Connected cars offer a wealth of data generation and utilisation possibilities. To optimize the use of this data, blockchain has a role to play.
When Henry Ford introduced mass production, it gave the automobile industry a phenomenal boost by making car ownership affordable for millions. A second revolution is now underway, as cars connect to the internet. By 2022, it is predicted that there will be more than 125 million vehicles with this capability. Each car is predicted to send 25GB of data to the cloud per hour, meaning vast new swathes of information will be generated.
These huge pools of behavioural, location, and product performance information will open up exciting new opportunities for businesses. For example, data about where people travel, and at what speed and time will be used to coordinate traffic in smart cities, as is already underway in Amsterdam; and in a step up from ‘black boxes’, it will become commonplace for insurance premiums to be calculated fairly based on driver usage. Perhaps most excitingly, driving will become accessible to new audiences, through peer-to-peer lending schemes. Altogether, utilisation of mobility data will mean a more personalised, convenient driving experience.
Knowing the risks
With great value, comes great responsibility. As new laws such as the General Data Protection Regulation (GDPR) demonstrate, consumers are placing increasing value on the control and secure transfer of their data. And they are right to do so – McKinsey estimates that the value of data collected from a connected vehicle outweighs the value of the car itself. Any company hoping to make use of this lucrative driver information will need to ensure that they are able to protect it and reassure customers that their information remains safe.
Cars stand apart from other consumer goods which have been connected to the Internet of Things; if a light switch or coffee machine is hacked, risks are often limited to mild inconvenience and the device malfunctioning. In the case of cars, significant financial investment is at stake – a researcher at the University of Birmingham recently demonstrated how it was possible to unlock as many as 100 million Volkswagens by exploiting the master key code, potentially allowing these vehicles to be stolen.
On a more serious note, the lives of the driver and their passengers could be threatened too. When attackers gain access to a car’s Electronic Control Units (ECUs), they can take control of the engine, brakes and steering, raising the cyber defence stakes considerably.
Battery-drain attacks, which immobilise a car by overloading the ECU with a variety of messages – similar to a Denial of Service attack, where servers are flooded with requests – can disable a car within a matter of hours. Additionally, Denial of Body Control attacks stop the ECU from working by waking it up to respond to injected messages and then modifying the bit rate to cause errors in the Controller Area Network (CAN bus). This leaves the car immobile and its doors locked, which could pose a serious risk.
At the moment, the architecture of information systems within cars is built with functionality rather than security in mind, making cars vulnerable to attacks. This situation is set to worsen as the number of data cars collect and process increases. As they connect to the world around them, the future is poised for these vehicles to effectively become wallets, authorising payments at drive-throughs, toll booths and petrol stations. While it means increased convenience for the user, it means hackers have a financial reason to target private transport.
A security first approach
For consumers to be onboard with data sharing, information security needs to be front and centre. Yet currently this is not the case, as the growing technical complexity of cars means more ECUs are being added to the vehicle. This, in turn, increases the number of nodes which cybercriminals can target, making them susceptible to attacks. With so many manufacturers in the supply chain, automobile makers can find it particularly difficult to ensure each part has consistent protection. In a recent survey from McKinsey, only 10 percent of suppliers responded that cybersecurity ranked high on their management’s agenda compared to 35 percent of car brands.
A new paradigm is therefore needed. Blockchain represents a viable solution by providing a defensive layer between attacks and endpoints, ensuring information can reach the cloud without an interception. The blockchain itself is immutable, as the information is kept as a decentralised ledger, meaning it cannot be successfully tampered with by one party, as it depends on an entire community for security.
The evolution of blockchain
Historically the use of blockchain has been limited, as technology has not been able to distribute large files. However, recent developments in this technology now allow for the rapid transfer of larger amounts of information, making it a good fit for automotive data which requires sizable quantities of data to be transferred rapidly.
This secure method of exchange will also protect connected cars which act as wallets. By using hard-to-crack cryptocurrencies to pay for goods and services, drivers will create a powerful disincentive for hackers to interfere with the payments they make from their vehicles.
The initial layer of blockchain protection can be backed up by Artificial Intelligence (AI) and Machine Learning (ML) technology to detect attacks should they be able to penetrate automotive networks. ‘Hash price’ detection works by scanning hundreds of millions of known attacks to identify threats, while ‘sandboxing’ means files can be checked for attacks in a simulated environment before being opened in a live vehicle, ensuring they are safe.
A secure future for information – and drivers
Connected cars offer a wealth of data generation and utilisation possibilities. With increased convenience and personalisation, drivers are well incentivised to share their information, and this will fuel the growth of a new revolution in private transport. But automakers will need to make sure that this valuable information is securely guarded.
By using a robust multi-layered security system built using artificial intelligence and blockchain technology, automakers can uphold vehicle safety into the 21st Century, helping create a secure yet convenient connected future. As the number of connected cars on the road increases, the industry will need to develop standardised blockchain practices that reassure consumers and support the industry in cutting traffic congestion, optimising insurance quotations and making cars a shareable asset.