Automakers should consider adding real-time intrusion detection and response capabilities, National Highway Traffic Safety Administration says.
9 Innovative Products: Designers Of Things Conference
(Click image for larger view and slideshow.)
The sophisticated electronic components that are making modern cars safer, greener, and smarter are also making them dangerously vulnerable to cyberattacks.
Dealing with the threat will require automakers to think beyond typical preventive security measures such as encryption, strong authentication, and system segmentation, the National Highway Traffic Safety Administration (NHTSA) said in a report this week.
The report, and two others also released this week, summarizes the NHTSA's research on the security risks raised by the introduction of increasingly complex electronic components in modern cars.
It advocates the need for automakers to consider integrating real-time intrusion detection and response capabilities and methods for quickly extracting, analyzing, and disseminating threat data from compromised systems. Automakers and other industry stakeholders have until Dec. 8 to comment and respond to the report's findings.
"Our research across other industries indicates that prevention of cyber-threats would be impractical if not impossible," the NHTSA noted in advocating multi-layered defenses for next-generation automobiles.
The Moving Ahead for Progress in the 21st Century Act (MAP-21) requires the NHTSA to review the need for new security and safety standards for electronic systems in passenger vehicles.
As part of that effort, the NHTSA has been directed to review the security implications of new electronic components in automobiles, the interaction of electronic components with other components, and the effect of surrounding environments on the electronic systems in a vehicle.
Ford's collision mitigation system uses radar to detect, warn, and, if necessary, activate braking to help drivers avoid collisions with vehicles in front of them. (Source: Ford)
As the NHTSA notes in its report, cars built after 2009 have more than 60 independent electronic control units (ECUs) in them for controlling everything from heating and entertainment systems to steering, braking, and engine-monitoring functions.
Each of these ECUs is accessible either through wired interfaces such as USBs and SD cards or wireless interfaces including Bluetooth, WiFi or near-field communications. Autonomous vehicles like Google's futuristic concept cars are likely to pack a lot more of such components.
But like other connected electronic devices, the ECUs in modern vehicles are also vulnerable to accidental or deliberate compromise and manipulation. Security and auto industry researchers fear that the wired and wireless
Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
The Next Generation of IT SupportThe workforce is changing as businesses become global and technology erodes geographical and physical barriers.IT organizations are critical to enabling this transition and can utilize next-generation tools and strategies to provide world-class support regardless of location, platform or device