Security will supplant style as the #1 concern in the auto capitals of the world, as automakers grapple with the same challenges in securing devices and over-the-air updates for cars as Apple and Google do with phones, tablets, wearable devices and computers.
In March of 2000 Cisco Systems (very briefly) surpassed Microsoft as the most valuable public company in the world as a result of explosive Internet-driven demand for connectivity built on the shoulders of the PC revolution.
Today two of the world’s most valuable companies are Apple and Google, and much of their success is built on the technological innovation and business transformation that the Internet has enabled. Not coincidentally, they both are pursuing the next gold rush in technology: The connected and eventually self-driving car.
Connectivity for the 100s of Microcontroller Units (MCUs) and Electronic Control Units (ECUs) housed in every car will surely drive innovation, but in parallel open up a Pandora’s box of security vulnerabilities. These vulnerabilities can’t possibly be fixed with software patches or with new hardware since cars are typically bought every 5-10 years vs. every 12-24 months for mobile phones. This difference in lifecycle will put the burden of security on long-term hardware decisions, secure software design, and over-the-air software updates from the car manufacturers and suppliers.
These decisions and processes must be executed perfectly. Most mobile phone users merely shrug with a botched application or OS update, but will not tolerate the same mistake in automotive due to safety concerns. The connected car has a very low tolerance for failure from security vulnerabilities because serious injury or the death of the driver or passenger can be a very real outcome. The proper design choices must be made to address key protection, secure software execution, and secure automotive network communication. Poor hardware and software implementations will not go unpunished by the world’s growing industrial hacking industry, or by the trial lawyers who will make automakers pay dearly for their mistakes.
It is very possible that the world’s most valuable company will add to its good fortunes by driving innovation in automotive, but unlike with the Internet boom, automotive innovation must lead with security.
Rod Schultz
Vice President Product at Rubicon Labs Inc.