Over the past few years, excitement has been growing over the approach of the self-driving car, which is expected to merge into mainstream traffic within the decade.
Way back in 2010, Google’s autonomous coupe had already made child’s play of San Francisco’s twisty Lombard Street and logged thousands of error-free miles in the California hills to confirm what we already know — that man, not machine, remains the biggest threat on our highways.
Not surprisingly, the advent of robotic cars also sent auto insurance companies scrambling to figure out how to insure them — and who should be held liable if something goes wrong.
But recently, a pair of “good hackers” threw a serious wrench into the self-driving scenario by demonstrating how easily a self-driving vehicle might be hijacked via the Internet.
Lessons from takeover of conventional car
With a reporter from the technology website Wired behind the wheel, cybersecurity experts Charlie Miller and Chris Valasek managed to hack into a non-self-driving Jeep Cherokee’s entertainment system through its Fiat Chrysler Uconnect telematics feature. They seized control of the vehicle’s engine, steering and braking systems. Fiat Chrysler has since made a free software patch available online to address the vulnerability.
Here’s the rub for driverless cars: If left unsecured, wireless connectivity — which has heretofore been used primarily for onboard navigation systems and keeping the kids entertained in the back seat — could prove problematic, if not fatal, should an autonomous vehicle be hacked.
“Anything that connects to the outside world is an attack vector, from my point of view,” Valasek said.
National Highway Traffic Safety Administration chief Mark Rosekind agrees.
“We know these systems will become targets of bad actors,” he told a news conference. What’s more, if consumers don’t believe that a connected autonomous vehicle is as safe as their minivan, “they will not engage it,” he added.
Lawmaker: ‘Rules of the road’ needed
Congress has been keeping a close eye, as well, on the potential cybersecurity risk to self-driving vehicles — and lawmakers are not just worried about hackers. A report by Sen. Edward Markey, D-Mass., notes that a host of onboard systems, including Bluetooth, Wi-Fi, navigation and even keyless entry systems, all collect information about drivers, including where they travel and park, that is being kept by car companies without any privacy standards.
“We need rules of the road that are clear and that protect drivers from hackers and data trackers,” Markey concludes. “Automakers don’t have safety or privacy protections that are built in.”
The nation’s two largest automotive trade groups agree. Late last year, the Alliance of Automobile Manufacturers and the Association of Global Automakers embarked on a plan to secure driver data before onboard cyberattacks become widespread.
“Strong consumer data privacy protections and strong vehicle security are essential to maintaining the continued trust of our customers,” Alliance spokesman Wade Newton says in a statement. “Auto engineers incorporate security solutions into vehicles from the very first stages of design and production – and security testing never stops.”
What’s your take? Are self-driving cars ready for Main Street?