Computer hacking and cybercrime are already global epidemics, with 184 million ransomware attacks reported last year alone, and the problem is expected to worsen: $6 trillion in economic losses are predicted by 2021 and an estimated 33 billion personal records could be stolen by 2023. And now the threat is veering into a new lane of cyber vulnerability — cars and other vehicles with “smart” features.
At the U.S. Department of Energy’s (DOE) Argonne National Laboratory, a multi-disciplinary team is working to mitigate this next generation of cyber threats by using physical and simulated testbeds to gauge the risk of cyberattacks on vehicles — via a unique blend of expertise in machine learning, cybersecurity and vehicle systems.
“What we are looking at are the new and emerging threats in the mobility space,” said Eric Rask, a principal research engineer in the Energy Systems division and a member of the project team. “There is a significant amount of theoretical risk as well as worry from stakeholders. The question is, which are real potential risks, and which represent general nervousness?”
“I expect, in the next five years, there will be some kind of malware in your vehicle similar to ransomware and you will have to pay money to get rid of it before you can start your car.” — Nate Evans, cybersecurity program lead at Argonne
And while to date there has not been a documented case of a cyberattack on a vehicle occurring outside of a controlled experimental setting, Nate Evans, a cybersecurity program lead in Argonne’s Strategic Security Sciences (SSS) division, said it’s only a matter of time, unfortunately.
“I expect, in the next five years, there will be some kind of malware in your vehicle similar to ransomware and you will have to pay money to get rid of it before you can start your car.”
Dangerous curves ahead
According to Roland Varriale, a cybersecurity analyst who oversees the project team, all modern cars are at risk of being hacked, but the likelihood that a member of the general public would be targeted is still extremely low. Each make, model and year has different network characteristics, making it difficult and time consuming for a would-be attacker to compromise a large number of vehicles.
Still, Varriale sees an advanced mobility landscape that is becoming increasingly connected, with more and more functionality in “smart” vehicles and more points of external access, such as shared charging stations and remote software updates. All of which combine to create more opportunities for bad actors.
“For example, an attack against an autonomous vehicle might be malicious modification to a stop sign, causing the vehicle to misinterpret or miss the sign,” Varriale explained.
Varriale said that automakers are becoming more vigilant about protecting their systems, with more sophisticated architecture, newer protocols, encryption, multi-layer credentialing and implementation of secure gateways. For their part, he said consumers could help protect themselves by erasing stored data from rental vehicles or when disposing a car, and by seeking out manufacturers who prioritize cybersecurity in the upfront design.
But hackers are getting smarter as well, and Evans, who is also member of the project team, said the potential impacts extend beyond the vehicle itself. “People could be tracked, high value assets could be targeted, and there could be a loss of privacy and data. And those threats will only increase as hackers figure out how to monetize attacks.”
On the test track
In researching how to make vehicles safer and more secure, Varriale’s team is taking a multi-pronged approach that encompasses three main areas of focus: machine learning and artificial intelligence, a physical testbed, and a cybersecurity simulation testbed.
The centerpiece of the effort is Argonne’s Advanced Mobility Technology Lab (AMTL), which has an unprecedented amount of vehicle data from a wide range of vehicle research.
Working with actual cars, including newer automated vehicles, Rask oversees a team of engineers using state-of-the-art instrumentation to gather important information on performance, fuel economy, energy consumption and emissions output.
Vehicles are frequently “tampered with” in this physical testbed under laboratory-controlled conditions to see how they would respond to various intrusions, and the data is subject to further experimentation in the simulation testbed using machine learning and other artificial intelligence techniques.
Prasanna Balaprakash, a fourth member of the project team, is a computer scientist in the Mathematics and Computer Science division and the Argonne Leadership Computing Facility (a DOE Office of Science User Facility), who specializes in machine learning. He uses the AMTL data to look at potential attack scenarios and how they can be predicted.
“Machine learning allows you to take an enormous amount of data and monitor multiple signals from the car to see what looks normal and abnormal, based on various scenarios,” he explained. Varriale said the researchers are also identifying vehicle actions and which signals compose them. “This allows us to work toward more advanced concepts, such as sensor fusion, that can alleviate replay, tampering and spoofing attacks.”
Added Balaprakash: “With our supercomputers, we can analyze this data on a scale not possible anywhere else and identify patterns within the car for threat detection. It’s an interesting and challenging problem for artificial intelligence to address.”
The road less traveled
The project team advises governmental bodies around current and future risks to vehicles and mobility systems. Team members also participate in information sharing forums with the automotive industry. While Varriale said it’s important to maintain this direct contact, he also wants to keep the work “as broadly applicable and holistic as possible, so we’re not customizing our solutions for a particular manufacturer or a single vehicle.”
“Our mandate is to think holistically at a higher level,” agreed Rask. “We need to be more forward looking and prioritize realistic and emerging threats versus more general concepts. How do we leap ahead with our technology and design a solution to prevent attacks, rather than minimizing the damage done with an occurrence?”
Still, there is even a larger mobility space to consider, the researchers note. The effort continues to grow in scale when vehicle-to-vehicle and vehicle-to-infrastructure relationships are considered, as well the infrastructure itself, such as connected traffic lights. They also see applications beyond traditional consumer vehicles, like the trucking industry and the military fleet.
“We have the assets and breadth of analysis at Argonne that are uniquely suited to this work, from real vehicles, laboratory environments and supercomputers, to a strong multi-disciplinary collaborative team,” Rask concluded. “And we have new capabilities as we combine the machine learning, cyber security and vehicle systems expertise.”
The project work is being funded by Argonne’s Laboratory-Directed Research and Development (LDRD) Program.
Argonne National Laboratory seeks solutions to pressing national problems in science and technology. The nation’s first national laboratory, Argonne conducts leading-edge basic and applied scientific research in virtually every scientific discipline. Argonne researchers work closely with researchers from hundreds of companies, universities, and federal, state and municipal agencies to help them solve their specific problems, advance America’s scientific leadership and prepare the nation for a better future. With employees from more than 60 nations, Argonne is managed by UChicago Argonne, LLC for the U.S. Department of Energy’s Office of Science.
The U.S. Department of Energy’s Office of Science is the single largest supporter of basic research in the physical sciences in the United States and is working to address some of the most pressing challenges of our time. For more information, visit https://energy.gov/science.