needs to be done, these new approaches in lightweight cryptography, signal processing, machine learning and data science are yielding potentially significant results that will help secure our vehicles from cyberattacks.