Hacking a self-driving car
June 23, 2015
Self-driving vehicles are becoming more widespread, with automotive companies investing more in developing the technology: Google announced that their self-driving cars will hit American streets as early as this summer. Daimler has just unveiled the first autonomous semi-truck. Automated control systems have been integrated into almost every mode of transportation: airplanes, ships, trains, and cars.
With this reliance on computers, IT security is a concern for self-driving cars. Experts are questioning whether the technology has been adequately adapted to neutralize the threat posed by potential security breeches - particularly hacking.
Brakes and steering wheel under foreign control
"With the autonomous technology, hackers can crash your car or change your route completely while you're taking a nap," Edgar Scholl, founder of German IT security company Datengold, told DW.
Much of the vulnerability is linked to the internal communication technology of self-driving cars, which, once hacked, allows the intruder to take control of the car via the onboard computer systems controlling brakes, steering and navigational instruments.
While it may seem like part of an adventure film plot, hacking an automated control system is already possible. The auto-pilot of a United Airlines flight was hacked in flight via the online entertainment system. In January 2015, it was reported that a cyber-security flaw in BMW's Connected Drive on-board SIM card technology left 2.2 million drivers vulnerable to hackers.
The multitude of potential entry points for hackers increases the security concerns surrounding autonomous cars.
Hackers could attack the security system "via the interactive interface," said Professor Dr. Christof Paar from the Chair of Embedded Security at Ruhr-University Bochum to DW. Other dangers included computer viruses on smart phones or tablets connected to the car and installed spare parts that contain malware, according to the expert.
'James Bond attacks' unlikely
"The experience of the online world shows that attacks only occur when the hacker has the right incentives," said Paar. "On the Internet, this means often the attacker wants to make money."
Hiring a professional hacker to crack passwords to bank, social media and email accounts is straightforward via online platforms such as Hacker's List, where a hacker can be hired for most tasks for the right price.
While the likelihood of hacking increases as technology advances, the average driver is unlikely to become a target for hackers.
"One can assume James Bond-like attacks [such as] paralyzing the braking system could occur," said Paar. "But if you aren't a high-value target, you probably needn't worry."
IT security isn't a manufacturer focus - yet
Hacking raises concern about the feasibility of self-driving cars and their safety on public roads.
"I would definitely recommend that the manufacturers take hacking seriously," Paar said.
Some IT experts criticize automotive manufacturers for failing to work together with cyber security specialists to develop adequate methods to test security.
"Automobile companies have worked on security issues, but [testing] is not sufficient enough," Scholl said. "They have excellent engineers, but many of them are not familiar with IT security. There ought to be more cooperation between the two sectors."
Automotive manufacturers reassure their customers that the technology has undergone rigorous tests and security is their top priority.
"Everything will be tested and proven carefully in terms of data security," Carole Pfeifle, a representative from Products Communications for Mercedes Benz trucks, confirmed. "Our semi-truck autonomous technology is meant to support the drivers. The driver remains the center of the entire driving experience."
Representatives from Google were unavailable for comment.
While security concerns exist, consumer reliance on autonomous technology is likely to continue to grow in coming years. Manufacturers will need to stay one step ahead of hackers if the public is expected to feel comfortable with self-driving cars on public roads.