Do you need to improve your automotive product development, to increase efficiency, or to comply with ASPICE and Functional Safety?
You are at the right place.
Cybersecurity Experts Push President Biden To Protect GPS Satellites And The Connected Car
Sometimes when you exclaim the sky is unprotected, they mentally label you as Chicken Little and ignore your alarms. Or sometimes they might believe your warnings yet quietly follow the group inertia that’s the cornerstone of groupthink.
And then a watershed event or three occurs: cybersecurity attacks against SolarWinds SWI +0.1%, Microsoft Exchange and the Colonial Pipeline. And those who spoke-up look like geniuses in bittersweet fashion akin to the mortgage doubters from The Big Short.
Such is the tale of Lisa Donnan, an internationally recognized expert in cybersecurity and operating partner at Option3 Ventures, and Julian Gresser, the former advisor to the U.S. State Department and World Bank and co-founder of The Balance Group. They have vigorously waved the Caution Flag regarding an insecure, trusted, non-critical infrastructure (satellites) communicating to a trusting non-critical infrastructure (vehicles) that could disrupt a vast network of highways, bridges and tunnels that are recognized as critical infrastructure.
But before jumping to the ending, let’s look back at how we collectively got here, the dangerous implications, and the meat still left on the bone towards a safer tomorrow.
The Days of Naiveté
Almost fifty years ago (1973), the Global Positioning Satellite (GPS) project was begun by The United States Department of Defense with the first satellite launched into space five years later (1978). Originally GPS was designated as military system, but the tragedy of Korean Air Lines flight 007 in 1983 inspired the U.S. government to make GPS satellites available for civilian usage with intentionally degraded accuracy, thus enabling the first handheld navigation device by Magellan (1989).
By 1995, all twenty-four (24) satellites in the GPS constellation were declared Full Operational Capability (FOC) and General Motors GM +2.1% began installing Guidestar as the first embedded navigational system outside of Japan. Five years later (2000), the U.S. government ends Selective Availability and enables greater use within vehicles, phones and handheld devices.
Simultaneously, another technology was beginning to take root: the Controller Area Network (CAN). This serial bus system was introduced in 1986, and was designed to handle small, unencrypted, un-authenticated messages between modules or systems within the cars, trains and ships. Production quickly ramped up in the late 90’s and in the year 2000 alone more than 100 million CAN devices were sold. Although other network technologies would eventually be invented (e.g., FlexRay, MOST), CAN retained the throne due to chip availability, lower piece cost and the high switchover costs of changing all carryover modules.
And although automotive would experience its first cybersecurity hacks a few years later, the vast majority of visible attacks on the overall system were “white hat” attackers (a.k.a. researchers or ‘good guys’) and, therein, did not truly raise the alarm.
The community has begun to awaken to the threat. “The automotive industry is frankly behind when it comes to cybersecurity, mitigation, management and even building cybersecurity from the get-go rather than as a bolt-on,” says Donnan. “Car-owners know little-to-nothing about the threat. And the amount of software is growing exponentially. Automotive has to take lessons and best practices from other industries that have already had to address the very-extended threat landscape when it comes to cybersecurity.” Yes, new regulations (e.g., UNECE) shall require ongoing operations by manufacturers including the monitoring, protecting and updating of vehicles’ software long after it drives off the dealers’ lots. Certifications that enforce these regulations essentially require manufacturers’ Cybersecurity and Functional Safety Engineers to forensically investigate potential hacks and their supplanted software. But even here, the newest standards (e.g., ISO/SAE 21434) suggest that the boundary of consideration for the Threat Analysis and Risk Assessment (TARA) is the vehicle’s physical exterior, thereby making satellite signals out of scope.
“We are so reliant upon GPS,” states Donnan, “and the reality is our adversaries know that. Frankly, there are not a lot of countermeasures. They’re working on it, but still are not there.”
So in the end, the satellite system could get hacked and start communicating that certain roadways are blocked by construction or traffic and force gridlock within critical throughways such as tunnels or bridges. “There are some striking omissions in President Biden's National Infrastructure Plan,” says Gresser. “Why are satellites not considered an essential sector in critical national infrastructure? Also, transportation is recognized as an essential sector. But, then cybersecurity risks of connected cars somehow got excluded. Policy makers need to view these complex issues from a whole systems perspective. A coherent infrastructure plan must connect the dots with a keen understanding of how a deep cybersecurity attack on one sector can rapidly cascade to many others. These failings reflect a deep national vulnerability, including from Space, that the Biden Administration must urgently address." Maybe the hope is that hacks won’t happen, though.
But they will.
Arguably the worst outcome of the last week was the realization that Colonial Pipeline paid nearly $5M in ransom to the hackers and now confirmed a third element to our Cyber-Pandemic: financial motive. Already the accelerated digitization of businesses during Covid-19 significantly increased Interpol-measured cybersecurity opportunities (by upwards of 59%) and larger unemployment created additional idle hands, but the large pay day will likely inspire additional hackers in the coming months.
As possibly said best by Jennifer Granholm, the Secretary of Energy, last Thursday in an interview by Axios, “These hacks are not going to stop. Because everything is now smart technology and using the cloud, we are vulnerable everywhere. And so every private sector entity – whether you are an energy business or not – has to be thinking about how you protect your system; your [operations]. So that, I think, is a big lesson for the private sector, and it’s a big lesson the government to think about. What should we be doing inside the government itself to prevent hacks and attacks on us …?”
On May 13, 2021 U.S. President Biden delivered remarks on the Colonial Pipeline incident at the Whitehouse.
Still Work To Do
Per an Op-Ed in Newsweek on May 6th, Donnan and Gresser pressed President Biden to 1) designate “space” as a critical infrastructure and 2) sign an Executive Order to effect a 180 Day Pause on the Federal Communications Commission (FCC) launch-approvals for new satellites under the uninsured Satellite Experiment.
On May 12th, President Biden did, in fact, sign an Executive Order on Cybersecurity requiring an investigation, public comment and action on Federal Information Systems that “… include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT))” within 60, 90 and 120 days respectively. “In the end, the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is, and to the consequences we will incur if that trust is misplaced.”
The Order does not pause satellite launches. It does not recognize any new genres of existing assets as critical to national security (e.g., satellites, commercial fleets). It does not require a deadline for containment actions. It says that by September, we will take a first, concrete step towards protection.
In the meantime, the automotive sector moves forward with autonomy, and yesterday (May 17th) another U.S. satellite was propelled into space.
“Just because we can do something technically due to versatility and genius,” says Gresser, “doesn’t mean we should rush ahead and do it unwisely without considering the risks; a ‘ready, fire, aim’ approach. How do we develop a framework that allows us to develop a pathway that maximizes the benefits and mitigates the risks?”
A great question. Let’s hope groupthink doesn’t squelch it.
This article was originally published by Steve Tengler (STEVE.TENGLER@KUGLERMAAG.COM) on Forbes.com on May 18, 2021
Do you need to improve your automotive product development, to increase efficiency, or to comply with ASPICE and Functional Safety? You are at the right place.CONTACT US