Do you remember how simple cars used to be? A dashboard with analogue dials and gauges that measured basic functions such as fuel, temperature and speed? If something was amiss with the engine, the oil light came on so you took your car to the garage (or even fixed it yourself if you were a good enough mechanic).
Today, even a basic new car is equipped with lots of sensors and electronic systems that monitor everything from tyre pressure to fuel consumption, and diagnose faults when they happen.
What’s changing now is that connectivity and data is reaching beyond the bodywork of the car making vehicles a growing part of the “Internet of Things”, says Martin Hunt, Automotive Industry practice lead, BT.
For example, what’s the first thing you do when you get into your car? For many of us, it’s to connect our smartphone, so we can make calls on the move (and it’s only a matter of time before we use that smartphone to lock and unlock our car). The second thing we might do is to switch on the built-in Sat Nav or begin recording with a dash-cam.
Quick off the starting grid
The automotive industry has been quick to take advantage of the Internet of Things to gain competitive advantage. Brochures and websites boast that sensors, telematics and connectivity make driving safer, more efficient and pleasant. By 2020, one in five vehicles globally will have some sort of wireless network connection. Leading car manufacturers already offer apps we can download to make the most of vehicle intelligence and connectivity.
What’s not to like? Driving should be safer, and easier, especially as our cities get ‘smarter.’ Local sensors can monitor traffic flows and provide real time information about road conditions. Whilst 30% of urban congestion is caused by drivers looking for somewhere to park, these location services can help us navigate congestion and find a space.
And when combined with sensors in the car, the data can be used to provide guidance to drivers helping them improve fuel efficiency and reduce CO2 and other harmful emissions that blight so many urban areas — an issue that’s increasingly on the agenda in city halls in the UK and beyond.
Within the car, more ‘infotainment’ will help to make journeys less stressful and more enjoyable. We already stream our personal playlists or podcasts and let younger passengers in the back seat watch their favourite films or play online games. As mobile connectivity improves, the range of services and experiences will only get better.
However, we mustn’t overlook the fact that more connected cars and connected people create new opportunities for cyber criminals.
A car might have 150 separate sensors on board (a number that will probably keep growing into the future), along with our smartphones and other mobile devices. We don’t want hackers to use them as a back door to creep in and interfere with the operation of the car, or steal valuable information.
So, in the same way that we’ve learned to protect ourselves when managing our personal finances online, we’ll need to do the same with our connected cars, whether we are buying, hiring or sharing a vehicle.
Yet this also begs the question – do we as consumers even consider cybersecurity as an area of great importance when buying a connected car? A connected car is an exploitable opportunity for hackers savvy enough to find their way into a vehicle’s inner workings.
Take the example of tyre pressure monitoring system (TMPS); a network of sensors in each tyre wirelessly transmits information about tyre pressure to the vehicles’ core computer system. If the signal is hijacked, the location of a particular car at any given time can be obtained.
Of course, car manufacturers take cyber security very seriously. Not only do car manufacturers build appropriate measures into their vehicles, but they make use of professional security services such as ethical hacking, and pay cyber security experts to attack their in-car systems to see if they can find a way in.
Ethical hacking gives the manufacturer and fleet companies an independent technical evaluation of the security of the connected car operating system in their vehicles and also external environment e.g. dealership, backend infotainment systems, tethered mobile phones.
It probes wired and wireless network infrastructures, devices and applications relentlessly looking for vulnerabilities before they’re discovered by criminals. At a dealer a test on the equipment used for diagnostic testing will be perform and also a check on the authentication process for engineers performing the test.
Ethical Hacking provide a comprehensive end to end test. At the beginning of this year, Chrysler launched its first “bug bounty” programme, offering as much as $2,500 to hackers who alerted them to potential security flaws in their vehicles.
But as owners and drivers we also have a responsibility. Do we understand the risks and how to protect ourselves? When we are buying a new, connected car, do we ask hard questions about its cyber security defences? When our car goes for a service, can we be sure that the laptop the engineer uses for diagnostics is free of malware or viruses? Do we make sure that the personal devices we connect to our vehicles have the latest software and security updates? Only fully comprehensive planning and testing will provide the reassurance buyers desire, and create vehicles that manufacturers, drivers and pedestrians can feel comfortable with.
And it’s not just the cars we own. We’ll need to be just as careful when we use rental or urban car sharing services and not accidentally leave our personal data (contacts, home address, browsing history, social media logins) in a third party vehicle. It’s a lot harder to retrieve than the old fashioned briefcase left on a train.
So it’s clear that securing the connected car is vital if we’re to enjoy these “Internet of Things” features that are beginning to benefit drivers, passengers and other road users. For our part as customers, security should now be something we check, along with fuel economy, performance and safety, when choosing our next car, either for purchase or hire.
The author of this blog is Martin Hunt, Automotive Industry practice lead, BT