After decades of buildup, the dawn of the smart city is within sight. The biggest connected-vehicle pilot programs in the world are ramping up right now across the United States. But experts still have grave concerns about the cybersecurity and ultimately the safety of this expanding technology.
The timetable is imminent. New York City, Wyoming and Tampa have been the sites of the federally approved Connected Vehicle Pilot Deployment Program since launch in 2015. Bidding on contracts to expand New York’s program — which set a goal of more than 8,000 connected vehicles and 350 roadside units to match the connected 12,400 traffic signals already deployed — is expected to be announced this month. Over the next two years, all three of the programs plan to be fully operating.
The long-term goals are grandiose and the forecast is clear: Nearly everything on every road in America will one day be connected, tracked and to some extent directed or advised by the authorities that oversee road operations.
In the name of increased road safety and efficiency, every car will be simultaneously communicating with every other car, traffic devices on the road and traffic controllers watching from afar. Everything from an upcoming sharp turn to a sudden thunderstorm will be known to onboard technology and the systems watching your car.
With hyperconnectivity, though, come privacy and security questions. Research shows that surveilling connected vehicles is inexpensive and easy — and not just by governments. It doesn’t take many resources to install sniffing stations along roads and gather data.
“If I install sniffing stations along the route, I will be able to eavesdrop on all the packets that you send,” Jonathan Petit, Principal Scientist at Security Innovation said when presenting his 2015 research on the subject. “However, there is a general misconception that such attacks are only accessible to governmental agencies or large companies with the resources to cover every road junction.You can build a real-time tracking system using off-the-shelf devices with minimum sophistication”
Speaking at a South by Southwest 2017 panel called “Smart cities, hackable streets,” security researcher Tom Cross had a laundry list of vulnerabilities discovered in recent years in smart city tech that, he argued, showed a severe lack of preparedness from cities even as they brought much of their infrastructures online.
Everything from smart traffic lights and smart cars to traffic apps have had security growing pains and regularly targeted by hackers and, sometimes just as harmful, liars who want to falsify the data for their own benefit.
Security researcher Robert Hansen had a long list of must-haves for cities.
“Crypto is one of those things that’s a must have,” Hansen said. “Number two, companies should be forced to have SLAs [service-level agreements] that the governments can enforce. For instance, they must be able to patch, they must have proper login, they must be audited. If they don’t have those things, there must be very large financial recourse for not having those things. For instance, you have to manually replace everything at your own cost. You should have SLAs in every contract to protect ourselves, so far I haven’t seen anyone do it.”
The third must-have “is to make sure we have a single throat to choke,” Hansen said. “A chief innovation officer for every city who is fully autonomous in their structure who is the guy or girl who decides what is going on in that city but who also knows why those vendors are good, figuring out better ways to structure and plan the city.”
Cross agreed, arguing that many of the people building these technologies are not economically incentivized to build security into them. He cited the Mirai botnet as a prime example: Neither the device manufacturers nor the device owners were economically hit by the compromised devices. In this case it was independent third parties that were smashed and brought down in the tsunami of denial-of-service attacks.
“We’ve got to figure out how to make sure local governments have the support and expertise they need,” Cross said. “Part of that is encouraging people to really take these issues seriously.”
Publishing security vulnerability research helps, he argued, saying that so-called “stunt hacking” actually gets powerful people’s attention and catalyzes dialogues that can make progress.
There’s yet another dimension to the privacy challenge: labor.
“You can believe that privacy is a challenge,” Bob Rausch, Vice President for TransCore’s ITS Division, said at a South by South West 2017 panel on the proliferation of connected vehicles in America. “It’s not just the kind of personal privacy you’d think, it’s also the privacy labor unions are concerned with. They don’t want anyone tracking the vehicles too closely.”
One key to the system is the security mechanism that establishes a “trusted environment” to authenticate sources of info so you, your car and the overall system can trust the data to make decisions that happen on the road. False data can result in road fatalities. But authentication signatures add significant bytes of data to be transmitted, potentially slowing down communications. In a system where the stakes are potentially life and death, authentication often comes down to a question of speed versus security.
New York City’s program is slated to be operating by late 2018. It’s been a slow process, however, and even Rausch laughed and shrugged when talking about the timeline. Despite significant progress and millions of dollars, the questions and challenges for this program remain daunting even local governments face new cybersecurity threats every day.