When you think of securing your car, what’s the first thing that springs to mind? For most of us, this step probably involves making sure the windows are closed, the door is locked and you’ve hidden any valuable items. However, we’re living in a world now where most of the items surrounding us are ‘smart’ – they operate autonomously, respond when we talk to them and even predict our behaviour. That includes our cars. The safety of our cars no longer rests solely on you – the driver or keeper of the keys – but now also on the engineers producing the software of the internal computer.
“It’s not just the ‘traditional’ automotive companies producing cars anymore,” explains head of the Critical and Extreme Security and Dependability research group (CritiX) at SnT, Prof. Marcus Völp. “There has been a transition where people have realised that cars are now IT products, and so IT companies are realising that they can do it too,” he continues. It’s this technological transition that has initiated a partner project between CritiX and global IT provider Huawei, who joined SnT’s Partnership Programme in 2020.
Our cars nowadays integrate elements of autonomous driving – whether they’re helping us park, centre within lanes or adapt our speed with cruise control. While research continues to push the state-of-the-art in terms of what’s autonomously possible, CritiX is looking into how to secure the software in the case that an adversary breaks into the car, or a component fails, as well as how the car responds post-attack. “In the same way that we can’t wholly protect our computers at home, the security of our car’s software may always be vulnerable. However, what we can influence is how the car can withstand the attack afterwards and return itself to a good state – think like a ‘system restore’ for your car,” says Prof. Völp.
However, this version of a system restore needs to be far more complex than the ones found in our everyday computers. Programming a car to act autonomously requires it to have perception, prediction and planning skills. The car needs to take pictures continually, analyse what it has seen and make predictions on how individual objects, vehicles and pedestrians will act next – all while planning its route. Our future dependence on this very complex system is huge. Researchers within the CritiX research group, including Prof. Völp, Dr. Federico Lucchetti and Dr. Rafal Graczyk, are working on a combination of resilience mechanisms with Huawei to refine their software’s perception and prediction skills, and its response to adversarial attack.
Together, their research is helping to ensure that components within the car have correct commands controlling them, and that they are effectively communicating with the system. Making the perception skills more robust is also a focal point, since the safety of fully autonomous driving is still some time in the future. “Right now, autonomous cars may have around 16 sensors capturing footage from all angles – but with the two eyes and ears that we have as humans, we’re still safer drivers,” says Dr. Lucchetti, who is responsible for researching the perception resilience mechanisms. Their restoration avenue is exploring what happens if an attack on the prediction system requires the car to be ‘rebooted’. In a traditional computer, if you restore it to an earlier state, you don’t know if the vulnerability might already be present – it’s guesswork. Their research is ensuring that the car can remove trace of the hack without removing the car’s ‘learned’ behaviours. Covering all bases, the team are also making sure that this programming is able to fit in the car without taking too much space – currently the computer sits on the top of the vehicle – as well as that it doesn’t drain the battery or be too expensive to implement.
“It’s really a pleasure to be working with Huawei on this project and advancing this technology together,” shares Prof. Völp. While fully autonomous driving may still be some years away, their work is helping to shape the safer driving experience of our future.