Better Living Through Big Data

Hacking a self-driving car is worryingly easy (but there’s a plan to stop it)


Whether you like them or not, whether you trust them or not, self-driving cars will become a feature on the world’s roads by 2020.

Most of the major car manufacturers are working on them, designing both autonomous vehicles (with adaptive cruise control, auto-parking and collision avoidance systems) and fully driverless vehicles (that are capable of driving from A to B with no human input).

The trouble is, these highly advanced self-driving vehicles can be hacked.

According to security scientist Jonathan Petit, the lidar laser ranging systems used by many prototype driverless cars can be disrupted by a simple laser pointer and a Raspberry Pi. Using such cheap technology, a hacker could trick a car’s sensors into thinking that there are obstacles ahead, forcing it to slow down, swerve or stop.

BAE Wildcat driverless car
BAE’s Wildcat is a driverless 4×4 that uses lidar and camera systems to scan and navigate the surrounding terrain.

“I can take echoes of a fake car and put them at any location I want,” Petit told IEEE Spectrum. “And I can do the same with a pedestrian or a wall… If a self-driving car has poor inputs, it will make poor driving decisions.”

It’s not the only way that self-driving cars could be compromised. GPS data could be spoofed or jammed, potentially allowing someone to take control of a vehicle. While a McAfee/Intel Security report highlights 15 of the most hackable parts of a car from keyless entry systems to the electronic control units that control a car’s airbag, steering, engine transmission and lighting.

The more connected features a car possesses, the more likely it is to be attacked.

driverless car hacks - potential weaknesses
The 15 most hackable and exposed attack surfaces on a next-generation car, according to Intel.

“Some would ask if any software system can be truly hack-proof,” cyber security expert Hugh Boyes told the Guardian. “We’re already looking at 100m lines of code, and that’s for a car where the driver is still very much in control. We’ll probably be looking at [code that is] an order of magnitude larger for something that’s driverless. That’s an awful lot to get right.”

It’s why Intel has recently announced the establishment of the Automotive Security Review Board (ASRB), a group that hopes to establish a code of best practices and design recommendations to guard against future automotive cyber attacks.

“We can, and must, raise the bar against cyberattacks in automobiles,” said Chris Young, senior vice president and general manager of Intel Security.

“With the help of the ASRB, Intel can establish security best practices and encourage that cybersecurity is an essential ingredient in the design of every connected car. Few things are more personal than our safety while on the road, making the ASRB the right idea at the right time.” — Dean Evans (@evansdp)


Share This Article

Related Topics


Read This Next

Read Full Story