As the transition toward connected and autonomous vehicles (CAVs) gains pace, the issue of automotive cybersecurity has quickly risen up the ranks as a critical priority for industry and the government alike. But with so many factors to consider, including not just the development of the technology needed to offer real-time responsiveness to threats, but the correct implementation of standards, rules and best practice guidelines, the journey toward a robust, unified approach to CAV security is one that will hinge on innovation and cross-industry collaboration. Here, Anthony Martin, head of vehicle resilience technologies at Horiba MIRA, talks about the important role that a pioneering new project, ResiCAV, has played in helping define the roadmap for automotive cybersecurity – including the urgent call for a national program.
It is well documented that this modern age of the Internet of Things (IoT), in which almost every aspect of daily life is connected, comes with a risk. Indeed, as more processes become digital, and the physical and virtual worlds merge to offer benefits that include optimized efficiencies and convenience, the downside is an increase in opportunities for cyberattacks.
Unsurprisingly then, with the UK government having asserted ambitions to be a global leader in CAV deployment and manufacturers continuing to make major breakthroughs in developing next-generation vehicles, one pressing concern has quickly risen to the forefront: how will cybersecurity policy operate in the penetrable future world of connected vehicles?
The good news is that amid growing concern around current automotive cybersecurity threats, recent years have seen the industry and government break major new ground in understanding the role of future automotive cybersecurity, driven by a number of major, government-funded collaborative R&D projects.
Breaking new ground
A great example is ResiCAV, which is part of a program of seven collaborative projects bringing together cross-sector industrial, academic and government expertise from a range of key sectors in order to ascertain how the mobility industry should respond to emerging cybersecurity threats.
Supported by Zenzic and part-funded by the Centre for Connected and Autonomous Vehicles (CCAV) and Innovate UK, the ResiCAV project saw numerous research bodies and industry players, including Horiba MIRA, come together in a three-month study designed to explore the feasibility of creating a UK cybersecurity center of excellence to address emerging cybersecurity threats across the mobility ecosystem.
The resulting progressive research has not only successfully demonstrated the commercial viability of the creation of a UK Road Transport Centre of Excellence for Cybersecurity Resilience (CYB-R) – but asserted its very pressing need.
This vision involves bringing together the very best UK expertise to create an ecosystem of specialist services to include research, engineering, test, simulation and certification in road transport cybersecurity and resilient mobility, along with a closely related education and training initiative. The aim is to leverage existing capabilities to rapidly place the UK at the forefront of developing and providing cybersecurity solutions for the global mobility revolution.
In terms of achieving this progressive vision, our detailed report in this remit sets out a roadmap of recommendations that help set the direction for future policy.
First, it identifies the importance of bringing together a full range of world-class facilities, based on a linked cybersecurity testbed ecosystem (CLUST-R) that will integrate newly defined and existing UK testbeds.
We recommend that the CYB-R Centre must also act as the focus for a national capability to ensure the cybersecurity resilience of the UK’s associated V2X infrastructure, as well as providing an associated CYB-R Certification Centre. Aligned to this, the facility must also lead UK participation in relevant international standards and regulatory activity, including informing future government policy on cybersecurity for CAV and the wider mobility ecosystem.
As cybersecurity is a constantly evolving problem that tracks the developments in technology, it is imperative that CYB-R is closely integrated with a collaborative R&D environment with funding streams for the development and validation of future cybersecurity resilience methodologies.
Finally, updates to UK criminal legislation that make better provision for ethical and responsible cybersecurity research activities will be essential to enable the lawful operation of all CYB-R engineering and research facilities to full effect.
A driving force
While many other government-funded initiatives have made solid automotive cybersecurity-related recommendations, ResiCAV has uniquely proposed guidelines for protective operational monitoring technologies and services.
As a result of the extensive insights revealed during the work, recommendations set out in the report not only put forward a compelling case for the urgent delivery of a UK center of excellence – but have also outlined the practical approach to its delivery.
Amid the escalating speed of CAV development, which continues to see more connected vehicles on the road, it becomes increasingly important that the UK leads the way in its according cybersecurity capabilities. Indeed, it may be a complex and vast task, but it is a fundamental one which, starting with the development of a national center of excellence, will see the UK establish itself as the driving force behind automotive cybersecurity in the global race toward future mobility.
To read the full ResiCAV report, visit: www.horiba-mira.com/Vehicle-Resilience/automotive-cybersecurity/resicav-cyb-r/