Between insurance, new technologies, and safety laws, smart cars bring up several complicated issues – though none are perhaps as challenging as the issue of cybersecurity legislation. The concerns surrounding automotive cybersecurity legislation lie largely with the issue of liability in the event of a hack, a subject that seems simple at first, but upon further inspection reveals a subjective, polarizing topic. In his article on ITProPortal, Jaeson Yoo elaborates on this complexity, highlighting the key challenges preventing any clear answer from being made.
Yoo begins by discussing the urgency of the matter, detailing the United States’ government’s motivations to quickly develop legislation governing automotive cybersecurity. He details how dangerous a car in the wrong hands can be, stating that “Cars, while convenient, have the potential to be deadly, as evidenced by the increasing number of terrorist attacks using automobiles. Vehicles can be used to run over a large group of pedestrians. They can even be used as a way to deliver suicide bombs in strategic situations to maximize catastrophic damage. In other words, ways to utilize the automobile for deadly means are practically limitless, a dilemma that is only certain to grow more complex as cars get even more connected and eventually start driving themselves.” The message is clear – transportation technology is critical to society, but in the wrong situation, cars can be used to cause profound destruction. As cars become more connected, the threat only becomes greater. A single car can already cause major damage. As the amount of connectivity and automation available increases, this already daunting threat has the potential to grow to control thousands of cars within a single fleet.
This reality is the driving motivation behind the new wave of legislation. Governments around the world are rushing to ensure that adequate legislation is in place in the event such a tragedy occurs, but this hastiness has highlighted a different problem – a lack of interest in the automotive industry to address this serious problem. OEM’s lack serious expertise on the subject of cybersecurity, and thus are reluctant to take a position at all. This cannot be the case, especially when lives are at risk.
Simply avoiding the issue of cybersecurity is unsustainable. Tesla’s Model 3 is an example of what the future looks like – every function is controlled via the central touch display, foregoing physical buttons and dials for a pure software experience. This futuristic, visionary design has resulted in a massive backlog of nearly 500,000 reservations for the Model 3. Consumers are demanding connectivity in cars today more than any other feature, a call that cannot be ignored without serious damage to traditional OEM’s business. It is clear that traditional OEM’s will have to adapt to remain competitive with newcomers such as Tesla. This adaptation cannot happen as long as OEM’s ignore cybersecurity.
Trillium’s broad portfolio of products & services empowers OEM’s to secure their products from the conceptual stage all the way through end-of-life support. From consulting to penetration testing to providing cybersecurity solutions, Trillium is uniquely positioned to provide a complete and total solution to all things cybersecurity.