Stuart Young believes that cyber-security must jostle for pole in the race for a successful driverless future and that collaboration is key
Cyber-security has been in the spotlight in recent months as businesses of all shapes and sizes look to preventative measures to protect their, as well as their customers’, interests. While this urgency is infiltrating multiple sectors, including energy and healthcare, concerns around the cyber-security of driverless vehicles are coming to the fore.
Indeed, government has recognised this need and recently published its key principles of cyber-security for connected and automated vehicles. These principles are very welcome as are the US Department of Transport’s more detailed guidelines issued in September 2016. However, these guidelines will not in themselves create the momentum required for the commercial players and government alike to collaborate on this vital issue in parallel with the more 'sellable' elements of promoting a driverless future. Indeed, as a law firm, we are calling for more regulation and collaboration on this issue within the connected and autonomous vehicle (CAV) market. Cyber-security is complicated but, unless the buying public perceives connected and autonomous vehicles to be safe, there will not be a market for them. We would go as far as to say that the CAVs are going to have to prove themselves to be safer than human-driven vehicles in order to be accepted as part of our daily lives.
This is an issue my firm feels so strongly about that it has formalised its thinking into a recently launched white paper, CAVs: a hacker's delight?, which discusses how the motor industry and law makers need to work together to react to the increased importance of all-things-cyber at greater length than this short opinion piece will allow.
We argue that there is not enough collaboration among the manufacturers themselves. The desire to be first-to-market and create unique selling points means discussions on best practice and setting standards are not sufficiently advanced. Despite all the attractive operational factors surrounding driverless vehicles, ignoring or underestimating the cyber threat is dangerous and could threaten the viability of this type of transport and its ability to expand.
Manufacturers cannot continue to work within their own silos. Instead, they should act more collaboratively, share information and adopt best practice procedures, for the good of the entire customer base and the protection of the industry's future. We have seen, at first hand, the manufacturers within the UK Autodrive consortium (of which we are members) collaborating in this way and it is to their credit that they have been exploring the interoperability of their connected vehicle fleets in a bid to improve safety. Recent demonstrations with emergency brake warning and intersection collision warning show what can be achieved. More information including videos of those demonstrations are available here.
We do know that inappropriate and excessive regulation can have a deadening effect on any developing technology. However, in a commercially attractive but competitive market it is often regulation (whether self-imposed or government-led) that provides the way in which commercial and other societal interests are balanced.
Responsible industry players usually welcome good regulation, knowing that it provides a commercially level playing field and reduces the worry that there could be a ‘race to the bottom’ where safety and security is sacrificed in the short-term interests of market share and profit. The automotive industry has a strong track record of improving safety in a collaborative way as can be seen in the reduction of serious injuries and fatalities in the last 25 years. That same spirit now needs to be applied to the development of CAV technology, especially in setting communications standards.
Stuart Young is a partner at Gowling WLG and head of its auto sector team