Someone recently stated that the development of the Internet of Things is the modern-day equivalent of the Industrial Revolution, and they could be right. It is very exciting to imagine a world where we can control literally everything from a smartphone. But my major concern is where security sits within the grand scheme of IoT, particularly in the motor industry. And does it? I have my doubts.
There are several reasons why we need to take this seriously, mostly because connected cars are like an iPhone on wheels, and consequently susceptible to all of the same issues we face on a daily basis with computers. Also not forget that cars are big hunks of metal and when not in control, can do a lot of damage.
There are many plausible uses for having full remote control over vehicles, and science fiction is rapidly becoming reality. Some of the applications include fleet management and control, location of stolen vehicles, pre-programming journey routes as well as emergency assistance in the case of accident. But since car manufacturers foresee vehicles becoming mobile ecommerce platforms (iPhone on wheels), we can soon expect location-based ads appearing on our car dashboards, such as where the nearest Starbucks is or where to buy fuel once the car realises that your tank is close to empty, perhaps with a voucher for a Whopper. Of course there are other concerns too, including the real possibility of distraction whilst driving. UX designers and safety campaigners are already getting worked up about how many accidents will result from the rapid deployment of these devices, however I am more worried about the first hack that sends you down a blind alley, or worse still, starts collecting personal data about your driving habits.
Where is this going to take us? More often than not, businesses are driven by profit and only invest in safety innovation when required to do so, either by governments, peer pressure or customer demand. We know this because safety studies in developing nations continue to show the dreadful outcome of not wearing seat belts or tolerating drinking and driving, so we should take this into consideration when thinking about how to avoid the consequences of insecure connected vehicles. And if we think even further ahead, what happens when driverless cars start to appear on our roads? Based on recent reports, serious trials are about to start on public roads.
This also raises concerns about physical safety, since the systems, perhaps running in the cloud, controlling and coordinating the vehicles are all prone to intrusion and failure. If the US government can't keep its personnel records secure, what hope is there for a car manufacturer?
Connected Cars are highly complex systems, not quite like but not dissimilar to aircraft. The vast majority of the components found in Connected Cars are designed and made by companies other than the car manufacturers. This represents an integration challenge, since history has shown us that highly integrated IT systems are prone to failure, which is something that cannot be tolerated in cars. As is often the case, the other side of the challenge coin is a growing opportunity for the channel, from security services (designed, development, testing, compliance) to the development of secure code. We are at an early stage in the development of Connected Cars, with a long way to go, and entrepreneurs and innovators in the channel have a unique opportunity to create a niche in what is a high value market. As with mainstream IT, security professionals are in short supply, forcing companies to turn to trusted channel partners, and this will prove to be even more so in the Connected Car world.
Much of this is speculation, but what we do know is that the Internet of Things is here to stay and connected cars are becoming a common sight on our roads. We will see innovation occur much faster than ever thought possible as the ubiquity of fast networks collides with the availability of high-powered software. The supporting hardware is ready and waiting. I would subscribe to the view that the security industry has both an obligation as well as a huge opportunity in our midst. As usual it will not be the large companies that provide the innovation. It will be left to an entrepreneur with a vision to save the world.
Richard Kirk is senior vice president of Telecom and Service Provider Sales at AlienVault
Infrastructure provider says international sales now make up 51 per cent of its revenue
Suzanne Chappell of TMS plans sailing venture after selling Oxfordshire-based TMS to acquisitive Chess
Withdrawal of credit insurance by some providers a 'reflection' of current challenge facing IT sector, according to MD Steve Soper
SMART's UK managing director joins Lenovo to boost SMB business