Why Cars Need a Cyber Safety Rating
Unless you live under a rock or don’t often use the Internet, then you have most likely heard of Google’s Driverless Car and how it is dominating consumer buzz about autonomous driving vehicles. Although the Driverless Car is still in the testing stages and is several years—at least—away from widespread consumer adoption, cars laced with computers are more widespread than a lot of people realize.
In fact, cars are becoming more and more advanced each year as vehicles with embedded systems are becoming more the norm. Even though entertainment systems account for most of the tech in common consumer cars today, computers and cars are poised to have a rich, collaborative future together.
As the CTO of Electric Cloud informed me in a recent interview, “a new car has on the order of two-to three- hundred million lines of code… This is a traveling network these days; it’s not just a car.”
To say the least, if you’re an auto or tech enthusiast, it’s a fairly exciting time to be alive as the hype surrounding transportation submerged in the Internet of Things is exploding. Some see the marriage of tech and transportation as an opportunity to make our lives better; still others see it as a chance to exploit consumers through cyber security flaws.
With a mindset aimed toward the future, security advocacy group I Am the Cavalry proposed their Five Star Automotive Cyber Safety Program at the annual hacker convention Defcon. Their proposal’s purpose is to make policy makers, hardware manufacturers, and automotive dealers recognize the seriousness of computer security, even when those computers are on wheels.
The five points in the Five Star Automotive Cyber Safety Program are:
- Safety by design
- Third party collaboration
- Evidence capture
- Security updates
- Segmentation and isolation
The program aims to hedge the chances of disaster, which is present when devices, in cars or otherwise, are given Internet connectivity.
Many in the industry, including some in the I Am the Cavalry group, admit that the state of car computer vulnerability is still in the very early stages. And that’s why implementing the automotive tech-safety standards sooner rather than later is so important—to be proactive, not reactive.