Intel Moves to Secure Cars Before They Kill Us

By Rob Enderle September 15, 2015

One of the very surreal and prophetic meetings I had was years ago was with the On-Star division of GM.  I was invited in by one of the executives I’d met while he was working in IT for a large consumer goods company.   He had recently joined the On-Star effort, which was in its infancy at the time, and was appalled at the lack of security over the technology.  I was running the firm’s security practice at the time and was brought in to talk some sense to the executive team who largely blew me off.  I thought as I left that this wouldn’t end well and we’ve recently seen some rather frightening demonstrations, even though they were with Chrysler not GM, that the auto industry just didn’t take security seriously.

Intel has been working with a variety of car companies over the years to develop some rather interesting solutions, like a headlight system that can pierce ran and even snow.   This is actually pretty amazing and could be a real life saver in a storm.   But while car makers are new to security, Intel isn’t having bought McAfee a few years back to address the near out of control problem with security on PCs and servers.  So Intel can hit the ground running and largely as a result of these automotive security breaches, they have formed the Automotive Security Review Board to try to help the car industry fix what is now a nasty problem

Let’s talk about how you might want to buy an older car over a new one until these problems are solved this week. 

Old Is Safer

Older cars had physical connections between the steering, engine control (throttle), and braking systems.  You could remote control them but only if you spent days installing controls, servos, and remote control technology in the car and making all of that stuff invisible would have been nearly impossible.  

But newer cars have drive-by-wire systems where the throttle, brake, and even the steering wheel aren’t physically connected they just interface with a control unit that then interfaces with the car.   The positives for this are that you can better adjust what they do based on conditions and speed and they are far easier to install because you just need to run wiring and connect to power and a common network which, increasingly, could be wireless. 

Image via Shutterstock

But now if someone wants to take control of your car, they just need to wirelessly hack into the network and while this still largely requires some type of physical access to the car, the control unit is very small and easily hidden. 

This suggests that if you are concerned about security you would be far safer in a car that was older than 2005 from the standpoint of security but then you are faced with problems associated with the car starting to fall apart.   Low mileage well cared for older cars may suddenly be in relatively high demand once folks catch on that newer cars can be easily hacked and made unsafe. 

Fixing the Problem

It isn’t trivial to address what has been a serious oversight for some time.  Granted, few of the automakers were as careless as Chrysler and haven’t connected their entertainment and car operating systems together.   But the idea that you can secure an increasingly connected car by leaving critical systems unconnected won’t work if someone comes up with an easy to use plug in remote control module.  Or, for future cars, (and Tesla) just hacking into the network that controls the car.  (I should point out that Tesla, at least, took security seriously but even they were vulnerable.  

To fix this requires a top to bottom change in the way cars are built and secured and that is what the Automotive Security Review Board’s mission is.   Every component that is connected has to be secured (a few years back a bunch of VWs where hacked through their wireless tire pressure system in the tires and disabled, a later test showcased a hacker could do far more which subsequently happened in Texas). 

And, particularly when we move to full autonomous driving, if there is a way to break in someone will find it and this effort is to give the folks building the cars a fighting chance in making sure we don’t become the proof they didn’t get this right. 

Wrapping Up:  Old May Be Better

While it is great to have a lot of electronic gadgets on our cars, right now, they represent a potentially deadly risk to our safety.  As a result you may want to favor new and older cars that don’t have drive-by-wire systems and can’t be taken over without a massive amount of work.  If it’s easy than any kid could do it and you don’t want anyone in your family to be the statistic of a prank gone wrong, which, right now is more likely than a criminal or terrorist attack.   However once these cars are all connected and able to drive autonomously a hostile agency could take over hundreds and simply issuing a command that took them to maximum speed would have massive deadly consequences.  It is critical that programs like Intel’s take the car industry where it needs to be before a large percentage of us become some kind of distributed 9/11.   Personally I’m thinking it will be a while before a buy a new car.  



President and Principal Analyst, Enderle Group

SHARE THIS ARTICLE
Related Articles

Mist Applies AI to Improve Wi-Fi

By: Paula Bernier    11/9/2017

Mist has created an AI-driven wireless platform that puts the user and his or mobile device at the heart of the wireless network. Combining machine le…

Read More

International Tech Innovation Growing, Says Consumer Technology Association

By: Doug Mohney    11/8/2017

The Consumer Technology Association (CTA) is best known for the world's largest trade event, but the organization's reach is growing far beyond the CE…

Read More

Broadcom Makes Unsolicited $130B Bid for Qualcomm

By: Paula Bernier    11/6/2017

In what could result in the biggest tech deal in history, semiconductor company Broadcom has made an offer to buy Qualcomm for a whopping $130 billion…

Read More

How Google's 'Moonshot' Could Benefit Industrial Markets

By: Kayla Matthews    10/30/2017

The term "moonshot" encapsulates the spirit of technological achievement: an accomplishment so ambitious, so improbable, that it's equivalent to sendi…

Read More

After Cisco/Broadsoft, Who's Next for M&A?

By: Doug Mohney    10/27/2017

Cisco's trail of acquisition tears over the decades includes the Flip video camera, Cerent, Scientific Atlantic, Linksys, and a couple of others. The …

Read More