(Credit: Getty Images)
While every new generation of automobile technology brings new security risks, the vulnerabilities that come along with self-driving cars are unprecedented and understudied, a new paper suggests.
Imagine the following scenarios:
• Instead of taking you home from work, your self-driving car delivers you to a desolate road, where it pulls off on the shoulder and stops.
• You call your vehicle to pick you up from a store and instead you get a text message: Send $100 worth of Bitcoin to this account and it’ll be right over.
• You buckle your seatbelt and set your destination to a doctor’s appointment, but your car won’t leave your driveway. It senses it’s been hacked and your home is its pre-programmed safe destination.
These three scenarios illustrate the breadth of the cybersecurity challenges that must be overcome before autonomous and connected vehicles can be widely adopted. The white paper, which appears in the Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy, introduces a new tool called the Mcity Threat Identification Model, which could help academic and industry researchers analyze the likelihood and severity of potential threats.
The new model outlines a framework for considering: the attacker’s skill level and motivation; the vulnerable vehicle system components; the ways in which an attack could be achieved; and the repercussions, including for privacy, safety, and financial loss.
Researchers believe the tool is the first of its kind focused on automated vehicles.