When it comes to hacking driverless cars, the nightmare scenarios are almost too frightening to contemplate.
Imagine a terrorist group plowing a handful of cars – unmanned – into a crowd. Or someone forcing a school bus travelling down a highway off the road. Or hackers halting an entire fleet of transport trucks and bringing the Trans-Canada Highway to a dead stop, costing the economy millions.
Hollywood has already honed in on this potential, with movies like The Fate of the Furious depicting supervillains sowing chaos by steering hundreds of hacked cars through New York City.
But as moviemakers let their imaginations run wild, manufacturers, governments and tech companies around the globe have stayed firmly rooted in reality.
And the reality is hacking a car remains difficult, and a Canadian city full of nothing but automated vehicles is probably decades away.
Still, all these stakeholders acknowledge that complacency would be dangerous. The computer systems embedded in cars on the road right now have already proven vulnerable.
And some of those vulnerabilities will persist when humans move out of the driver’s seat.
Last month, Canada’s Senate released a long-awaited report into automated vehicles, and cybersecurity was a central theme. The report revealed that as industry speeds into the future, government regulation and coordination hasn’t kept pace.
“Senators believe strong cybersecurity measures are essential to maintain public safety and public confidence in this new technology,” the senators wrote.
“These vehicles collect a vast amount of data and could be the target of hackers who want to use the vehicles for nefarious purposes.”
A controlled experiment involving a Jeep Cherokee in the summer of 2015 was the first time the vulnerabilities inherent in driverless cars became apparent.
The challenge was simple: two ‘good guy’ hackers, Charlie Miller and Chris Valasek, would attempt to take control of the Jeep on the highway, while Wired reporter Andy Greenberg sat behind the wheel.
It worked. From a house a few kilometres away, Miller and Valasek worked their way through the car’s systems, turning on the air conditioning, blasting the radio, flipping on the windshield wipers and finally wresting control of the accelerator, slowing the vehicle to a crawl.
A few weeks later, they stood in front of a packed conference room in Las Vegas and explained how they did it, leading Chrysler to issue a recall on 1.4 million vehicles that used the company’s Uconnect dashboard computers.
As far as we know, there have been no hacks carried out by people determined to cause real harm, but the Jeep hack was a wake-up call for the automotive industry.
According to Craig Smith, head of transportation research at security firm Rapid7, car companies are paying more attention to security and starting to see themselves more like software companies – which is encouraging.
“In the past, you pretty much made a car, you sold it and then you made your next car,” said Smith, who runs the Car Hacking Village at Defcon, the world’s largest hacking convention.
“You didn’t really do much more to continually maintain it, and so we made a transition in the last three to four years, to more of that model.”
While Charlie Miller, one of the original Jeep hackers, has called driverless cars “the apex of all the terrible things that can go wrong,” Smith is more optimistic about protecting them against incursions.
“Maybe counterintuitively, it’s actually harder (to hack them),” he said.
A regular, modern car zooms around with maybe eight sets of sensors, Smith explained, so if one of them detects an object in the car’s path, it will send a “packet” through a trusted network within the car’s computer systems that overrides the driver and hits the brake. Once a hacker gets in, they’re also trusted, so it’s not hard to fool a sensor and cause a reaction.
But self-driving cars are different.
“They have to do a lot more on the defensive side, so they’ll have a lot more redundancies, they have a lot more sensors,” Smith noted.
“As a hacker I’d have to fake a bunch of different sensors at once … it’s like faking out a human’s five senses. You can fake one of them, not too hard. But faking all of them? That’s a bit harder.”
Building a fortress
But car manufacturers, and the tech companies that support them, don’t want hacking to be a “bit harder.” They want to make it close to impossible.
General Motors has an entire cybersecurity unit, for example, working with “white hat” hackers to gain insight into where their cars might be vulnerable. Tech company Waymo and many others have joined Auto-ISAC, an industry-led initiative to enhance cybersecurity awareness and collaboration.
At BlackBerry, which last fall completed the first test of an autonomous vehicle on a Canadian road, engineers and designers are taking what the company has called “a holistic approach.”
What that means, in practice, is endless layers of hardened security – something on which the company has built its reputation.
“Really what we are building is a vault, within a vault, within a vault,” said Sandeep Chennakeshu, president of BlackBerry Technology Solutions.
“If you want really good security, you have to look at it from multiple aspects and build in the right structure, tools and technologies in an interlocked, meshed manner.”
BlackBerry’s “7-pillar” approach, Chennakeshu said, focuses on everything from securing the initial supply chain for chips and software, to isolating various computer systems within the car from one another (and often from the outside world), to periodic and secure software updates.
“It’s a framework. It’s not a guaranteed solution,” he noted.
“We just need to be prepared. Twenty-five years ago when I started building mobile phones, I didn’t ever think anyone would hack into a mobile phone, but you know, these things happen.”
One of the key vulnerabilities highlighted in normal cars is the CAN bus – an internal network that functions like the car’s central nervous system. Hackers have been able to use it to navigate from one set of electronic systems to another, gaining access to the music player, for example, then progressing to the engine or wheels.
WATCH: What to know about Alexa and other smart speakers
But Smith said the CAN bus system is often used as “a distraction.” It’s there for a reason, he argued: to allow the car’s systems to communicate instantaneously with each other. Other layers of security must therefore be built on top and hardened, to keep hackers from penetrating into that central system in the first place.
Like Chennakeshu, Smith agrees that the best defence is good offence. The “bare minimum” is the ability to adapt, he said, allowing updates or verified security patches that can be safely downloaded.
Another piece is to program the vehicle to recognize when something is wrong – whether it be a hack, physical tampering or the failure of a car-part – then switch to a backup system or emergency network.
But this kind of innovation necessitates cooperation.
“In general, the auto industry isn’t the most transparent in the world,” Smith noted. “There’s been a push to say that security isn’t a competitive advantage, it’s something we should be sharing.”
The Senate report touched on all of these aspects, and more.
The senators made several recommendations linked to the federal government’s role in tightening cybersecurity for driverless cars, but it’s unclear if any will be implemented.
Their suggestions included developing guiding principles and advice for industry, promoting public education and setting up “a real-time crisis connect network” to deal with hacks. At minimum, the report notes, industry players need a central point of contact right now within government to help coordinate these efforts. Such a body does not exist yet.
In response, Transport Minister Marc Garneau and Innovation Minister Navdeep Bains said the recommendations “will guide our ongoing work on this emerging technology, including on the development of regulations and standards” and that a “plan of action” would be released in the coming months.
Chennakeshu said that he’s optimistic Ottawa and the provinces will indeed catch up.
“I think it’s very important … finding a body that can coordinate things,” he noted.
“How do we make sure that we have that coordination, where policy-makers and technologists and the people who make the product are all aligned in how to do things? That, I think, will happen.”