Ex-Uber Employee Explains Why it's Difficult to Protect Self-Driving Cars
【Summary】Ex-Uber employee, Charlie Miller, who was once in charge of ensuring that Uber’s autonomous vehicles were protected against hacking, explains why protecting driverless cars is so difficult.
A few years ago, Charlie Miller and Chris Valasek demonstrated just how easy it was to remotely hack into a Jeep Cherokee through the SUV's Internet connection. The hackers managed to stop the car dead in its track on the highway. Since then, there have been a few more demonstrations on hacking, which includes a Tesla being hacked by a Norwegian security company and even hackers attempting to steal autonomous secrets from Baidu.
After revealing just how vulnerable driverless vehicles are, both Miller and Valasek went on to work for Uber, helping the ride-sharing company secure its self-driving cars against attacks from hackers. Miller, who recently left Uber to work for Chinese competitor Didi, revealed why securing autonomous vehicles is such a difficult task.
Targeting A Vehicle's Weak Points
In an interview with Wired, Miller explained why beefing autonomous cars' security up is so crucial. "Autonomous vehicles are at the apex of all the terrible things that can go wrong," said Miller. "Cars are already insecure, and you're adding a bunch of sensors and computers that are controlling them…If a bad guy gets control of that, it's going to be even worse."
Back in 2013, Miller and Valasek conducted a series of experiments that saw the duo hack into various vehicles, including a Jeep Cherokee, Ford Escape, and Toyota Prius. The hackers, as Wired points out, were able to alter the cars' brakes, steering wheel, and accelerator pedal, but did so by targeting different systems.
All of the aforementioned vehicles were equipped with some kind of automated features. Miller and Valasek, according to Wired's report, were able to apply the Prius' brakes by gaining access to its collision avoidance system and managed to get the Cherokee to accelerate by accessing the SUV's cruise control feature. The researchers even managed to turn the Cherokee's steering wheel by tricking the vehicle into thinking it was parking itself, even when the car was on the highway.
The Computer Is In Charge
As Wired points out, the hacking that was done on previous vehicles was limited to a few of the functions that a car's computer handles. It's not the same thing for an autonomous car, as the computer controls every single thing in the vehicle. "In an autonomous vehicle, the computer can apply the brakes and turn the steering wheel any amount, at any speed," said Miller. "The computers are even more in charge."
Miller claims that an alert driver could, theoretically, override an attack. If, for instance, a vehicle's cruise control is being taking over, tapping on the car's brakes would bring the attack to a halt. But in fully-autonomous vehicles that aren't equipped with brakes or a steering wheel, stopping an attack would be impossible.
The situation becomes even graver when one considers driverless taxis, as Miller believes that every passenger has to be considered as a potential threat. As Wired reports, researchers revealed that plugging an Internet-connected gadget into a vehicle's OBD2 port – an outlet under a car's dashboard that provides vital information on the vehicle – can offer a hacker access to some of the most sensitive systems.
Protecting against hackers, then, will require fundamental changes to automaker's security architecture, reports Wired. Miller believes that every car's internet-connected computer will need "codesigning," a measure that ensures vehicles only run trusted code signed with a bespoke cryptographic key. Vehicles also need intrusion detection systems to alert the driver of when something strange is happening. To stop hackers from getting an initial foothold in cars, automobiles need to limit their "attack surface," by limiting services that may accept malicious data, reports Wired.
Making these fixes and other necessary ones to stop cars from being hacked isn't exactly simple as companies like Uber and Lyft don't even manufacture the vehicles that they use, claims Wired. Solving the dilemma of having autonomous cars that can stand up to hackers, according to Miller, will require cooperation and open discussions between automakers and companies.
Vineeth Joel Patel
Joel Patel has been covering all aspects of the automotive industry for four years as an editor and freelance writer for various websites. When it comes to cars, he enjoys covering the merger between technology and cars. In his spare time, Joel likes to watch baseball, work on his car, and try new foods
Toyota Patents Autonomous Workhorse That Can Help You Shop
BMW’s Upcoming Hydrogen SUV to Have 374 HP, Be Refilled in 3 Minutes
NHTSA Alters Safety Rules to Make Room for Self-Driving Cars
Ford to Use Seat Ventilation Fans From F-150 to Make Respirators
Automakers Finally Close Their North American Factories Over Coronavirus Concerns
IIHS Claims Advanced Driver-Assist Systems Need to Keep Drivers Focused on the Road More
Honda Kills the Clarity Electric, Its Only EV Available in the U.S.
Uber’s Self-Driving Cars Return to San Francisco
- Tesla's Cybertruck 'Camping Version' to Get a Climate Controlled Flatbed
- Consumer Interest in Tesla Spells Bad News for the Rest of the EV Industry, Claims Bloomberg
- Volkswagen Unveils a Robotic Mobile EV Charging Concept
- The Model Y is the First Tesla Model to Use a Heat Pump
- Hyundai S-A1 Flying Taxi Could Help Uber Go Airborne by 2023
- The Coronavirus is Disrupting Auto Manufacturing in Mexico and Europe as Parts Shipments From China Slow
- NHTSA to Investigate Deadly Accident Involving Tesla Model S in California
- GM Holding Talks With NHTSA for Autonomous Cars Without Steering Wheels
- Here Are Some More Details About the Upcoming Tesla Model Y Crossover
- Ride-Sharing Startup Via Launches the Largest U.S. ‘Micro-Transit' Service in California