The automotive industry mustn't overlook the importance of security against hacking in the rush to grab a share of the self-driving car market, says Wil Rockall
In March, the coalition government's final Budget before the general election saw Chancellor George Osborne announce plans to make £100m available for developing driverless cars in the UK. The money, matched by a similar level of investment from industry, will help fund the research needed to make these vehicles a reality.
As the race to bring driverless vehicles to the world's roads begins we're seeing technology giants like Google and Apple, who want to become big players in the emerging market, partner with traditional automotive manufacturers. All are jostling for position as they establish bids to participate in partnerships aiming to develop 'the car of tomorrow'. Recently, for example, we've seen Ford announce a partnership with Microsoft that will allow its driverless car users to receive system updates without using a separate computer or Internet connection.
Driverless cars are an important technological innovation in themselves, but they can also deliver a huge economic boost. Research suggests that they could generate 320,000 jobs in the UK, which would do a great deal to help revitalise the country's automotive and engineering sectors. It's estimated that self-driving vehicles could deliver a £51bn boost to the economy. Importantly, this would mean that the UK would become a global leader in producing driverless vehicles.
The way in which cars have become more connected and technology continues to converge means driverless cars represent a natural evolution in the automotive sector. Road safety is one of the main reasons for developing technology that should, in theory, further reduce road accidents and injuries. Another reason is that they will bring more efficient use of roads and better deployment of resources. Vehicle-to-vehicle communications will allow better management of speed, while integrated navigation promises to make congestion a thing of the past.
Another appealing factor is that self-driving cars would let a broader range of people enjoy the freedom of travel. The very old, those who are disabled, and young people will be able to travel by car, unconstrained by their inability to operate a traditional vehicle safely or with the experience of evaluating road conditions - these things will be done for them.
This utopian notion of roads and future travel will be far from the truth, however, if driverless car manufacturers don't address some of the security fundamentals. The risk is that if security isn't tackled now, we will see hackers sending people to wrong locations, 'spam traffic jams', valuable goods diverted for theft and accidents due to deliberate collisions.
The year 2025 has been identified as the year when self-driving cars become mainstream. That's ten years away, but manufacturers and technology companies need to take into consideration that the vehicles of the future are designed secured, rather than security being an afterthought when these cars hit the road.
To guard against hackers, companies have to ensure that software is secure by design, supported by the separation of critical systems from things like infotainment. In order to continue to develop self-driving cars as more resistant to cyber attack while retaining valuable information, all self-driving cars should have a 'black box' type recorder. Importantly, all vehicles need to have the ability to correct any faults over the air, like those coverd by the Ford and Microsoft agreement.
Manufacturers of driverless cars have a chance and a duty to prevent these issues from occurring on a grand scale and make sure we have resilience built into the national infrastructure that allows us to react to issues, prevent them from becoming catastrophes and rapidly mitigate them from recurring.
If we all work together we can set out on the right journey together assured that we can reach our destination safely.
Wil Rockall is a director of KPMG's Information Protection and Business Resilience practice