Smarter Thinking.
© MIRA Ltd 2014
Smarter Thinking. © MIRA Ltd 2014
Dr Ireri Ibarra
Chief Engineer, Functional
Safety
Automation in road transportation and its implications on user safety and cyber-security
May 2014
'The State of the Nation'
Automotive & Transport
SIG
Smarter Thinking.
© MIRA Ltd 2014
Agenda
Road vehicle attributes
Road transportation
Lifecycle
Automation
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Road vehicle expected attributes
High reliability and safety
Reduced emissions and fuel consumption
Increased comfort
Styling/ additional extras
Connectivity and gadgets
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Trends in the automotive industry
Higher electronics content to
- Deliver highly tuned, fully customisable functionality
- Meet stakeholder demands
- Meet environmental legislation requirements
⇒ Particularly in focus for hybrid and electric vehicles
Drive towards higher automation of driving tasks …
- Improving road safety
Brand differentiation and brand DNA implications
Smarter Thinking.
© MIRA Ltd 2014
Unique automotive safety issues
Mass-market consumer product
- Everyone has a view!
- Any perceived issues can lead to widespread adverse publicity
Long product lifetimes with maintenance difficult to assure outside warranty
- Maintenance and aftermarket issues
Driver is part of control loop but receives little formal training in operating safety-
related systems
Smarter Thinking.
© MIRA Ltd 2014
Road infrastructure
Maintenance (in part)
Legacy (sector specific)
Air-gapped (no connectivity)
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Roadside technology trends
Inter-system communications e.g. NTCIP (National Transportation
Communications for Intelligent Transportation System (ITS) Protocol)
Distributed control systems
Vehicle–infrastructure communications
Increasing safety-related functionality, examples:
- UK hard shoulder running on motorways
(M42 “active traffic management”)
- US Express Lanes
(I 495, 110, US 36)
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Emergency services
Confusion
Inaccuracy of location
Inability to place a call
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Emergency services
eCall
- Pan-European
- Automated
- Accurate and prompt
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Goods transportation
Delays introduced by manual
processes
Route / track
- Theft
Misuse
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Goods transportation
More automation on
routing, tacking and even
packing
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Commonalities
Electronic systems (Suppliers)
Information systems
Hazards
Threats
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Road vehicle lifecycle
May 2014
Concept
Design
Manufacturing
Sales
Use
Service
Disposal
Smarter Thinking.
© MIRA Ltd 2014
Road vehicle lifecycle
May 2014
Concept
Design
Manufacturing
Sales
Use
Service
Disposal
Safety
Smarter Thinking.
© MIRA Ltd 2014
Road vehicle lifecycle
May 2014
Concept
Design
Manufacturing
Sales
Use
Service
Disposal
Security
Smarter Thinking.
© MIRA Ltd 2014
Present concerns
Higher degree of system authority
Varied threats with different motivation (financial, criminal, recreational)
Preparation for situations that may decrease safety levels
- ‘We demonstrate that an attacker who is able to infiltrate virtually any
Electronic Control Unit (ECU) can leverage this ability to completely
circumvent a broad array of safety-critical systems.’ 1
- Transportation is a complex sector
- Systems of systems where a given system is composed by a number of
elements which are medium to large scale systems on their own.
May 2014
1 University of Washington, Center for Automotive Embedded Systems Security
K. Koscher, A. Czeskis, F.Roesner, S. Patel, T. Kohno, S.Checkoway, D. McCoy, B.Kantor, D. Anderson, H.Shacham,
S.Savage.Experimental Security Analysis of a Modern Automobile, E Symposium on Security and Privacy, Oakland, CA, May 16–19, 2010.
Smarter Thinking.
© MIRA Ltd 2014
Levels of automation and examples
NHTSA EC SAE
Level 0 – Non
automatedDriver only
Level 0 – Non
automated
Level 1 – Function
specific automationAssisted Level 1 – Assisted
Level 2 – Combined
function automation Semi-automatedLevel 2 – Partial
automation
Level 3 – Limited
self-driving
automation
Highly automated
Level 3 –
Conditional
automation
Level 4 – Full self-
driving automation Level 4 – High
automation
Level 5 – Full
automation
May 2014
TJA
AEB
We Deliver Smarter Thinking. 18
LDW
LKA
Smarter Thinking.
© MIRA Ltd 2014
Risk management triad
Prevention
MitigationReaction
Safety
Cybersecurity
May 2014
Smarter Thinking.
© MIRA Ltd 2014
ReactionPrevention
Product development lifecycle
KO TRL3 TRL7 TRL9 Production
Validation and
testing
Concept
formulation
System design
System
deployment
System
implementation
Mitigation
Smarter Thinking.
© MIRA Ltd 2014
Conclusions
Road vehicles and infrastructure trends are including more electronic controls
which are automating some tasks and hence uncompromised availability is
essential.
As tasks become more automated, hazards due to malfunctions of electronic
systems are unacceptable and more rigour has to be part of the design lifecycle.
Some of the more automated tasks are only possible when different systems
cooperate and share information; as connectivity increases, more safeguards
against cyber security have also to be incorporated in their design.
A sound and comprehensive risk management strategy to incorporate
requirements for prevention, mitigation and reaction to both safety and cyber
security threats must be made part of any product quality management system.
May 2014
Smarter Thinking.
© MIRA Ltd 2014
Contact details
May 2014
MIRA Ltd
Watling Street,
Nuneaton, Warwickshire,
CV10 0TU, UK
T: +44 (0)24 7635 5000
F: +44 (0)24 7635 8000
www.mira.co.uk
Dr Ireri IbarraBEng, PhD
Chief engineer, Functional Safety
Direct T: +44 (0)24 7635 5415