According to the headlines, technology is almost always “disruptive.” New technology–be it hardware or software–will upend industries and change the way everyday people live their lives. Behind the lofty claims, the details of how this will happen are more opaque. Autonomous vehicles are one area in which much work remains before lofty goals become a reality. Before cars begin to take the wheel back from their drivers, years of testing and security protocols need to be developed and completed, even as other companies work to develop the chips and other hardware needed. Inside Secure is one company providing technology to help lay a strong foundation for digital automotive security.
Inside Secure has been working to protect consumer transactions, identity, content, applications, and communications. Now, after a new deal with Kalray, a company building processors for new intelligent systems, it is poised to see its technology put to use to improve the security of the next generation of autonomous cars. The deal highlights how much car manufacturing has changed recently and how different it may look five years from now.
“One of the buzzwords right now is automotive security. Automotive security up until three years ago meant the car key. One of the biggest drivers for enhanced security today is the basic fact that vehicles today are connected to the internet, in many cases across all the systems in the car,” Simon Blake-Wilson, COO at Inside Secure, told InsideSources.
As more and more cars come equipped with technology that allows them to connect to the internet, navigate, and potentially download software updates or even make purchases, the need for security is becoming ever more important. Inside Secure will provide security components that can be embedded into computer chips in order to increase the security of the system.
Shifting security to the chip level takes longer. However, the security advantage of this “Root of Trust” (RoT) system, is that user identities and keys are embedded into the chip, allowing them to be stored more securely.
“It takes ten times as long to make a chip as software,” says Blake-Wilson.
This can be a disadvantage for automakers who are rushing to deploy new technology and to get new features to market quickly. At the same time, this type of system is much more difficult to hack, a clear security advantage.
In theory, the new partnership between Inside Secure and Kalray could result in more highly secure computer chips that are used in a variety of new cars. Bringing this dream to market, though, will likely take a shift in how manufacturers approach security.
“If you look at it from an industry perspective, one of the biggest differences is that we have a bunch of car makers and car suppliers who really have been more parts focused rather than computer focused,” said Blake-Wilson. “I think on the one hand, the potential severity of attacks is unusual. What you see is demonstrations of people looking at autonomous vehicles remotely over the internet and taking control of the vehicle, breaking into a car, etc.”
“I think just the cultural shift required within the automotive industry is a second challenge. Car makers simply culturally aren’t set up [the way software companies are] and have a long tradition of looking at the world differently than they need to think about it,” he continued.
Right now, there is also little regulatory pressure to make manufacturers seek out security innovation. From the regulation side, Blake-Wilson says a challenge exists as well. Given how quickly development is occcuring in the space, attempting to prescribe a solution through regulation could be just as counter-productive or harmful as a failure to adequately legislate.
Additionally, the industry needs to determine how to work with potentially contradictory regulations in different parts of the world. The contemporary automotive industry is a global industry. A vehicle can easily be designed in one country, manufactured in another, and sold in a third. Over the years, manufacturers have learned how to design cars to fit the physical safety requirements of the various markets. When it comes to web security, however, the rule book remains to be written.