With TU-Automotive Detroit just wrapping up, connected cars and smart cities are hot topics in our industry. Last week’s show gathered more than 3,000 attendees, 200 exhibitors and 150 speakers all focusing on the incredible benefits and potential hurdles presented by the next wave of connected cars. Technology in cars now provides opportunities for reduced carbon emissions, advanced assisted driving and game-changing features that turn cars into mobile offices and entertainment hubs.
Now, let’s talk security. I am as excited as anyone about connected cars, but how safe is my personal data in a connected car? And what does a secure “Internet-of-Cars” look like?
Smart cars use a variety of short and long range technologies for connectivity including cellular, Wi-Fi, ZigBee, NFC, and Bluetooth among others. Combine that with the growing prevalence of computer-assisted capabilities, such as automatic parallel parking and braking, interactive smart traffic lights and intelligent road applications, and you have a perfect storm of vulnerabilities.
As a security advocate, I was happy to find a huge number of experts (including my colleague Laetitia Jay) making the point that security needs to be a paramount feature in every point of the “connected car” ecosystem. Here are 4 key takeaways from the week:
- Cooperation is key. All players and stakeholder in the ecosystem need to understand and respect the need for certain levels of security – OEMs, Tier 1, Tier 2 carmakers, service providers, hardware and software providers and even drivers themselves. At the end of the day, we are creating a value chain that we all depend on and it is only as secure as its weakest link.
- End-to-end security is essential. Not only do we need security built in a car’s systems and components, but we also need security that goes with the car to ensure that hackers don’t gain access through open doors to other systems in the connected car and smart city ecosystem.
- Security by design is the cornerstone of success. Security architecture should be considered at the very first stage of connected solution design and at every level of the ecosystem. Architecture planning starts with thorough risk evaluation. After that, countermeasures can be identified to ensure trust in the overall infrastructure. Critical components need to be separated and protected from potential contact with untrusted code. Sensitive data must be encrypted at rest and in motion. Encryption keys must be securely managed and stored. And we need to tightly control access and authentication of all users.
- Secure connectivity creates new business opportunities. Certainly there are costs involved with designing and building a secure connectivity ecosystem. However, the business opportunities of providing new services, time saving conveniences, and safety enhancements far outweigh the initial investment to drive the marketplace forward.
After hearing the speeches and wandering the exhibit hall, I have to agree the hype – these are exciting times! Invention seems limited only by our imagination. Ensuring the security of connected cars and smart cities is an important step in realizing the promise of our new world of connectivity.
Learn more about smarter cities: