MobilityTalks speakers discuss cybersecurity threat

MobilityTalks speakers discuss cybersecurity threat

At the panel on Capitol Hill last week that kicked off Public Policy Days at the 2016 Washington Auto Show, speakers from the auto industry and regulatory sector spoke of the brave new world created by connected and autonomous cars.

–The automobile is going to change more in the next five years than it has in the past 50,” said, Jeffrey Massimilla chief product cybersecurity officer at General Motors.

Sen. Gary Peters (D-Mich.), who gave opening remarks to the symposium panel, had this to say: –we could see 80 percent of [auto] accidents eliminated in the next few years.” The panelists spent the next 90 minutes in the Gold Room of the Rayburn House Office Bldg. discussing questions raised by connected and autonomous cars. Chief among them: cybersecurity and driver privacy.

The Alliance of Automobile Manufacturers and Global Automakers released best practice principles for cybersecurity last year, and the Cyber Information Sharing Act was passed, all of which drew praise from Massimilla.

–We take cybersecurity very seriously,” he said. GM is collaborating with defense and consumer electronics companies to work on the problem.

Speaking from a dealer view, Ken Athanasiou, chief information security officer of AutoNation, raised the specter of social engineering if a manufacturer sends a repair app to consumers to update flawed software, as has happened.

FTC Commissioner Maureen Ohlhausen spoke of the role of regulation.

–The auto industry needs to take into account the security of their systems,” she said. The Federal Trade Commission needs to regulate in a way that allows new products to come into the market while heeding security and privacy issues it regulates. She noted that the Commission can use its enforcement powers if automakers donêt meet their own voluntary guidelines.

Cyberhacking remains a threat that Athanasiou said Auto Nation is handling as a matter of risk management trying to make hacking less likely rather than prevention. Asked by panel moderator and Thomson Reuters transportation editor Joe White whether consumers are paranoid about cybersecurity, Athanasiou said they are not paranoid enough. –It might take the hacking of an autonomous vehicle to get consumersê attention,” he said.

Another question: Who owns the data from connected and autonomous vehicles? Automakers may need to get consumersê consent to collect information, such as specific location, said Ohlhausen of the FTC. It would be acceptable if the information was anonymous and used for research only. But if the anonymous data were compared with another set of data, it could be used to track the consumer, said Athanasiou. Unresolved questions such as these are the reason that uniform standards are needed, he concluded.

Appropriate infrastructure will be important to the success of connected and autonomous vehicles, said Sen. Peters. Last yearês highway bill allows federal funds to be used to upgrade infrastructure to accommodate those cars.

How will these new types of vehicles affect dealers? Service technicians will need more training, said Athanasiou of AutoNation. Every dealership service center will need to invest in new diagnostic equipment, he said. Those two factors alone will drive up the costs of service.

Dealerships may need to get involved in software upgrades for the cars.

–What if someone brings in a car for an oil change and the service department says they need a software patch update?” said Athanasiou. Skipping the update could present a safety hazard. –But the service department canêt say, •We wonêt return your car unless you get a patch.ê”

Download Bulletin PDF