Professor Pete Lockhart leads the development of automotive autonomy for the private sector and has over 33 years of experience in information systems, communication, and security research. His career has covered a broad range of sensing, communication and internet research and, to date, he has filed numerous patent applications. He has also developed complex high integrity industrial control systems with robust and verifiable systems architectures. He explains to me that the emergence of online vehicle systems and mobility services will significantly affect the market, the legislation surrounding it and the overall business model that organisations in the industry have been used to following. “The automotive market is changing from the vehicle being purchased and owned by the user to becoming more of a mobility service which will shift the ownership and business models into the technology space. This will be backed up by legislation and standardisation, which will push us into a world where we need to know how to design things to the appropriate level of performance.” Fundamentally, this change will be welcomed by everyone in the transportation and automotive sectors, however there will need to be a lot of communication in order to create a standard that will guarantee the safety of consumers.
The vehicle has become an extension of the internet, which means that it is also subject to the strategies and constraints that any other part of the internet is involved in, whether that is to ensure bandwidth to maintain the content or the security of the system that goes with it. However, as Lockhart tells me, what makes automotive systems different is the relationship between the connectivity and functional safety, which is where Roke comes in. “Although we have an automotive and road transport heritage, the real story about Roke is that we specialised in the national security and defence world,” he says. “Over the years, we have been handling technology back and forward, ensuring that our government customers' systems are secured. From this, we have been encouraged to bring our expertise into the automotive market.” From a safety perspective, this is the same level of precaution and efficiency that we need within the automotive world.
Information technology within a vehicle can be broken down into two pieces: the technology itself and the operational technology which controls the systems that work together to provide the complete system. Lockhart’s approach has always been to introduce complex systems that have defined properties, which he thinks is lacking in the automotive industry. “One of my issues with the car market is that there is no one who is defining the properties for a connected vehicle and, more importantly, what the market expects for the future of connected and autonomous vehicle systems.” These vehicles are becoming part of a complex system and it is important that a roadmap is set out for the companies involved in this revolution. Through these innovations, it is also vital for companies to understand what their customers want from it, whilst making it safe, secure, accessible, sustainable and affordable. However, Lockhart also believes that it is just as important to identify a system operator and to define the properties and solutions that are needed.
When it comes to the safety of the technology, the industry needs to be realistic when assessing the risks, making sure not to over-exaggerate them as this could halt progression and the rollout of the systems. Lockhart says that cyber security is all about risk management and assessment: “There are a number of potential threats to the vehicle but we need to understand what the motivates are the attackers and what end they are trying to achieve. Once we understand what the threats are, we can go through the process of identifying the security that we need to put in place the correct to ensure safety and security,” he explains. Rather than build the security around the connected vehicle, it is important to introduce security controls early on in the design process to improve protection, which is being encouraged by governments and global associations.
In addition to this, over-the-air updates (OTA) have become a great solution to software problems and cyber threats, with a range of systems that can update security and safety. However, Lockhart tells me that the automotive world may not need to go down this route as we do not know whether the market needs this specific control as yet. “At the moment, it comes down to the security architecture and design and whether OTA are seen as an appropriate mitigation. Some organisations as suggesting that the functional safety systems could have a regular 'cyber MOT' so that the vehicle can be monitored and updated tested for any issues,” he explains. “If the vehicle is safe and secure at this point and is assured then it is a known state, but we still need to understand what the threat environment is to see what it is necessary.” Although OTA updates have been proven in other industries, he is unsure that there is a requirement for this kind of technology. “We are looking at the approach towards system resilience to see whether OTA updates are the appropriate thing to do. I think it depends on the threat and what the risk mitigation strategy is; if they are required, then we will bring this to the market.”
The industry is on a huge learning curve, researching and developing systems of the future, which can create unknown challenges down the line. It is vital from an automotive and technology perspective that these problems will not happen on public roads, which again can be a huge issue for specialists who are under immense pressure to produce a fail-free solution. Unfortunately for these developers, a 1% fail rate is too much in the eyes of society, which can stall development and leave the industry in limbo. Lockhart tells me that he is yet to see someone step forward and take responsibility for a problem, which worries him. “Looking around the market, I see OEMs and the big technology giants looking to define the market, startups ready to disrupt and infrastructure providers trying to supply the required support,” he says. Just like we have seen with the development of the mobile network, Lockhart predicts that alliances and governments will have to operate together through strong standardisation in order to create the connected autonomous transport and its supporting infrastructure as an integrated system. However, it is evident that there are additional difficulties that exist outside of the automotive and transport technology space; organisations need to collaborate to help define this standards and regulation, otherwise there will be a confusion of litigation issues in the event of an incident. “This is where the engineer walks out of the room and a lawyer walks in. We need to define how we are going to mitigate this from different angles such as insurance and supply change issues as this is where the industry and governments needs to define the legal framework. We can achieve the highest level of compliance, but it is all about what the market requires, as you may end up chasing the small percentages to the point where it becomes the developments become impractical, we need to design the overall systems including regulation, legislation to achieve a level of system performance that is acceptable to all stakeholders.
Once this has been achieved, the industry can push for an automated future, creating a new innovative environment that everyone can enjoy safely. I ask Lockhart what his predictions are for the future of the connected car, as it is still difficult for many to pinpoint when the change will happen and what effect it will have on the world. “I still think it is early days and it is so exciting to see what the impact of mobility as a service and future connected vehicles will have on the environment. I personally see that there is still a requirement for some leadership and as soon as someone with a clear vision steps up to this, it is going to accelerate so quickly - it is going to be great!”