Science News
from research organizations

Smart car cyberattack warning: Flaws found in security systems

Date:
October 20, 2015
Source:
Queensland University of Technology
Summary:
How Australia acts today will determine the security and safety of driverless cars, autonomous vehicles and intelligent transport systems in the future, with academics warning there is a risk of in-vehicle cyber attack without appropriate safeguards.
Share:
FULL STORY

How Australia acts today will determine the security and safety of driverless cars, autonomous vehicles and intelligent transport systems in the future, with Queensland University of Technology (QUT) academics warning there is a risk of in-vehicle cyber attack without appropriate safeguards.

QUT information security expert Dr Ernest Foo presented his paper at the 2015 Australasian Road Safety Conference titled Security Issues for Future Intelligent Transport Systems, highlighting the need to protect the future smart car.

The three-day conference was hosted by QUT's Centre for Accident, Research & Road Safety -- Queensland (CARRS-Q) on the Gold Coast.

"When talking about the car of the future we are talking about connected vehicles, vehicles that exchange information to facilitate warnings and improve on-road safety," Dr Foo said.

"The connection could be as simple as alerting a driver of an impending crash or as complex as allowing driverless cars on our roads.

"For vehicles to connect there needs to be a secure system to allow the safe transfer of information.

"Public key infrastructure is a security system that is already used to facilitate the safe transfer of information such as banking details.

"Without a secure system there is the potential for vehicles to receive misinformation or more critically for car hackers to maliciously take control of a vehicle."

Dr Foo said public key infrastructure was a combination of hardware, software, people, policies and procedures to create, manage, distribute, use, store and revoke digital certificates that supply public key encryption.

He said to date Australia had no guidelines to control public key infrastructure for intelligent transport systems.

"While the US and Europe have developed public key infrastructure guidelines, our research has found these guidelines have limitations when used in safety-critical vehicle environments," he said.

"The sheer amount of vehicles to be connected poses safety concerns, along with privacy, security and scalability under different traffic scenarios."

Dr Foo said public acceptance of connected and autonomous vehicles would depend on appropriate levels of security, and users' trust in a new intelligent transport system was crucial.

"The proposed systems in the US and Europe are too complex and pose potential risks for security and privacy flaws," he said.

"What we need to be doing in Australia is developing a system that offers an acceptable level of privacy, security and autonomy, while being flexible enough to work effectively in a complex environment."


Story Source:

Materials provided by Queensland University of Technology. Note: Content may be edited for style and length.


Cite This Page:

Queensland University of Technology. "Smart car cyberattack warning: Flaws found in security systems." ScienceDaily. ScienceDaily, 20 October 2015. <www.sciencedaily.com/releases/2015/10/151020103835.htm>.
Queensland University of Technology. (2015, October 20). Smart car cyberattack warning: Flaws found in security systems. ScienceDaily. Retrieved May 24, 2017 from www.sciencedaily.com/releases/2015/10/151020103835.htm
Queensland University of Technology. "Smart car cyberattack warning: Flaws found in security systems." ScienceDaily. www.sciencedaily.com/releases/2015/10/151020103835.htm (accessed May 24, 2017).

RELATED STORIES