For the first time, the California Department of Motor Vehicles is about to allow fully autonomous test cars on the road, without a backup driver.
"This is a major step forward for autonomous technology in California,” DMV Director Jean Shiomoto said.
Right now, the state where cars are king has 50 companies operating autonomous cars with a human driver behind the wheel who can take over if there is trouble.
But starting in April, the State of California will begin issuing permits for fully driverless cars to be guided with nothing but technology at the controls.
Each vehicle will have major amounts of insurance: a minimum policy of $5 million for each one.
Is cybersecurity all set in autonomous vehicles?
Everyone always loves shiny new tech.
And in Los Angeles, we can just imagine the news stations flying overhead in a chopper during a live broadcast as the first fully automated car rolls onto city streets.
But what about cybersecurity for these fully autonomous vehicles? Are the cars secure?
As SecureWorld reported recently, the Auto-ISAC community has been talking about something akin to a "black box" for autonomous and connected cars that would control and authenticate all cyber access to vehicle systems.
"Who controls these interactions, how do they happen? Sometimes it's not related to the OEM, it's an agreement between services. But as more connectivity is coming through the car, we do not want to add to risks. We want to manage and control those risks," says Tom Gage, CEO of Marconi Pacific.
As far as we know, the test cars do not have any sort of cybersecurity black box.
What about GPS failure or spoofing for driverless cars?
And I recently interviewed Associate Professor Kris Rosenberg at the Oregon Cyber Defense Center. He certainly has questions about any fully autonomous roll out:
"When it comes to decision making and policy, we still need to clarify how we’re going to mitigate all the risk from a security perspective. In my opinion, we’d need something more than just GPS to rely on for navigation, and if GPS becomes unavailable what it the process going to be? Is it going to fall back to manual control, is it going to stop working and now we can’t go anywhere?"
He continues: "However, it's more likely that the car itself would be attacked through some sort of communication network and then be instructed to do something different than expected. The car itself is actually the softer target."
But for now, the California DMV must feel like truly autonomous cars are ready for their debut.
No one would ever launch a new and exciting IoT device without security baked in. Right?
"Safety is our top concern and we are ready to begin working with manufacturers that are prepared to test fully driverless vehicles in California," says the director of the DMV.
The state will start issuing permits on April 2, 2018.
