[{"command":"openDialog","selector":"#drupal-modal","settings":null,"data":"\u003Cdiv id=\u0022republish_modal_form\u0022\u003E\u003Cform class=\u0022modal-form-example-modal-form ecl-form\u0022 data-drupal-selector=\u0022modal-form-example-modal-form\u0022 action=\u0022\/en\/article\/modal\/6575\u0022 method=\u0022post\u0022 id=\u0022modal-form-example-modal-form\u0022 accept-charset=\u0022UTF-8\u0022\u003E\u003Cp\u003EHorizon articles can be republished for free under the Creative Commons Attribution 4.0 International (CC BY 4.0) licence.\u003C\/p\u003E\n \u003Cp\u003EYou must give appropriate credit. We ask you to do this by:\u003Cbr \/\u003E\n 1) Using the original journalist\u0027s byline\u003Cbr \/\u003E\n 2) Linking back to our original story\u003Cbr \/\u003E\n 3) Using the following text in the footer: This article was originally published in \u003Ca href=\u0027#\u0027\u003EHorizon, the EU Research and Innovation magazine\u003C\/a\u003E\u003C\/p\u003E\n \u003Cp\u003ESee our full republication guidelines \u003Ca href=\u0027\/horizon-magazine\/republish-our-stories\u0027\u003Ehere\u003C\/a\u003E\u003C\/p\u003E\n \u003Cp\u003EHTML for this article, including the attribution and page view counter, is below:\u003C\/p\u003E\u003Cdiv class=\u0022js-form-item form-item js-form-type-textarea form-item-body-content js-form-item-body-content ecl-form-group ecl-form-group--text-area form-no-label ecl-u-mv-m\u0022\u003E\n \n\u003Cdiv\u003E\n \u003Ctextarea data-drupal-selector=\u0022edit-body-content\u0022 aria-describedby=\u0022edit-body-content--description\u0022 id=\u0022edit-body-content\u0022 name=\u0022body_content\u0022 rows=\u00225\u0022 cols=\u002260\u0022 class=\u0022form-textarea ecl-text-area\u0022\u003E\u003Ch2\u003EHackers could blackmail owners of self-driving cars - Dr Alexander Kr\u00f6ller, TomTom\u003C\/h2\u003E\u003Cp\u003E\u003Cstrong\u003EWhat systems does a self-driving car require to work?\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u2018An autopilot taking a car on the road is fairly easy to achieve, all you need is a few sensors, it could just be a camera that sees what\u2019s directly in front of you, follows your lane and tries not to bump into cars. For the next step, telling the car, \u201cI want to go to my favourite restaurant,\u201d there is a lot of data that needs to be provided. The car needs an up-to-date map to figure out where to go, which has to be absolutely accurate. This is provided through online services.\u003C\/p\u003E\u003Cp\u003E\u2018On a more local scale is the domain of vehicle-to-vehicle communication and real-time services, where a car gets live and frequent updates on what is happening in front and behind of it, and around the corner. There are sensors to measure where exactly the car is, cameras and radar or LIDAR (Light Detection and Ranging) sensors to identify other vehicles, obstacles or pedestrians crossing the road. These combine to give the car a consciousness of its immediate surroundings and tell it where it should and should not drive.\u2019\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EIs there a cybersecurity risk with automated vehicles?\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u2018Even with today\u2019s connected vehicles, there are cars taking in information from the outside over wireless connections and then taking decisions on behalf of the driver. That raises several issues and the most important one is security.\u003C\/p\u003E\u003Cp\u003E\u2018A very simple example with automated vehicles would be stealing one remotely. The appeal to a hacker can simply be profit or to gain leverage over the owner or the manufacturer of the vehicle. This scenario isn\u2019t the most likely risk we should be worried about. Even just disabling it or making it drive through the wrong neighbourhood is something that could be taken advantage of. Hackers could also use the car to obstruct traffic, or create roads that are completely void of traffic.\u2019\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EWhat about viruses?\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u2018Every computer system is still just a computer system. If people spend enough money and energy in developing a virus or Trojan horse (a malicious computer program) then it is entirely possible to have one for automated vehicles. The big difference is that the usual ways for a virus to enter a system are not available because users are not randomly installing applications or looking at internet content on safety-critical systems in the car. The system is much more controlled, but car systems become more interconnected with more advanced features.\u003C\/p\u003E\u003Cp\u003E\u2018If you come up with the scenario that someone planted a worm (a computer program that replicates itself and spreads to other computers) in one brand of vehicle then this hacker could start asking for money. The same way you have with Trojans where suddenly you have your hard drive encrypted and the victim is asked to hand over a ransom to fix it. In an automated vehicle case, hackers could leverage money from the drivers to release their cars or from the manufacturer to give back control to their fleet.\u2019\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EHackers often just want to remove restrictions imposed by the manufacturer and install third-party applications, a process known as jailbreaking. What\u2019s the risk of someone jailbreaking an automated car?\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u2018Jailbreaking your car or tampering with the systems and then driving around in it in the hope that the car still functions properly is something you shouldn\u2019t do. However, some people are very willing to take that risk. In that sense, we have to make sure that safety-critical components (elements that ensure safe performance) keep the amount of tampering people can do with a car to a minimum. Somebody willing to risk his own life by tampering with the software system in an automated car is also risking the lives of others on the road.\u2019\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EHow far along are we in developing appropriate security measures for automated cars? \u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u2018The complexity in cars, both in software and hardware, is constantly growing, meaning there is an increasing amount of potential attacks, while the knowledge among hackers is also increasing. It\u2019s a cat and mouse game. As far as I can see with organisations in this industry the level of security is progressing in line with the level of complexity we are putting into automated cars. Everybody is taking great care not to release anything to the public that is not secure, but at the same time the threats and demands are increasing, so we have to prepare for the next steps.\u2019\u003Cblockquote class=\u0022tw-text-center tw-text-blue tw-font-bold tw-text-2xl lg:tw-w-1\/2 tw-border-2 tw-border-blue tw-p-12 tw-my-8 lg:tw-m-12 lg:tw--ml-16 tw-float-left\u0022\u003E\n \u003Cspan class=\u0022tw-text-5xl tw-rotate-180\u0022\u003E\u201c\u003C\/span\u003E\n \u003Cp class=\u0022tw-font-serif tw-italic\u0022\u003E\u2018Hackers could also use the car to obstruct traffic, or create roads that are completely void of traffic.\u2019\u003C\/p\u003E\n \u003Cfooter\u003E\n \u003Ccite class=\u0022tw-not-italic tw-font-normal tw-text-sm tw-text-black\u0022\u003EDr Alexander Kr\u00f6ller, TomTom\u003C\/cite\u003E\n \u003C\/footer\u003E\n\u003C\/blockquote\u003E\n\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EYou are involved in SAFERtec, a recently launched EU project looking to advance security levels for connected vehicle systems. What will you be working on?\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u2018We will examine and prepare for the next threats that are going to come when connected vehicles become more and more widespread. We are going to develop a connected vehicle system and then, through appropriate modelling, determine the necessary protection profiles (specific security requirements) to identified risks, which may impact human safety.\u003C\/p\u003E\u003Cp\u003E\u2018Several partners in the project have experience in attack modelling, penetration testing (ways of assessing vulnerabilities in an IT system) as well as auditing software and security systems. When we have all that together we are going to distil the security requirements for the future of connected vehicles and then analyse the existing assurance frameworks. We want to end this project with an efficient way to reach a high level of security in tomorrow\u2019s world of connected vehicles.\u2019\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EThe technology behind automated vehicles is moving incredibly fast, where should our focus be to safely introduce automated vehicles?\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u2018Discussions about automated vehicles are dominated in the public by a few not really central questions \u2013 is it going to be safe or will these cars kill all of us? But that\u2019s not how it works. What we are going to see is gradually more automated vehicles driving next to classic human-driven vehicles, on the roads we have today. In the public\u2019s mind, they fear the havoc these automated vehicles will cause on the roads, but if you turn it around, an automated vehicle is going to be a well-behaved, passive and very careful driver. It\u2019s more about how we protect automated vehicles from reckless human drivers than the other way around.\u2019\u0026nbsp;\u003Cdiv class=\u0022moreinfoblock\u0022\u003E\n \u003Ch3\u003EThe Issue\u003C\/h3\u003E\n \u003Cp\u003ECyber attacks on connected vehicles have led to millions of \u003Ca href=\u0022https:\/\/www.enisa.europa.eu\/publications\/cyber-security-and-resilience-of-smart-cars\u0022 target=\u0022_blank\u0022\u003Ecars being recalled\u003C\/a\u003E by manufacturers because of their vulnerability.\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EThe EU is working to make cybersecurity a central part of \u003Ca href=\u0022https:\/\/ec.europa.eu\/digital-single-market\/en\/cybersecurity\u0022 target=\u0022_blank\u0022\u003Efuture policies\u003C\/a\u003E concerning connected cars.\u003C\/p\u003E\n\u003C\/div\u003E\n\u003C\/p\u003E\u003C\/textarea\u003E\n\u003C\/div\u003E\n\n \u003Cdiv id=\u0022edit-body-content--description\u0022 class=\u0022ecl-help-block description\u0022\u003E\n Please copy the above code and embed it onto your website to republish.\n \u003C\/div\u003E\n \u003C\/div\u003E\n\u003Cinput autocomplete=\u0022off\u0022 data-drupal-selector=\u0022form-ftqnif46ijhwg2z1-oumm1fa-guosic-hzk-cwpzhxe\u0022 type=\u0022hidden\u0022 name=\u0022form_build_id\u0022 value=\u0022form-ftqNiF46iJHwG2Z1-oumm1FA-gUosic-Hzk-cwpzhxE\u0022 \/\u003E\n\u003Cinput data-drupal-selector=\u0022edit-modal-form-example-modal-form\u0022 type=\u0022hidden\u0022 name=\u0022form_id\u0022 value=\u0022modal_form_example_modal_form\u0022 \/\u003E\n\u003C\/form\u003E\n\u003C\/div\u003E","dialogOptions":{"width":"800","modal":true,"title":"Republish this content"}}]