Safety vs Convenience and Cybersecurity

If you have driven a late-model road vehicle recently, there were several innovations that immediately confronted you. The first is the ignition… no longer a key, but now a fob and an on-off push-button starter rather than key twist. Another is the gear selection … while some manufacturers still use a quasi-stick shift, others are moving to pushing buttons and turning dials. Heavy metal linkages for changing gears, applying brakes, and the like are being replaced by “fly by wire” devices that transmit electronic messages to servo motors that change gears, etc., since they are lighter and probably cheaper to manufacture.

But along with these electro-mechanical devices come certain cybersecurity risks and safety hazards. One that is receiving much press lately is that of drivers accidentally forgetting to turn off car engines leading to carbon-monoxide poisoning when the car was parked in an in-house garage.

Other issues resulting from these new technologies involve kludgy mechanical workarounds to be used when the primary system fails, or the battery runs out. You may very well not remember these workarounds when you need them most since primary systems are quite reliable. But, when the battery in your fob dies, you need to know where the door lock is hidden and where you can place the fob so that the vehicle can read it. It would be nice is these backup systems were standardized, but they’re not, which can make it particularly difficult if you are in a hurry and don’t remember the procedures or the locations of the locks, readers, etc.

The quest for simplicity often results in complex, unintuitive mechanisms that have many points of failure. If your control panel touch screen breaks, numerous key functions may become immediately unavailable (such as heat, radio, navigation) making for more dangerous driving conditions. If you are driving a vehicle in which virtually all the controls are via touch screen, you  are really out of luck.

Furthermore, with more and more vehicle functions being controlled electronically over internal networks, and some able to be controlled remotely (such as locked-door opening via OnStar), a cyber-attacker has a whole new menu of activities that they might exploit.

The drive to cooler technologies has created unintended and unexpected consequences for some decades. I recall writing a letter to the editor of Business Week about a new TV remote that only had a few buttons … on/off, volume (up/down), and channel (up/down). Very sleek, but completely impractical for changing channels. Rather than accessing a channel directly using a numeric keypad, one had to scroll up or down until you arrived at the channel of your choice. As you can observe from modern remotes, that innovation didn’t go anywhere.

And that is the way it is with many modern devices and apps. Millions of us willingly give up privacy in exchange for goods and services, and we are enthralled with the latest gee-whiz features even though they challenge safety and leave devices open to cyberattacks.

While we can observe directly what is happening to our home devices, automobiles, and the like, and may be willing to tolerate some small level of risk in exchange for convenience, the same is not true for our critical infrastructure. We somehow hope that our electrical grids, nuclear power stations, communications networks, weapons systems, etc. are adequately protected against massively-damaging cyberattacks … but oftentimes they are not. After all, the same rush to convenience means connecting power stations to the Internet so that engineers can monitor and manage them remotely. But are the risks worth the convenience? Frequently they are not, but it seems that the tradeoffs are not discussed ahead of time and before we plunge into a brave new world that puts us increasingly in danger from nefarious cyberattacks. If you don’t think it could happen, just read the news. It has already.

Post a Comment

Your email is never published nor shared. Required fields are marked *