“See something, say something” is a phrase we have all (unfortunately) come to know during our terror-fraught era. There are some places where people take that advice very seriously, such as at the airport, where agents carefully check for behavior that doesn’t “look right.”
It’s a form of profiling, based not on race or ethnic background, but on actions and activities. In some places – such as Israel – security personnel have this down to a precise science, and are able to distinguish between mere strange behavior and actions that could indicate a threat.
That kind of “profiling” can be useful in a lot of areas. When a computer system is working as it should, for example, things will operate and act in a certain way. If something is amiss – if a process acts in a way that is unexpected, for instance – it could indicate a problem, such as incompatibility in the system, or a hack attack.
One of those areas will be in connected driving – for many, a new experience that will force them to rely on the instruments and computers in their vehicle much more than they do now.
Connected vehicles will rely on those systems to navigate safely. But, like in the off-road world, computers can have problems; they can crash, get hacked or be otherwise compromised.
That’s inconvenient enough when it happens to your home computer or handheld device. At 65 mph (104 km/h), it’s life-threatening. How can we ensure the safety of a connected vehicle’s computers? One important, even essential, way will be via profiling – examining the way a vehicle behaves, as opposed to the way it is supposed to behave.
With connected technology, fleet owners, for example, could stay on top of how drivers are using their vehicles, how fast they drive, what their braking habits are, etc.
That data could have an impact on insurance rates, and help remove dangerous drivers from the road before they have an opportunity to do any damage.
But even more importantly, connected tech can protect drivers from hackers who might try to install malware that could compromise the safety of drivers and everyone around them.
We've already seen examples of how hackers have compromised connected vehicles. As connected vehicles become more common – and as that connectivity takes over more and more of the responsibilities of drivers, leading to the eventual deployment of self-driving vehicles – the need for a way to check vehicles for the presence of malware becomes even more vital. (Yossi Vardi, below left, is the author of this column.)
How can this be accomplished? For malware to accomplish its purpose, it needs to activate rogue processes, such as installing command and control protocols that let hackers remotely control vehicles.
To do that, malware needs to hitch a ride on the communications system and establish and maintain contact with the C2 server. A system that can detect that kind of activity could trigger on-board security systems, which would override the orders that are being directed at the vehicle remotely.
Under such circumstances, the vehicle could continue on without its occupants even being aware of what is going on. In a worst-case scenario, the vehicle could alert security personnel, who would intervene by remotely stopping the vehicle (if that kind of connected technology were available on the vehicle), or perhaps just contacting drivers and telling them to pull over, as there was a security issue that needed to be checked out.
Other incompatibilities that profiling could detect include files that appear to have been modified (compared with the original, standard-issue code in those files), excessive communication with a specific server and excessive activity in the system’s processor.
The security system would check those anomalies against a vehicle’s behavioral signature. If something doesn’t match, the system knows there’s a problem, and acts accordingly.
Connected cars are the wave of the future; in fact, they’re here already. According to one study, the connected vehicle market will be worth as much as $220 billion by 2025.
Manufacturers are loading vehicle electronic control units with connectivity that will enable drivers to take advantage of all sorts of services – and allow fleet managers, insurance companies, dealers and service operations to get real-time readings on how drivers drive, vehicle usage, efficiencies and much more.
And various entities, including insurance agencies and even law enforcement, can take advantage of that connectivity to detect security issues.
Yossi Vardi is the CEO of SafeRide Technologies Ltd.