Carmakers prepare for cyber terrorism
Right now is the time for automakers and federal regulators to address potential “acts of terrorism” using connected vehicles, according to former administrator of the government’s vehicle safety watchdog.
David Strickland, ex-head of the National Highway Traffic Safety Administration, said the industry needs to be proactive rather than reactive regarding cybersecurity issues as more cars and trucks become connected with the Internet, one another and additional third parties.
"It is, right now, the industry’s time to get together and figure out countermeasures, before you do have a much more mature threat,” said Strickland, now a partner in consulting and lobbying firm Venable LLP, during the 2014 SAE Convergence conference in Detroit.
Strickland’s comments come nearly four months after the industry’s largest trade groups, Alliance of Automobile Manufacturers and the Association of Global Automakers, informed NHTSA that they planned to launch a cybersecurity initiative designed for companies to voluntarily share cybersecurity best practices in an effort to help protect drivers and their personal information.
The organizations, which represent dozens of automakers, plan to provide periodic status reports to NHTSA to update the agency on our progress. However, the agreement does not mandate companies to participate in the discussions or sharing.
As more technologies, including wireless hotspots and engine control units/chips, are being added to cars and trucks, concerns over cybersecurity and data safety have grown. Many vehicles, officials said, can contain 100 or so on-board ECUs, also known as powertrain control modules.
The reason there haven’t been reports of vehicle hacking, according to Strickland, is because there’s no financial incentive to do so. But once someone figures out a way to make it profitable, he said the industry needs to be ready.
“As we have larger and more connectivity across the fleet, there’s going to be more incentives (for hackers) to create more problems,” he said. “Or the even scarier aspect, which you’re dealing with right now, are acts of terrorism.”
The security concerns could also mean opportunity for Detroit to once again reinvent the wheel, according to Chris Thomas, founder and partner of strategic investment firm Fontinalis Partners LLC.
“There’s no natural location in the world, currently, where that type of R&D is taking place,” said Thomas, during a panel discussion with Strickland and other auto industry officials. “I think it’s a great opportunity … There is no more natural place than having this in the Detroit-metro region.”
Thomas, whose Detroit-based company Bill Ford is a founding partner of, said the cluster of automotive manufacturers and suppliers makes it the perfect place “to drive the future of this industry.”
Chrysler Group LLC Vice President of Global Software Quality Marios Zenios, also a panelist, said it’s also very important for automakers to be as transparent as possible with customers about what data — from location services to comfort settings — are being shared and recorded. He compared it to consumers opting into sharing information from their cellphones.
“(Transparency) has to be at the foundation of connectivity,” he said. “If we lose that, the customers will not accept connectivity in vehicles and it will send us back to the Stone Age.”
Other topics during the panel included discussions on automated vehicles, advanced safety systems and creating productive and safe consumer experiences while driving.
The 2014 SAE Convergence is taking place through Wednesday at Cobo Center in Detroit. About 2,000 engineers and industry officials are expected to attend the conference.