Cybersecurity in the age of autonomous vehicles, intelligent traffic controls and pervasive transportation networks

Abstract

Technologies for autonomous vehicles, “smart” roadways and ride-hailing services are advancing at a dizzying pace. They are also beginning to interconnect and interoperate to form complex systems-of-systems. The cyberattack surfaces of these systems-of-systems are expanding exponentially. Currently, many related systems are standalone, but when they are integrated, vulnerabilities of, and threats to, the resulting systems-of-systems could grow so much that they might well detract from the potential of these systems to improve safety and gain fuel use due to reduced travel times. Despite warnings, few are focusing on improving cybersecurity of the entire system-of-systems as the self-driving, ground-vehicle juggernaut ploughs ahead. Far too little attention is being paid to vulnerabilities throughout the systems-of-systems that will undoubtedly arise when the myriad of systems is interconnected and interoperate. In this paper, we discuss the cybersecurity consequences of the current uncoordinated evolution of these systems-of-systems and describe how such risks might be mitigated by, among other approaches, proactively introducing cybersecurity requirements early in the design, development and deployment process.