—Unlike many cybersecurity experts, Justin Cappos doesn't lay awake at night worrying about data breaches.
Instead, as today's automobiles roll off assembly lines with dozens of embedded computers on board, the New York University computer science professor worries that malicious hackers may become more adept at remotely hijacking cars as they speed down the road.
And that's not just an idle concern. Security researchers Charlie Miller and Chris Valasek, who both currently work for Uber, demonstrated in 2015 how to remotely hack a Jeep Cherokee. And with automakers outfitting cars with computers that do everything from tighten seat belts to deploy airbags, experts worry that criminals could take advantage of vulnerabilities in those digital systems.
That's why Mr. Cappos and his team at New York University's Tandon School of Engineering along with researchers at University of Michigan's Transport Research Institute (UMTRI) and the Southwest Research Institute have set out to solve a key piece of the automotive cybersecurity puzzle: Remotely patching and updating old software.
"You should expect that your car has bugs in it," says Mr. Cappos. "You wouldn't expect most car companies would have better security teams than Microsoft or Google."
Unveiled at UMTRI's headquarters in Ann Arbor, Mich., on Tuesday, their new protocol – called "Uptane" – aims to safely and securely update some of those millions of lines of code inside cars without drivers needing to return to dealerships.
Several major automakers – such as Ford, Tesla, and General Motors – already offer the ability to remotely improve or repair onboard software using WiFi or cellular connections. And the drive toward remote software updates should only speed up in the next decade. The technology research company ABI research estimates that more than 200 million cars will receive wirelessupgrades by 2022.
Cappos' Uptane system would remotely update software in cars and thwart those potential digital attacks by storing the encryption keys needed to conduct software updates in an offline setting with the car manufacturer when the vehicle isn't in use. But once a driver puts the key into the ignition, the car can remotely verify any upgrades, and ensure that a hacker hasn't ***pered with the directions.
What's more, since an airbag controller might require less computing power than a radio, for instance, Uptane features stronger verification checks for more powerful units that could have a more significant safety impact if hacked.