How safe are Connected Cars?

The car is becoming our networked assistant with numerous functions. But the technical upgrading is a mixed bag.

Opel OnStar, the new mobility and emergency assistant, will be implemented to the Opel range from August on. ©GM Company

In many cars, the driver isn’t alone any longer. The so-called connected cars are connected to the internet. More and more frequently they provide wireless connection which can be used to create a hotspot for other devices.

Online services for entertainment and communication become available, it is possible to record driving behavior and to save it in the cloud. Concerned parents can be ensured quickly by checking where and how their children are driving. Moreover, in case of emergency, internet connectivity allows the car to become active and to signal potential risks.

These assistance systems shall support the driver but at the same time they increase the probability for other threats. A central aspect concerns the confidentiality of personal data. However, the possibility for targeted attacks to the car control system from outside is the most critical problem.

Attack from outside

If hackers get access to the vehicle’s electronic system and would manipulate brakes or other substantial functions of the car the driver could be endangered seriously. This summer, Chrysler had to learn this by painful experience: hackers got access to the car’s electronic system and manipulated wipers, radio and air conditioning. Finally they stalled the engine. For this reason the car manufacturer recalled 1.4 million vehicles.

Here’s the problem: in many of the connected the internet connection runs in the same software network as the control system for critical vehicle functions. If a hacker gains access to this network, he is able to take over full control of the car.

In order to avoid these risks many car manufacturers count on the so-called „ethical hackers“ which are programmers recruited to detect weaknesses in the system. In many cases they are confronted with systems that are protected by passwords which are not very complex. For specialists it is a piece of cake to crack the code. Even though the manufactures do invest a lot in preventing this – no solution can be guaranteed to be one hundred percent secure.

Legal issues

If it comes to an accident caused by hackers, the question of liability arises. Product liability law defines that manufacturers have to ensure the safety of their products. Up to now, it doesn’t seem possible as this would imply a permanent monitoring of all cars by their manufacturers. Furthermore at present time monitoring is legally not allowed and would need the approval of the legislator.

A thinking car that is reliable and communicates its condition could revolutionize driving as well as road safety. Manufactures could be informed directly if the car indicates actual dysfunctions or damage. Also in this case it is not legally allowed these days to analyse or even save this data.

Used-car buyers could benefit from saved data as well, as they could be sure that the mileage status and road profile of their car of interest is correct. At the same time this would allow for following the motion profile of the previous owner: this creates problems in terms of data protection. The legislator is thus challenged to investigate existing regulations and to adapt them if necessary.

Key points for vendors and buyers

The process of selling or purchasing a connected car must be handeled with care. In addition to a correct handover and check of data it has to be ensured that the saved data of the previous owner has been deleted. Moreover, the buyer needs to read up on which data will be stored to what extent and who will have the right to access it for which purpose.

Read more: Autonomous driving: What projects are in the pipeline?