MADISON, Wis. — Getting cars connected is a foregone conclusion. Or is it?
Carmakers need it. Consumers want it.
McKinsey & Co.’s consumer survey conducted last year revealed, “More than a quarter [of consumers] already prioritize connectivity over features such as engine power and fuel efficiency.”
But here’s the rub. The same survey showed that while consumers want it, their interest in paying for car connectivity is limited. More importantly, they expressed their concerns about digital safety.
(Source: McKinsey's Connected Car Consumer Survey, 2014)
When it comes to potential threats posed by connectivity, security experts and industry analysts are no longer mincing their words. Unauthorized access or remote hijacking of a vehicle might be only a theoretical risk for today’s cars. But in the connected car of the future, it’s a distinct, real-world threat.
Egil Juliussen, director research & principal analyst at IHS Automotive Technology, is one analyst on the record saying “Cyber-security is one of the biggest problems the auto industry faces.” He noted, “We’re kind of late [on that].”
Jeff Williams, CTO and cofounder of Contrast Security (Palo Alto, Calif.), said today’s cars consist of islands of different computers that don’t necessarily talk to one another. Hence, the danger of hacking is limited.
“But those of us who have been around the block know” the industry’s drive for higher integration will eventually take over. Vendors want to cut cost, Williams said. “We’ve seen [the trend for integration] happen in airplanes, medical devices and other connected system designs.” As a result, he cautioned, “Many of the features and controls will be hosted by one computer, and those functions — traditionally separated by physical knobs and air gaps — are being replaced by software.”
Once that happens, a hacker who gets into a trivial system like the car radio could seize control of the brakes, or any other system, he explained. At that point, the risk of connected cars no longer hypothetical.
[Join us here for "Why Connect the Car?" on May 11 at 1 PM Eastern, 10 AM Pacific.].
As we prepare for the upcoming EE Times Radio Show on “Why Connect Cars? scheduled at 1:00p.m. Eastern, May 11th, we offer in the following pages a topic teardown on “the benefits and perils of connected cars.” We illustrate what we already know about the benefits of connected cars, and what became the driving force behind the connected car. We will also scout what security measures are needed (or in development) inside cars in order to make connected cars less vulnerable to external malicious attacks.
Table of contents:
- Benefits of connected cars
- Why add 4G LTE to vehicles?
- Over-the-air software patches
- Sea change Ethernet will bring to cars
- Architectural change for new vehicles
- Hardware security for every MCU
- Operational security
- Senator Markey’s report
- Transparency needed