Thinking of getting a connected Tesla? Beware the risks.
As you enter the connected world of cars, be sure you understand the dangers!
As the internet and wireless connectivity become ubiquitous, we are leveraging technology in ways that were impossible twenty years ago. Insurance companies such as Progressive, Allstate and State Farm are now offering discounts in exchange for plugging a dongle that tracks acceleration and speed into your car. Automakers such as Ford, Jeep, and Tesla are adding networked services to their cars. These developments in networked technology offer significant advantages to automakers attempting to deliver on their customer promise – convenience, analytics, and improved safety come to mind immediately. However, these new technologies are not without their risks. As technology proliferates in the auto industry, automakers seeking to leverage this technology must be deliberate about how they deal with the risks. One example of both success and failure in this arena is Tesla.
Cost
Tesla motors has leapt to a leadership position in the high end electric car business. Tesla has made electric cars sexy and implemented a number of industry leading features. The Model S features on-demand internet radio, an in dash navigation system that adjusts to real-time traffic, and WiFi and internet connectivity among other features. All Tesla cars come standard with “the hardware needed for full self-driving capability at a safety level substantially greater than that of a human driver.” [1] This is an incredibly exciting development, but also an incredibly risky one. Researchers at Keen Security Lab in China were able to take full remote control of a Tesla Model S. They demonstrated opening the trunk, manipulating the seat position, windshield wipers, and causing the car to brake. All of this was accomplished remotely from a laptop with no prior physical access to the car.[2] Fortunately, in this instance, the team that discovered the vulnerability was a responsible team of professional security researchers. They reported the bug to Tesla prior to releasing their discovery to the wild. This will not always be the case. Vulnerabilities like this sell for millions on the open market. Can you imagine how much the NSA would pay for the ability to listen to the blue tooth mic in Putin’s Mercedes?
Benefit
At the same time that the Internet of Things(IoT) creates new risks, it also generates new benefits. In the above example, Tesla fixed the issue via an over the air software update before Keen Security published their proof of concept exploit. In a similarly beneficial incident, Tesla issued a recall for a charging adapter that overheated and potentially caused fires. Rather than have Tesla owners return to the dealer, they issued an over the air update which corrected the issue. [3] These two examples demonstrate how the IoT can be a double edged sword. Providing safety and security on the one hand and putting the same at risk on the other.
Analysis
So, how should Tesla address this? First, they must recognize the issue. As John Villasenor has said “Unintended linkages are the rule, not the exception.” [4] Tesla has not seen this yet, but Jeep has. A security team was able to disable the brakes and accelerator by hacking into the entertainment system. Tesla should learn from this failure. Second, they must audit the code prior to deployment. It is difficult to audit their own code. They should either form an independent security team or hire a third party to perform penetration testing. Third, they must balance time to market with security considerations. At this point, that should be relatively easy as Tesla is leading the game. As competitors catch up, there will be more and more psychological pressure to take shortcuts in order to cut time to market. They must resist this urge. The downside of some hacker taking control of a car and driving it through some busy area far outweigh whatever incremental benefit they get from being first to market. Finally, and this one is controversial, they should open source portions of their software for non-commercial use. This is controversial because it potentially surrenders their advantage over other automakers. However, a number of large companies (i.e. Google, Apple, Microsoft, AMD) have open sourced proprietary software and benefited from the added development. This also allows some hedge against the potential downside as then the entire community is responsible instead of Tesla alone. If Tesla follows these four items, they will be well positioned to dominate the smart car market.
The IoT provides an as of yet unrealized amount of opportunity for integration, modification, convenience, and analytics. It is tempting to run full throttle towards these benefits. This is unwise and companies must remain cognizant of the security implications of their developments. If they do not, government will step in to regulate and they are not well equipped to understand the details and nuances of secure development. It is in everyone’s best interest that corporate America not allow technology to outpace security.
Word Count: 799
Citations:
[1] “Tesla Model S Features,” https://www.tesla.com/models
[2] Keen Security Lab by Tencent, “Car Hacking Research: Remote Attack Tesla Motors,” http://keenlab.tencent.com/en/2016/09/19/Keen-Security-Lab-of-Tencent-Car-Hacking-Research-Remote-Attack-to-Tesla-Cars/
[3] James C. Chen, “Part 573 Defect Information,” http://www-odi.nhtsa.dot.gov/acms/cs/jaxrs/download/doc/UCM448668/RCDNN-14V006-9349.pdf
[4] John Villasenor, “Five Lessons On The ‘Security Of Things’ From The Jeep Cherokee Hack,”
Thanks for an interesting read Alan. You reminded me of some medical device manufacturers’ carelessness regarding security and device manipulation: http://www.bloomberg.com/news/articles/2016-10-04/j-j-warns-diabetic-patients-about-hacking-risks-of-insulin-pumps. Robust auditing for vulnerabilities is definitely an important production process step that is sometimes overlooked in the interest of getting a product to market quickly.
I have some concerns around your suggestion to open source Tesla’s software, although I appreciate you suggest ‘portions’ be shared with outsiders and presumably these would be the less commercially sensitive areas so competitors wouldn’t reap too many benefits. Nonetheless, I wonder whether allowing outsiders to gain comprehensive knowledge of certain aspects of Tesla’s code may allow for easier penetration of other, more important areas through the unintended linkages that you point out. In the highly competitive race to viable driverless cars, can Tesla afford to take the risk?
Thanks Alan, great post. Do you think it is actually possible to be 100% safe from security breaches in a connected world? If the stakes are high enough, you can be sure that the greatest minds are going to try to hack your system, and eventually they’ll succeed. Take iOS for example: despite Apple’s best efforts to prevent jailbreaks (i.e. root access), jailbreaks have systematically been released for each version of iOS. Private jailbreaks (not share with the public) are often achieved less than 24 hours after each iOS upgrade (and they are sold to governments and private companies right after). It won’t be long until zero-day connected car exploits will be sold on zerodium.com or on the darknet. Scary!
Great article – Thanks Alan! I think that your four-point plan forward for Tesla makes a lot of sense. I have similar concerns to Michael about open-sourcing portions of Tesla’s software leading to potentially easier penetration by safety threats. However, I think if Tesla is going to truly distinguish itself as the leader of the smart car market, it will need to be able to embrace and manage the benefits from open-sourcing its software as leaders in the tech space that you mentioned have done. It would be interesting to see how Tesla is building its organizational competencies as it moves from electric car design to electric smart-car design.
I think another topic that is relevant here is the increased privacy concerns for consumers that comes hand in hand with smart car technology. As we move towards a reliance on smart technology for our everyday activities, more and more data is being created and stored. The technology that powers Tesla’s smart cars would no doubt be able to track where its passengers are at a particular time, and you brought up another audio/microphone concern in your article. This is an issue that consumers will face with increased digitization in any and all industries, and it is something that we should be careful of moving forward.
very interesting Alan! And your posts rises some really interesting questions, much of what we were discussing in the Cynthia Carroll case in Lead. You really have to try to balance the revenue driven decisions with the vulnerabilities of not taken the proper time to test your products. I agree with you the risks of having someone hack into your car are tremendous but a few examples came to my mind in which it would actually be helpful, for example if the driver is having an emergency? I agree with you that they need to be cautions about how they handle their product launch vs testing products but I don’t think there is a way – as mentioned earlier – to be completely certain that your security cannot be breached. Would you say there are other ways in which Tesla could add value to their customers and still use these networked services?