I recently had the opportunity to tour a factory in Youngstown, Ohio, and was mesmerized by the fleet of small self-driving trucks, or autonomous vehicles (AVs), that crisscrossed the factory floor.
One of the supervisors, who had worked at the factory for 20 years, said that the floor used to be a chaotic mess of carts and dollies hauling scrap, parts, and orders. Now, it is organized, even quiet, as work hums along at an even pace. None of the trucks seemed to pose a risk to one another, as they are scheduled and monitored using the best internal AI software.
But the trucks I saw were in a vast, sprawling factory. The risk of crashing into a family driving in their SUV or not stopping at a school crosswalk was non-existent in this environment. Increasingly, though, larger companies like UPS and Walmart are jumping into the driverless vehicle market for everything from delivering corn chips to computer chips. So, AVs will become more commonly used in the years ahead.
According to an analysis by Frost & Sullivan released at the end of last year, fully autonomous trucks could lead to $4.75 billion in savings in annual freight costs for businesses by 2030. Some of these savings will be allocated toward support services, and MSPs that work now to get in the game will see significant opportunities.
Deeping integrations give rise to security concerns
“MSPs should be doing everything they can now to onboard talent and knowledge of the automated vehicle systems so they can position themselves as the go-to place for security services,” advises Stanley Wilson, an independent cybersecurity expert in Miami, Florida.
The same Frost & Sullivan report pointed out that the automotive ecosystem is heading toward integrating multiple domains, such as the Internet of Things (IoT), connected vehicles, AVs, and V2X communication. These deepening integrations and shifts in focus will underpin the software-defined, connected cars of the future.
As the AV ecosystem expands, that will open a larger playing field for MSPs.
One of the biggest cybersecurity fears for AVs is the fear that, for example, a truck could be hacked, hijacked, and driven into a vulnerable target.
Vehicle vulnerabilities already exist
Fear of a moving vehicle being hacked is one of the biggest impediments for factories and industries jumping into the autonomous vehicle market. But experts say that the anxiety over autonomous vehicle security ignores the reality of the present: that today’s vehicles with drivers are just as vulnerable, as pointed out in this recent Nextweb article, that calls your car a “computer on wheels.”
Both electric and standard gasoline vehicles have driver-assisted software, autonomous braking function, climate control, and more. These can be attack surfaces, and as society transitions to autonomous vehicles, the attack surfaces will only increase. But that also presents more opportunities for MSPs who want to get in the market of offering services to protect and monitor AVs from intrusions.
“The use of autonomous vehicles is growing incredibly fast,” says Jerry Vergeront, Director of Risk and Cybersecurity at Seattle University. Vergeront expects the market for AVs to continue to increase exponentially over the years ahead.
What could ultimately become more valuable to hackers, Vergeront states, isn’t the vehicle itself but the data that will be available in them. Corporations would benefit greatly from consumer data showing who is traveling where and what they are doing once they get there. Methods will have to be established for safeguarding the data as AVs become more widely used.
Securing AVs requires a multi-layered approach
The National Highway Transportation Safety Board recommends that MSPs and cybersecurity specialists focus on a multi-layered cybersecurity approach that focuses on both wireless and wired entry points. Each entry point is a vector. So, a multi-faceted approach to vehicle cybersecurity can reduce risk.
NHTS specific recommendations include:
- A risk-based prioritized identification and protection process for safety-critical vehicle control systems.
- Timely detection and rapid response to potential vehicle cybersecurity incidents on America’s roads.
- Architectures, methods, and measures that design in cyber resiliency and facilitate rapid recovery from incidents when they occur.
- Methods for practical intelligence and information sharing across the industry to facilitate quick adoption of industry-wide lessons learned. NHTSA encouraged the formation of Auto-ISAC, an industry environment emphasizing cybersecurity awareness and collaboration across the automotive industry.
Meanwhile, experts like Vergeront predict much of the computing for autonomous vehicles will happen on the edge. Experts also say that safeguards need to be implemented to protect those entry points.
The factory in Ohio that I visited works with a couple of MSPs to manage their fleets, freeing factory personnel from worrying about cybersecurity (other than practicing good cyber hygiene). It’s a win for everyone as the automated, driverless trucks zigzag across the factory floor.
Photo: DedMityay / Shutterstock