Recent news stories talk about hacking vulnerability found in the Nissan Leaf and Tesla vehicles. That potentially, a determined hacker could gain control of none critical vehicle systems. In the case of the Nissan Leaf – the air conditioning and other power draining systems – risking the driver becoming stranded. In addition, data about previous journeys could be accessed. Nissan responded by suspending the functions of this application. So how big is the risk from the huge rise of wireless and app technology in vehicles and what can be done about it?
How does wireless/app technology work in vehicles currently?
Early in car technology allowed us to connect our phone into a Bluetooth or wired system so we could make/answer phone-calls hands free. However with increasing technology contained within the mobile phone – we’re now looking to access, sat nav and other information while driving, as well as looking to play our music from streaming services or our phone memory.
The NissanConnect in vehicle app is one of several by different manufacturers to connect their smartphones to their vehicles – this means that apps, features and other services can be used to personalize their vehicle – this might be turning the heater on in the vehicle to defrost it on a cold morning or more advanced features to provide music via a phone, sat nav to the car or information on fuel, hotels or other items of interest.
We’ve also seen the use of black box telemetry within cars to monitor driving styles for insurance purposes and this will evolve further.
What is the future of this?
The black box telemetry reports to your insurance company and you can see a report on this data, but Hyundai’s newest system allows parents to monitor and restrict their teen driver’s speed, hours of operation and where it travels. It doesn’t prevent these things happening (yet, and there is a whole new debate there!) but it does alert the parent via text/email/app. The driver is also notified of this.
Moving on from this is the idea of a digital dashboard – already seen to some extent in vehicles and in motor sport with multi function trip computers – this can be seen in the partnership between Audi and NVIDIA – they have developed a fully digital dashboard. This will replace the instrument cluster, and fast processors ensure the frame and render rates are fast enough to display precisely. From this augmented reality and head-up displays are not too much of a step.
These all potentially lead to the biggest change of all, driver-less cars – we’re already seeing the car take control of some aspects of driving. From our initial developments in cruise control to adaptive cruise control and auto braking functions – this is likely to move to adaptive systems that can automatically steer to follow a car in front or keep a vehicle within a lane of traffic. This could develop into the vehicles communicating with each other to maintain smoother traffic flows.
Where are the risks? Exploitation of loopholes?
Besides the obvious driver distraction element – which manufacturers claim to be avoiding through the clever use of voice activation and multi function dials – the largest risks are from security flaws within the systems.
The NissanConnect app’s vulnerability issues appear to stem from the level of identification checks it carried out. Those people who had never signed up for the app/an account were never at risk – however those who did, the system would look for the vehicle identification number (or VIN) for security – this loophole could allow an attacker to send commands to the vehicle via a web browser – leaking potentially confidential information such as the owner’s registered username and times and distances of journeys. When the app was unregistered – the car became safe from attack.
This shows that as the development of the connected car moves forward, the cyber-security side of the technology will become vitally important to. Only by focusing on all the aspects of safety and security around the connected vehicle can we work to avoid the dangers.