UK trials driverless cars amid security concerns

The UK government is spending £19 million on trialling driverless cars across four major cities, but the news has been met with some caution by experts warning of liability and security issues.

Security concerns voiced as UK trials driverless cars
Security concerns voiced as UK trials driverless cars

The UK's Department for Transport (DfT) confirmed on Wednesday that driverless cars will be trialled from next summer across four cities, after finding that there were no legal barriers to the technology being tested on British roads.

As a result, self-driving “Lutz pods” are to be tested in Milton Keynes and Coventry while there will a fully autonomous shuttle in Greenwich and a BAE Systems-developed “Wildcat” vehicle, which will be tested in Bristol.

Some of these will be manned by test drivers who will have the capability to switch to manual operation should the need arise.

A full review of the current legislation will be undertaken by the government in the summer of 2017, but the proposal will likely result in the need to rewrite the Highway Code and adjust MOT test guidelines. Questions are also being asked if a higher standard of driving should be demanded of autonomous cars.

"Driverless vehicle technology has the potential to be a real game-change on the UK's roads, altering the face of motoring in the most fundamental of ways and delivering major benefits for road safety, social inclusion, emissions and congestion," said transport minister Claire Perry yesterday.

However, some have expressed reservations; the RAC has voiced concerns over policy and liability (specifically relating to whose responsibility it would be in the event of a crash), while IMI chief Steve Nash has misgivings over training on the new technology

Others have said that safety – including information security – would be paramount; with the latter a particularly hot topic in light of the recent hacks against connected cars.

Google and Uber are both testing driverless cars and Will Rockall, director at KPMG's cyber-security practice, said that security must be considered from the outset.

"The race to deliver driverless cars is now on, with both Google and Uber investing heavily into research and development, amongst others,” he told SC via email. “In the rush to get ahead of competitors, designers need to ensure that new technologies are robust. We have already seen the public and governments express concerns around collecting data on people's travel. As increased automation is introduced the threat of hacking and cyber-attacks will become more real as the control of vehicles and routing is removed from human beings.

“If we get the security and privacy concerns around this right, autonomous cars could revolutionise society and provide real benefit. It is important that manufacturers, regulators and the broader industry feel free to innovate, but they can only do that if concentrated effort is put in now to understand the risks and design in security to the heart of these services."

Interestingly, Vincente Diaz, principal security researcher at Kaspersky Lab, added in an email to SC that he believes that cars cannot rely on the same security practices as in business.

“The current mechanisms for real-time tracking, detection, analysis and resolution of cyber-threats for computers and mobile devices will not be enough on their own - it could take just seconds to disable or destroy a connected vehicle, with disastrous consequences. Rather than waiting for the first attack to take place, we have to find and stop these vulnerabilities now before the technology is integrated extensively into our cars.”

This view is echoed by James Knotwell, senior technical consultant, Information Risk Management (IRM) Plc who calls on manufacturers to embed cyber-security now, while the vehicles are at their earliest stages of development.