NHTSA’s Next Hurdle: Automotive Electronics Safety and Security
NRC Releases Study
Both automotive safety and security are important concerns for consumers, repairers, insurers and automobile manufacturers. Two studies in the last few months have highlighted both safety and security issues. These two policy issues will be more widely discussed in the industry and in government agencies in the future.
There have been several recent reports of “vehicle hacking” in the media. Independent studies confirm that the automotive industry and consumers should be interested in automotive electronics and security.
One study produced by researchers at the Center for Automotive Embedded Systems Security (CAESS), a collaboration between researchers at the University of California San Diego and the University of Washington, noted “…that remote exploitation is feasible via a broad range of attack vectors (including mechanics tools, CD players, Bluetooth and cellular radio), and further, that wireless communications channels allow long distance vehicle control, location tracking, in-cabin audio exfiltration and theft.”
Researchers at CAESS concluded, “Developing security solutions compatible with the automotive ecosystem is challenging, and we believe it will require more engagement between the computer security community and automotive manufacturers (in the same way our community engages directly with the makers of PC software today).” To access the CAESS study, please visit www.autosec.org/publications.html.
A more recent report released in January 2012 by the National Research Council’s (NRC) Transportation Research Board included a review of automotive electronics safety. The NRC study began with a request from the National Highway Traffic Safety Administration (NHTSA) in the aftermath of the 2009-2010 reports of sudden acceleration in Toyota vehicles.
NHTSA had requested the NRC study of how the agency’s regulatory, research and defect investigation programs can be strengthened to meet the safety assurance and oversight challenges arising from the expanding functionality and use of automotive electronics.
Although this may be a long regulatory process, it is anticipated that NHTSA will become much more involved in automotive electronics safety and security.
There were a number of key findings from the study:
• Electronic systems have become critical to the functioning of the modern automobile.
• Electronic systems are being interconnected with one another and with devices and networks external to the vehicle to provide their desired functions.
• Proliferating and increasingly interconnected electronics systems are creating opportunities to improve vehicle safety and reliability as well as demands for addressing new system safety and cybersecurity risks.
• By enabling the introduction of many new vehicle capabilities and changes to familiar driver interfaces, electronics systems are presenting new human factors challenges for system design and vehicle-level integration.
• Automotive manufacturers visited during this study – and probably all others – implement many processes during product design, engineering and manufacturing intended to ensure that electronics systems perform as expected up to defined failure probabilities and to detect failures when they occur and respond to them with appropriate containment actions.
The committee of experts made several recommendations to NHTSA:
• NHTSA should become more familiar with – and engaged in – standard-setting and other efforts involving industry that are aimed at strengthening the means by which manufacturers ensure the safe performance of their automotive electronic systems.
• The committee concurs with NHTSA’s intent to ensure that event data recorders (EDRs) be commonplace in new vehicles and recommends that the agency pursue this outcome, recognizing that the utility of more extensive and capable EDRs will depend in large part on the extent to which the stored data are available for safety investigation.
• The committee endorses NHTSA’s stated plan to conduct research on both pedal design and placement, and keyless ignition design requirements, but recommends that this research be a precursor to a broader human-factors research initiative in collaboration with industry and that the research be aimed at informing manufacturers’ system design decisions.
• The committee recommends that NHTSA initiate a strategic planning effort that gives explicit consideration to the safety challenges resulting from vehicle electronics and that gives rise to an agenda for meeting them. The agenda should spell out the near- and longer-term changes that will be needed in the scope, direction and capabilities of the agency’s regulatory, research and defect investigation programs.
ASA met recently with the automakers to discuss automotive electronics safety and security, and will monitor related regulatory activity. To learn more about these studies related to automotive electronics safety and security, please go to ASA’s legislative website at www.Taking TheHill.com.
Copyright (c) 1996-2012. Automotive Service AssociationŽ. All rights reserved.