High bar to be set for driverless cars with cybersecurity included in MOT tests

News by Andrew McCorkell

Autonomous cars face new cybersecurity checks to provide oversight, stability and transparency when it comes to creating processes and protocols during product development.

MOT tests may soon include a clause for driverless cars to make sure cybersecurity safety and quality standards are maintained, according to reports.

The new safety standard known as CAV PASS, will help minimise defects ahead of testing and any wider deployment of autonomous cars on the road in the UK.

The new measures will focus on allowing trials for self-driving vehicles, but also make sure the cars are secure when sold to the public.

Boris Cipot, senior security engineer at Synopsys, said “The introduction of a standard such as this can help in providing the needed oversight, stability as well as transparency when it comes to creating processes and protocols during product development.

"It also allows for the identification of any missteps, and to adapt, evolve and mature the technology to its best and, in this case, safest version. This is an important step when talking about a technology that can, on one hand, be highly advantageous, but also life-threatening."

Javvad Malik, security awareness advocate at KnowBe4, said that new cars are essentially computers on wheels, so it makes sense to put in place security and safety checks of the underlying technology.

Malik said: “This is arguably just as important as checking the physical roadworthiness of a vehicle. While these proposed checks will be limited in what they can offer, at least they can ensure that the latest patches are installed and there aren't any underlying issues.

“However, it does beg the question as to how long manufacturers will be obliged to support the software in cars and what happens to older cars which cannot be updated anymore."

MOT changes may see cars tested for cybersecurity to make sure vehicles cannot be hacked.

It is hoped the new CAV PASS safety standard, will help minimise problems before testing and deployment of self-driving cars on UK roads.

Jake Moore, cybersecurity specialist at ESET said that as possibly the second most expensive item people own after a home, it is absolutely vital that car security is up to scratch.

He added: “However, car manufacturers have a history of cutting corners, and cars remain vulnerable to theft. Once driverless cars have become standard, they will come with additional potential dangers, such as remote take over if hacked. 

“Keyless entry has been a problem for many years, and many cars are still stolen when keys are cloned remotely. But when you add cyber-attacks to the list of potential vulnerabilities, it’s clear that car manufacturers do not always keep security in mind during the design phase. Any new standards introduced will be extremely helpful.  

“However, MOT mechanics can’t be expected to be information security specialists on every car. Although new standards may be brought in, the constant review of threats may be extremely difficult to manage.” 

The change was first announced back in September 2019 by former Transport Minister George Freeman.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews