How Data-Over-Sound Could Improve Connected Car Security

The connected car continues to gain traction among consumers and manufacturers. The market for the innovative automotive technology is rapidly expanding at a compound annual growth rate of more than 35 percent, according to data from Research and Markets. By 2022, registered annual shipments of connected-cars are expected to surpass 37 million. These projections indicate widespread interest and investment in connected-car technology. However, multiple roadblocks stand in the way of sustained progress.

Security is perhaps the most serious challenge facing connected-car manufacturers. When fully realized, the average connected vehicle will push roughly 25 gigabytes of information to the cloud per hour, Quartz reported. This load exceeds the storage capacity of most modern smartphones. Automakers must protect this data, along with essential software systems responsible for managing various vehicle components. This latter variable carries special importance for automotive companies interested in producing self-driving vehicles, whose automated operational features are essential to passenger and pedestrian safety. With these issues in mind, innovators in the space are searching for workable solutions capable of bolstering connected-car security. Some may soon turn toward one developing technology powerful enough to ameliorate connected vehicle security vulnerabilities: data-over-audio. LISNR is the current data-over-audio leader for the connected car.

This methodology, which involves transmitting data packets via inaudible sonic tones, has the potential to transform connected-car security and propel this next-generation transportation technology into the mainstream.

Protecting automotive infrastructure
Virtually all of the vehicles out on the road today feature sophisticated onboard computers that control everything from dashboard entertainment modules to braking systems. In recent years, automotive engineers have learned just how vulnerable these increasingly complex mobile ecosystems are in the golden age of the hacker. Earlier this year, the security firm Trend Micro presented evidence of a major vulnerability found in most modern vehicles during a data security event in Germany, Wired reported. Researchers for the organization discovered a way to patch into the CAN bus protocol that computerized car components use to communicate and interrupt operations. This presentation built on a now infamous experiment conducted in 2015 in which two security experts were able to wirelessly control a moving vehicle.

Automotive manufacturers exploring connected and self-driving car technology must grapple with similar issues. However, the stakes are heightened considerably due to the advanced technology involved.

“Autonomous vehicles are at the apex of all the terrible things that can go wrong,” Charlie Miller, a former National Security Agency contractor and one of the security researchers responsible for developing Uber’s burgeoning self-driving vehicle fleet, told Wired. “Cars are already insecure, and you’re adding a bunch of sensors and computers that are controlling them…If a bad guy gets control of that, it’s going to be even worse.”

Miller believes improved internal communication protocols are required, which is where LISNR®’s data-over-audio technology could come into play. Car components equipped with this sonic capability would be impervious to traditional hacking techniques, such as the one Trend Micro debuted earlier in the year. With no connection to the internet, essential operational features could function securely in a closed single-care ecosystem, facilitating an innovative driving experience without all of the risk.

Policing vehicle data flow
One of the biggest advantages of LISNR® and its connected vehicle technology is its ability to receive and transmit information on the go within the car. This capability benefits both end users and car companies. Owners can take advantage of convenient internet-enabled features such as in-car contact-less payments while manufacturers can collect diagnostic data that can be used for repairs or long-term research and development efforts. That said, this kind of extensive connectivity creates risk, ZDNet reported.

“For connected cars, an attacker able to penetrate either the car or manufacturer end of the system will be able to go after personally identifiable information for identity theft, or directly go after financial information on subscription car services,” John Pescatore, director of emerging security trends at the SANS Institute, told the publication.

Car manufacturers also face serious consequences, as vehicle performance data is quickly becoming an in-demand commodity, CNN reported. Cybercriminals that manage to hijack these insights could auction them off to the highest bidder, compromise proprietary vehicle development efforts and damage their victims’ bottom lines. Again, LISNR®’s data-over-sound technology has the potential to resolve both of these issues, as consumer-grade in-car systems with this innovation in place would be more difficult to invade. Additionally, engineering personnel could use audio-over-sound equipment to buttress more secure on-site and remote authentication protocols, reducing the risk of invasion from external actors on the hunt for sellable assets.

The future of connected car security
While connected and automated car technology holds transformative potential, firms in the field must address these and other security roadblocks before taking their products mainstream. Here at LISNR, we are developing the data-over-sound innovations capable of displacing these safety concerns.