Intelligent CIO Middle East Issue 13 | Page 37

2External communications. Many, if not all onboard systems will have reasons to communicate to Internet-based services: for manufacturer maintenance, for software updates, for passenger Internet access, for travel and driving instructions, for service requests, to purchase items or services, or to backup data. External communications will very likely be both“ push” and“ pull” – they may be initiated either from inside the vehicle, or to the vehicle from a manufacturer or the Internet. This also means that traffic to and from the vehicle will need to be inspected and managed for threats and illicit, defective, or unauthorized communications using firewalls and IPS-like capabilities.

3Next, the connectivity infrastructure used by a vehicle will likely be based on well-established cellular networks, such as 3G and 4G data services, but with a twist. While these cellular services already provide connectivity to billions of smart phones and other devices around the world today, they also suffer from inconsistent security. Smart, driver-assisted, or even driverless vehicles will raise the stakes significantly. A directed attack on or through the cellular network could trigger significant, safety-critical failures on literally thousands of moving vehicles at the same time. Securing cellular networks providing critical vehicle connectivity will require a through review in light of such potential catastrophe.

4 systems suitable and designed for machines, not people, will need to be incorporated such that: cars can authenticate incoming connections to critical systems, and internet-based services can positively and irrefutably authenticate cars and the information they log to the cloud, or transaction requests they may perform on behalf of owners – such as service requests or transactions to buy fuel or pay tolls.