Drive-by Security

As technology continues to advance and permeate every aspect of our lives the potential security risks associated with technology also increases, and these threats are especially prevalent in today’s automobiles. The Automotive Security and Privacy Creative Inquiry project, mentored by Dr. Mert Pesé in the School of Computing, is working on addressing different security concerns in modern cars.

Two first-year computer science majors, Ashton McEntarffer and Kevius Tribble, are working with the module computers that are found inside cars. These computers are all connected on a common network that does not have any security measures to prevent hacking from outside threats. They are working to develop a small device that can be added to the network to detect whether signals being sent across the network are legitimate or from an outside source. Using computer learning techniques, they are training their device to recognize the unique signals from each of the vehicle’s computers so that impersonated messages can be identified and prevented from interfering with the car. Interference from hackers could lead to the driver’s personal information being leaked as well as the vehicle’s systems being compromised.

Another group of students involved in the project are looking at the differences in response times to driving scenarios between human operators and self-driving vehicles. Grace Johnson, a senior computer science major, designed a simulation for the project where participants were randomly assigned different road conditions and scenarios and asked to press their keyboard’s spacebar in response to different stimuli. Analyzing the results from their study indicated that the human operators’ responses and reaction times were much less accurate than those from a self-driving vehicle. Using the data they collected, the team will be able to contribute to the improvement of safety features in autonomous vehicles and their systems now found in most cars. These interactive systems allow for data, regarding the car and the driver, to be transmitted to Google, automakers and the manufacturers of third-party apps. The students are using an emulator which simulates the infotainment systems in most cars that allows them to check what data is being collected and where it is being sent. Then, they are comparing this information to the privacy policies of different automakers to see if the data being collected aligns with the agreement drivers must agree to before accessing the infotainment system in their car.

The Automotive Security and Privacy Creative Inquiry team is addressing the new-found threats associated with advancing technology in automobiles from a variety of angles. The work they are doing stands to increase the safety of these vehicles as well as the safety and privacy of those who drive them.