LAS VEGAS — Many of our fellow AAPEX attendees are associated with the growing telematics industry on the OEM and aftermarket levels. Every model year, it seems, introduces additional consumer features that require connection in the Internet of Things. And according to Tim Hahn of IBM, these additional features may also be providing doorways hackers can use to take over and modify vehicle systems, even while the vehicle is in motion and under the driver’s control.
Hahn, an IBM Distinguished Engineer and Master Inventor, shared with his audience that the connected cars currently on the road are the second largest generator of data on the Internet of Things, generating over 438 gigabytes annually.
Attending as a technician, it was easy to understand how that much data can be put to good use. For example, by monitoring the thousands of data points generated by the vehicle’s onboard systems, problems affecting vehicle operation and safety could be predicted and attended to before they actually occur. Additionally, software and firmware updates could be completed automatically without requiring the customer to schedule a service appointment.
But those same doorways are also the same ones used by hackers, and Hahn provided examples of how this could be done. Consider for a moment your own late model vehicle and you’ll quickly get a feel for the scope of this problem. Infotainment delivered by satellite or Internet streaming, Bluetooth and onboard WiFi “hot spots”, and OEM systems like OnStar are all potential access points for hackers. And it’s not just the ability to impact these onboard systems. Imagine the personal data available to the hacker; vehicle location, vehicle key and antitheft codes, email and text messages and other personal data.
In an even bigger picture, consider that the term “connected car” has more than one meaning. The first is the connection to the Internet of Things and the second references the future of the autonomous car where vehicles communicate with one another. It doesn’t take a lot of imagination to consider the implications of hacking into a vehicle-to-vehicle (V2V) or worse, a vehicle-to-infrastructure (V2I) network.
Is there a way to overcome these threats? According to Hahn, yes. The remainder of his session focused on a variety of steps that can be taken to “harden” future vehicles against outside attacks. Just before this enlightening presentation, Hahn shared that “it is important to understand that addressing security is not a one-time task but an ongoing, continual focus. There are great benefits to having connected vehicles, and everyone has a part to play in ensuring their protection.”