The security of driverless vehicles will be critical for both community safety and industry growth.
Deakin researchers are developing new platforms and software to support self-driving technologies in vehicles of the future. And ensuring the secure exchange of information between vehicles is key to its success.
Technological progression means cars will change more in the next decade than they have in the past century.
Not only will they be powered and wired differently, but it’s also likely that we will not be the ones driving them. Thanks to developments in instrumentation, automation, the Internet of Things (IoT) and secure vehicle-to-vehicle communication systems, experts predict the car will be in control of all aspects of driving in most driving conditions by 2030.
A key element of this new autonomous world will be the capacity of cars to safely communicate with each other.
Our vehicles of the future will take the form of complex mobile computers, designed to be automated, connected and, where possible, co-operative.
But the security of these vehicles – including the interconnected systems and underlying electronics – will be critical for both community safety and industry growth.
World-leading cyber security researchers from Deakin’s Centre for Cyber Security Research and Innovation (CSRI) – including Research Director and project lead, Professor Robin Doss – are working with Bosch Australia to help ensure that next-generation vehicles are cyber-safe and can engage in secure and trusted co-operation.
The project will contribute to a better understanding of the security and privacy limits of connected vehicles and advance state-of-the-art systems to ensure their safety.
The project has received funding ($494,500) from the Department of Industry, Science, Energy and Resources (DISER) under the Automotive Engineering Graduate Program (AEGP).
Ensuring a safe transition to vehicle connectivity
In recent years, there has been rapid progress in vehicle-to-vehicle networking.
Dedicated short-range communications and 5G-vehicle-to-everything (V2X) based communications are driving an emerging generation of connected vehicles.
There are seven different types of vehicle connectivity, including vehicle-to-vehicle communication and vehicle-to-infrastructure communication, which involves communication between vehicles and infrastructure such as lane markings, road signs and traffic lights.
Together, these will improve road safety, ease traffic congestion, and reduce Co2 emissions caused by congestion and allow the safe transition to autonomous driving.
This safe transition is dependent upon secure connectivity and co-operation between vehicles, and Deakin’s research team is exploring challenges to this security.
Connected automotive systems benefit substantially from connectivity to Internet services and other vehicles.
However, network connectivity also exposes them to cyber threats that, although common in computer systems, are relatively new in automotive systems.
As a result, the resilience of future automotive systems is not exclusively about robustness and responding to faulty behaviour in components.
It is also about security and trust of software systems and on-board instrumentation that could be vulnerable to hackers anywhere in the world.
To overcome the risks, Deakin researchers are developing a framework comprised of technologies and a methodology for secure automotive computer systems.
This framework sits within a securely connected automotive software platform that enables the connected vehicle to co-operate with external services and other vehicles in a secure, trusted and safe way.
This technology will be available to the wider automotive sector.
The research training component of the project is seeing the development of PhD-trained cyber security specialists for the automotive sector, a sector that is particularly affected by the global shortage of cyber security professionals.
It is planned that the four PhD researchers involved in this project will spend time on-site at the Bosch technical centre in Clayton.
Preventing unwanted cyber attacks
The Deakin team is seeking to ensure secure co-operation between vehicles exchanging intelligence with each other, which would enable vehicle systems to make secure, real-time decisions independently of the driver.
As the autonomous and assistive capabilities – such as cruise control and automatic braking – of vehicles have increased and vehicles have become increasingly Internet-connected, they have become targets for remote compromise by people with malicious intent.
There have been several well-publicised instances of vehicle hacking.
These include Charlie Miller and Chris Valasek who remotely hacked a Jeep in 2015, enabling them to disable brakes and control steering, causing the recall of 1.4 million vehicles.
The Chinese company Keen Security lab’s hack in 2016 on the Tesla, which involved compromise of the controller area network that controls many of the systems in the car.
In 2019, security researchers Amat Cama and Richard Zhu hacked the Tesla 3’s infotainment system.
And, in 2020, Lennert Wouters, a security researcher at Belgian university KU Leuven, hacked the Bluetooth key fob on Tesla’s Model X.
Remote takeover of vehicles such as the Jeep Cherokee has also been demonstrated by ethical, ‘white hat’ hackers, who seek to expose hacking vulnerabilities.
In fact, the number of successful vehicle attacks has doubled every year, with the vast majority of hacks executed remotely.
Therefore, the need for new security techniques that can advance the cyber-resilience capability of vehicles cannot be overstated.
This project is developing new technologies, platforms and software that can support the cyber-safe and secure operation of vehicles and vehicular systems.
The research seeks to mitigate the impact of cyber security attacks by early detection of intrusion and prevention of unauthorised access.
A four-step approach
There are four elements in this research project.
Firstly, the team is developing end-to-end secure firmware and software updates, telematics and infotainment delivery for connected vehicles, including secure gateways.
Secondly, they are developing secure and trusted vehicle-to-vehicle, vehicle-to-infrastructure and vehicle-to-everything co-operation, where vehicles need to behave collectively in a self-organised paradigm.
New decentralised authentication schemes with intrusion detection mechanisms are also being developed, such as authenticating, recording, reporting, fail-safes and alerting.
Finally, the team is seeking to reduce the risk of data tampering.
This involves enabling vehicle computer systems with the ability to identify counterfeiting and sensitive information disclosure from side-channel attacks, such as software bugs, and then to develop suitable counter measures for co-operative vehicle-to-vehicle systems.
Professor Robin Doss is the Research Director of Deakin’s Centre for Cyber Security Research and Innovation.