As concerns over security risks for connected vehicles continue to build, automotive cybersecurity company SafeRide Technologies believes unsupervised machine learning will help keep threat actors out of the driver’s seats.
Earlier this month, SafeRide launched its vXRay technology for connected vehicles’ security operations center (SOC), which uses unsupervised machine learning technology to provide behavioral profiling and anomaly detection to improve connected vehicle security.
Gil Reiter, vice president of product management and marketing at SafeRide, based in Tel Aviv, Israel, said vXRay is available for OEMs and fleet managers to integrate in their vehicles’ SOC.
“The vXRay technology establishes the normal behavior of the vehicle without any dependencies or without any knowledge of the specific electronic control unit properties,” Reiter said. “Once the behavioral baseline of the vehicle is established, the technology can accurately detect and then flag any abnormal behavior of the vehicle system and report the abnormal behavior to the connected vehicle’s SOC for further analysis.”
The machine learning and deep learning technology uses an advanced unsupervised machine learning paradigm in a fully autonomous process to establish the normal behavior of the vehicle by looking at the vehicle’s internal network and the communication between the different components in the vehicle, Reiter explained.
“Unsupervised learning doesn’t require training data for the AI system to be labelled beforehand,” said Saniye Alaybeyi, a Gartner analyst and research director. “Unsupervised learning, in this case, is able to create clusters of vehicle behavior without depending on human-set labels — for example, ECU [electronic control unit] properties.”
Running a supervised learning algorithm of vehicle behavior would require the collection of all the specifications of all the different elements of the vehicle and then feeding all of that information to the AI for it to be a functional, Reiter said. It can be a very long and tedious process, because vehicles have different components from different vendors, Reiter said.
In an unsupervised paradigm, Reiter said, the raw data from the vehicle can be fed into the AI, and it learns the behavior of the vehicle automatically, without any dependency on who the supplier of the vehicle components is and what the protocols and specifications of the internal systems are.
“In general, the benefit is the ability to detect an unknown vulnerability in the design of the vehicle and, through that, detect a cyberattack or malfunctions,” he said. “From the unsupervised nature, the other benefit is that you can do all that fairly easily, with very little investment from the customer.”
Gil Reiter
The main challenge, Reiter said, is the technology requires fairly high processing power.
“In most vehicles, as of today, there isn’t enough computational power to be able to run this AI in the vehicle,” he said. “Therefore, the only practical way for most vehicles to run these technologies is to run it on the cloud.”
However, many newer connected vehicles and autonomous vehicles, specifically, have a more powerful AI processing engine, such as the Nvidia Drive platform. Such platforms are capable of running the vXRay technology in-vehicle, he said.
Improving connected vehicle security
The real issue is how can you prevent the attack and repair after there is an attack, not so much make the detection. Michael Ramseyresearch director at Gartner
Gartner estimated more than 250 million connected vehicles will be on the road by 2020. While connected vehicle security is a concern right now, there is a broad disagreement about how to improve it, said Michael Ramsey, research director in Gartner’s CIO research group.
“You may be able to detect that there is something that has happened to an ECU, but the detection tends to lag somewhat from the attack. And the real issue is how can you prevent the attack and repair after there is an attack, not so much make the detection,” Ramsey said.
But this is an expensive problem to fix, especially when there is no current evidence of an issue, he said. No connected vehicle hacks have been observed in the wild, but several security researchers have demonstrated hacks and exposed potential weaknesses in the vehicles, he said.
“The main problem that exists right now in the auto industry is that the car companies cannot calculate a return on investment, and so they are not moving forward well with strong cybersecurity,” he said. “But what’s going to happen is there’s going to be some very expensive problem that will eventually come up and then, all of a sudden, that return on investment would be calculable.”
Michael Ramsey
Ramsey suggested three measures that can be undertaken to prevent the hacking of connected vehicles.
Given that there are huge volumes of code in connected vehicles, one strategy for prevention is to read the codes before deployment to ensure that there are no flaws and vulnerabilities, he said.
This is where machine learning and AI can come in handy for connected vehicle security, he said.
“Machine learning and AI can not only detect what the normal state of things are and then try to find anomalies, they can also use reference code and understand where there might be vulnerabilities in existing fleets and then be able to recommend fixes and changes to the code,” he said.
There are also pieces of security, Ramsey said, that can be put on individual computers that effectively require code keys for any changes to be made.
“They are like licensed pieces of software that sit inside of every single computer that you want to protect in a car to make it virtually impossible to hack unless you have a specific code key that generally only the manufacturer has access to,” he said.
Finally, the third strategy is monitoring traffic on the network that might be going down into vehicles and looking for anomalies to protect both the enterprise and the communications between the enterprise and the cars, he said.
Michael Ramsey
