A new partnership announced this week between the University of Windsor’s The SHIELD Automotive Cybersecurity Centre of Excellence and South Korea’s Autocrypt will help foster the growth of autonomous vehicles and their usage in North America, including for small businesses, who may turn to an MSP to help secure autonomous vehicles.
Much has been made of the promise of autonomous vehicles, especially on factory floors and other industrial settings. Small businesses that might partner with an MSP if they add an autonomous vehicle could include those that use the vehicles for delivering their products and goods to customers, especially if the SMB struggles to afford or attract drivers for employment.
However, less attention has been paid to their potential cybersecurity vulnerabilities. Research at the University of Windsor, just across the border from Detroit, will help identify some of these issues. Carlton Edwards, a cybersecurity expert based in Detroit who has studied cars and cybersecurity, applauded the partnership.
“Manufacturers have invested a lot in developing algorithms that cause autonomous vehicles to follow commands, but what if a hacker changed those commands to direct self-driving semi to barrel into a building at 100 mph?” Edwards tells SmarterMSP.
One organization that is already sounding the alarm about cybersecurity in autonomous vehidles is The European Network and Information Security Agency (ENISA).
“Apart from unintentional threats, such as sudden malfunctions, these systems are vulnerable to intentional attacks that have the specific aim to interfere with the AI system and disrupt safety-critical functions,” says a recent ENISA report.
As autonomous vehicles gain in popularity, Edwards points to a potential opportunity for MSPs.
“Manufacturers don’t make cybersecurity a priority, and most companies have too thin of an IT staff, yet these vehicles need to be monitored like any other part of a business’s connectivity, and should be monitored more, as you don’t want a two-ton driverless truck compromised,” Edwards advises.
Edwards says that MSPs need to take note because autonomous vehicles can be an opportunity and a liability.
“They are a liability if your contract calls for cybersecurity and you are monitoring a client’s autonomous vehicles, and an opportunity if you aren’t because you can use that as a valid reason to expand your MSP’s footprint,” Edwards asserts.
MSPs, he adds, that can specialize in autonomous vehicles will find themselves with a growing customer base. Statistics back that up with the global market for all autonomous vehicles expected to grow $556.67 billion by 2026. A report from PWC recently outlined the growth:
With about 16 billion tons of goods and commodities shipped annually in the US, a broad group of players—large industrials, start-ups, state and municipal governments, to name a few—are rushing to develop and deploy automated and, ultimately, autonomous transport of goods, including raw materials, parts, and finished product.
Wild West of autonomous vehicles
One of the challenges right now, Edwards notes, is that regulations surrounding self-driving vehicles haven’t caught up to the technology, so there’s a real “wild west” component right now.
“This is common with technology, that it takes a while for the law to catch up, so any MSPs thinking of really getting into this area needs to stay on top of the evolving legal landscape,” he says.
He also adds that the regulatory environment will likely be “uneven” for a while. For instance, vehicles that travel on busy roads are already governed by regulations, but an autonomous vehicle traveling on a factory floor barely has any oversight other than routine OSHA standards. “That will change,” Edwards advises.
#MSPs that specialize in autonomous vehicles souls find themselves with a growing customer base and a #CyberSecurity opportunity.
MSPs thinking about jumping into autonomous vehicles also need to consider some other potential challenges:
- Internal hardware: The connectivity of the device needs to be audited and scrutinized, Edwards says. Components that receive over-the-air-updates must be adequately understood and protected.
- Vehicle operating system: There needs to be a process in place so that a human can override the automation and take over. “Taking this one step further, there should be a process in place to support a second person in overriding the human if need be,” he points out.
- Software: Most autonomous vehicles operate on their own internal software. “This software needs to be understood and scrutinized by IT staff,” Edwards notes.
Right now, Edwards says, the MSP involvement in autonomous vehicles is limited.
“But I expect this to change by leaps and bounds in the years ahead. An MSP that chooses now to specialize in this niche, even if it’s not very lucrative at the moment, will be rewarded later,” he states, pointing to progress in neighboring Windsor at utilizing such vehicles.
Loblaw’s, Canada’s largest grocery chain, for instance, utilizes autonomous delivery trucks, and other retailers are experimenting with middle-mile autonomous semi-trucks.
“The headlines will be focused on self-driving vehicles on the highway, but that isn’t where the real opportunity lies for MSPs. It’ll be the explosion of self-driving devices on factory floors, warehouses, and delivery yards that will bring opportunity for MSPs. That’s where MSP services will bloom,” Edwards concludes.
Photo: Flystock / Shutterstock