There has to be a push towards building systems so that security is factored in by design. This is not an easy challenge and requires a mix of technology, policy and behaviour.
The increasing autonomy and complexity of future systems, calls for academia, industry and the government to come together to address policy and mechanisation issues, writes Dr. Siraj Ahmed Shaikh
, a Reader in Cyber Security at Coventry University. However, this is no easy task:
“The computer science community has long been working on methods for rigorous design of digital systems. Such design and development needs to acknowledge some parts of a system may not be relied upon for security. A modern car may have several Engine Control Units (ECUs) that are interconnected and controlling various aspects from bluetooth to brakes.”
Shaikh makes clear that factoring security into design is no easy matter, and there are also factors of reliability, privacy and reliance.
“Policy is equally important as technology does not exist in a vacuum. Issues of ownership, governance, liability and risk all affect our use of technology as does the technical design itself. If a modern car is hacked to cause the brakes to fail, who is responsible? Manufacturer or the driver?”
The long term answer has always been that, If the software/hardware in a car is responsible for the crash, then it’s obvious that the vendor of that car will be liable. However, this make it even more imperative for stake holders to optimise systems security.
As Mercedes, Google and Volvo have demonstrated, stakeholders, need to come together to obtain a clearer view of the specific challenges and how can they be overcome.
Enabling various stakeholders in the supply chain to address security concerns through research, innovation and knowledge transfer remains a challenge, but networks such as the KTN are taking on this task, raising awareness of the major cyber security challenges and opportunities and working with companies and government stakeholders
A nano-scale boost for security
The advantages of a cohesive approach can be seen as academic fields - physics, computing and electronics - join forces to create innovative ways to defeat the cyber enemy and more security for connected devices.
Researchers from the UK universities of Lancaster and Manchester have built tiny identity tags, essentially imperfections in the building blocks of matter, making them virtually impossible to clone. These, they say, could be used as the basis of a robust system for authenticating hardware and software.
Certainly, exciting and enabling technologies, such as driverless cars and smart cities, will provide us with a rich array of cyber security challenges for the future.
Written by Adriana Hamacher.