General Motors subsidiary Cruise is preparing to launch its Cruise Origin driverless taxi in a couple of short years. There are many questions and concerns would-be users of the Cruise Origin may have for the company about the driverless car, but some of the most important are with regards to cybersecurity.
Without a steering wheel or pedals to take over and with plenty of unsuspecting riders hopping in and out its driverless cars each day, Cruise may seem like a ripe victim for hackers. Not only might the vehicles be subject to nefarious computer experts, but user data would also be a concern, as riders will likely have their credit card number and other personal information attached to their Cruise account.
To ensure its riders and their information are safe, Cruise has Principal AV Security Architect Chris Miller and Senior Security Manager Chris Valasek. Miller and Valasek recently sat down with former Mythbusters host and technology fanatic Kari Byron to discuss the company’s security measures and how it plans to protect its future users from hackers.
Miller and Valasek once hacked into a Jeep as a demonstration to show Byron how easily some modern-day vehicles could be taken over, but they say Cruise vehicles are not vulnerable to such attacks.
“When we hacked the Jeep we were able to talk to something that talks to the outside world and then use that to directly talk to things that control the brakes and steering,” Valasek said. “Where the cars we are designing with Cruise, we kind of separate those things. Just so people know, a car isn’t a single computer. It’s tens of computers and they usually all do different things.”
Because Cruise’s vehicles use so many different computers, they are able to separate the computers that handle things like music streaming or navigation from those that actually control the car, protecting them from would-be attackers.
“It actually gives us an advantage (having so many computers onboard), it allows us to separate out the computers that talk to the outside world from those that control the car,” Miller added.
Hear what else Cruise’s cybersecurity experts have to say on the matter in the video interview embedded below.
Subscribe to GM Authority for more Cruise news ongoing GM news coverage.
Comments
“If there is a will (and a method), there is a way”. Since all computers operate on instructions, which is encoded as programming, and an expert can discover the processors used in a system, then it can be programmed or “hacked” to do something else. As an extreme example, I worked with IBM mainframes (from the System 360/30 to the z10) at my job for 37 years. It was known that IBM mainframes are “hack proof” and therefore trustworthy. But in 1989 I helped an BM system engineer install a monitoring program that took up a small segment of memory on a 4381 processor and was totally isolated from the Operating System, so only the IBM SE and myself knew that it was installed and running. It ran in the background, recording on a tape drive, yet there was no trace of it running on the O/S , even stumping the operators who saw the tape drive moving when there were no jobs running. I knew the exact command to stop it , and I did after one month, when IBM came to pick up that tape for analysis. So if IBM can run an undetectable program on a mainframe, a program can be inserted and run undetected on ANY computer. I confirm that if the code is know and the processor is accessible, then it can be “hacked”.
Of course Cruise will say their drone cannot be hacked. What would you expect them to say?