DAVID FURLONGER: The threat of cyberhijacking

Imagine this. You get into your self-driving car, program in your destination, sit back, relax and read your newspaper while your car takes you where want to go. But wait! As you turn a page, you look out of the window and notice you’re travelling at twice the speed limit and heading in completely the wrong direction.

What’s happening? You’re being cyberhijacked. Data analysis company GlobalData says there are potentially 180,000 bugs in the hi-tech codes operating fully autonomous vehicles. Thematic research analyst Emilio Campa says this could offer hackers up to 15,000 “security vulnerabilities” to play with.

He says: “Autonomous vehicle manufacturers may be making sure the physical doors lock, but, as it stands, the digital doors are wide open. Over the past decade, hackers have accessed the vehicles of numerous major brands: remotely unlocking doors, collecting sensitive data, and even taking control of vehicles. Autonomous vehicles won’t be safe enough until these gaps are plugged.”

Cybersecurity is the latest challenge to what motor companies misguidedly thought would be a straightforward route towards self-driving vehicles. Twelve years ago I attended a US automotive conference at which executives confidently forecast that such vehicles would be commonplace within five years. When that didn’t happen, some major vehicle manufacturers said they would definitely make it happen by 2020. “This time we really mean it,” they said.

They probably did but their timetable is still a long way out — even if former Volkswagen (VW) and Apple executive Johann Jungwirth, now vice-president of autonomous driving developer Mobileye, told a conference late last year that by 2025, “a person can decide whether to purchase a car with or without a steering wheel”.

Companies are pressing ahead with development. Ford, VW, Toyota, General Motors, several Chinese companies — indeed, almost every motor company of significance — are investing heavily. So far, though, most of the visible progress, in terms of vehicles operating commercially on public roads, is specialised delivery vans and “robotaxis” conveying passengers over fixed routes.

For those unfamiliar with the concept, there are five stages of vehicle autonomy, ranging from limited driver-assistance through to complete self-drive. Unless it dates from the last century, odds are that your car is partly autonomous, with ABS and other systems that can aid you in an emergency.

And that’s the point. Scientists and engineers say that by taking some of the decision-making away from unpredictable humans, autonomous vehicles will reduce the number of crashes. Take that decision-making away completely and some dreamers say it could eliminate them altogether — that, left to themselves, onboard computers and sensors will guide vehicles safely past each other without a glitch.

That might work in countries where people obey traffic rules, but good luck applying it to SA’s lawless roads. We may be an extreme case, but around the world, adapting autonomous technology to operate under real conditions, rather than simulated ones, has proved difficult.

There have been countless reports of self-driving vehicles crashing on public roads when sensors and cameras could not accurately identify what was around them. These have been accompanied by a number of deaths, both of vehicle occupants and unsuspecting outsiders.

Even Tesla, among the leaders in autonomous technology, is experiencing stop-start progress. In June 2022 it reintroduced a driver-assistance package it dropped in 2019 when it preferred to go with a system called “full self-driving”, even though it isn’t. According to US publication Automotive News, customers wanted the old system, which offers less advanced but more practical technology for day-to-day use.

Tesla is among several motor companies whose autonomous driving systems are being investigated in the US by the federal National Highway Traffic Safety Administration.

Cybersecurity is the latest unwelcome distraction. GlobalData says companies are paying it more heed, but it lags well behind environmental, social and governance issues in their list of priorities.

Campa says: “While these are also pressing matters, the importance of comprehensive cybersecurity in automotive cannot be overstated. Public safety aside, cyberbreaches and cyberattacks directly affect the value and integrity of car brands. New vulnerabilities are also constantly coming to light, and they can be difficult to fix.”

With national and regional regulators around the world starting to introduce legislation to meet the challenge, Campa says the motor industry must tackle it head-on.

He says: “There is a real requirement for manufacturers to get up to speed on cybersecurity, and to do so quickly. The auto industry will face more cyberattacks as it introduces more connected, digital and electronic systems to new vehicles and as companies themselves become more digital. With cyberattacks causing severe reputational damage and being expensive to remediate, automotive cybersecurity cannot be ignored.”