Friday, July 22, 2016

Transformation On Wheels: The Sentient "Car-Bot"

Bill Boldt                                                                                                   
Business Development Manager, Security

Cars have been a society transforming technology whose impact has rivaled that of  public sanitation, antibiotics, jet travel, telephone, and electricity.   Over time, the car has functioned as a status symbol, a rite of adolescent passage, provider of personal freedom, enabler of the formation of the middle class, and the catalyst of mass assembly and consumerism.  

The next transformative event involving cars is already upon us, and it is a really big deal; namely, the "Car-Bot."    Cars are becoming self-propelled robots, and the Tesla with Autopilot is the poster child car-bot.   Autopilot truly does take the wheel and completely drive the car under certain conditions, like the highway. That is simply amazing.  Beyond Tesla, every car company, including new ones that are popping up, are going after assisted and autonomous driving. The established carmakers (or "OEMs" in auto-industry argot)  are just slower to make that happen since they actually have to run an industry with an existing manufacturing and distribution infrastructure and not just conduct a large scale science project that hit the road.  When the big guys get going we will see even more amazing things and on a scale that will change not just individuals' lifestyles, but cities, economies, and society itself.  

All car makers know the car of the future will be defined mainly by the software that gives it personality, purpose, and features.   The “software-defined car" will catalyze transformation including new ownership models such as shared or fractional and updatable performance and features.  There are already signs of fractional ownership and pay as you go usage. That is the Uber-effect.  Designs are already being presented for small buses ("bus-bots") that drive themselves to help ameliorate the crush of urbanization.  The bus-bot can solve important problems that urbanization poses, such as better resource utilization, reducing pollution, improved road safety, and less road congestion.

The platform formerly known as the car is becoming a networked, sensing-actuating, connected, computer system of systems .  Sensors and actuators will communicate over a range of evolving electrical communications buses to act in a coordinated organic way, controlled by sophisticated integrated software and hardware inside and outside of the platform/vehicle.  The software and hardware must be cryptographically super-secure to create a truly safe system (i.e. one with very few crashes).  Cryptographic security means that mathematical algorithms like those used to secure electronic commerce web sites will be embedded into the vehicle and used to communicate to the vehicle.  This is known as Public Key Infrastructure (“PKI”) and ensures that the signals that sense and control things cannot be hacked, corrupted, or monitored. 

Cryptography maintains the confidentiality, data integrity, and authentication (the three pillars of security) of the various signals inside the car, between cars, and between cars and infrastructure to ensure safety, security, and reliability.  More on that later.                                                   

The move to the car-bot started fairly humbly with in-vehicle entertainment, but will end up growing into a virtual organism of transportation-communication-and-lifestyle.   It is as if car radios, GPS, and cell phones were like single-cell organisms that materialized independently, but then linked up into multi-cell organisms.  More linkage is happening and the organism is evolving further.  Infotainment (the first linkage) is already linking with instrument clusters, ADAS, and more.  Hypervisors are making this happen.

What really made the linkage of segregated systems possible was the right kind of operating system.  And, in the case of a car it had to be safe, secure, and reliable.   Those three items cannot be over-emphasized.   Just ask car companies that made the mistake of not using the right type of operating system and had to go back to the drawing board. 

In parallel to the cockpit electronics evolution, there were other evolutionary branches on the locomotion and safety fronts that included Electronic Control Units (ECUs).   ECUs are little computers that intelligently control physical things like mirrors, lights, seats, AC, and other things in the body or cockpit.   More importantly, ECUs made for better control of brakes, engine systems, airbags, and other things that make the car stop and go and become safer.   

ECUs started out as discrete items that did one thing, but quickly became connected via in-car networks of various types such as CAN, LIN, MOST, Ethernet, etc.  These networks are like the prototypical spinal/nervous system in early vertebrates.  In addition,  ECUs (little brains) are becoming larger and capable of doing many more things at once (bigger brains).   This is represented by emerging domain controllers that are leveraging the amazing advancements in multi-core processing and architecture.    
Now that electrical automotive vertebrates have shown up, the evolutionary stage is being set for the omega point (i.e. the ultimate stage of evolution): Sentience.    Sentience means self-aware and self-controlled.  However, it is not just the vehicle that will become self-aware, it is the entire ecosystem that contains the smart vehicle, the cloud, and the smart/communicating cyber-physical infrastructure that interacts with it.

Note again that none of this can be possible without robust cryptographic security. Security is a leitmotif that will show up throughout the entire system. It must be everywhere at all times.  The sentient car-bot ecosystem will contain smart sensors, distributed processing systems, multi-level security, transmitters and receivers, and service providers, among others.  The bottom line is this:  No security, no sentient car for you.

There are strong forces that are driving the software-defined, sentient car-bot evolution.  What underpins all of these forces is that each will require the triad of Safety, Security, and Reliability.   The triad must be present in all the systems in the vehicle from infotainment to instrument clusters, to body control, to engine control, etc..    The triad must be present at all times when the systems communicate with each other, with other vehicles, and with the infrastructure. The systems have to be secure even at rest to fight off attacks.   Service providers must provide services that are safe, secure, and reliable.  

Subscribers and vehicle owners will abandon products and services that are weak on any of the parameters.  The invisible hand of the market (as coined by Adam Smith) will kill companies and solutions that are not safe, secure, and reliable.   Respect the Triad!

Safety, security, and reliability must be forethoughts.  They are not products or features that can be offered as options.   They cannot be bolted on.  All three must be infused into everything at birth.    It is not hard to see that the parts of the triad are inseparable, meaning you cannot provide one without the other:  Can something be safe if it is not secure?   Can it be reliable without being safe?  Can it be reliable without being secure.  Clearly not.  The triad is the DNA of the software-defined car.  

Other articles will explore how designing with the triad in mind can make the software-defined future easier to create.  Hint:  it will require a safe, secure, and reliable operating system and end to end security.

In the meantime, please take a look at the QNX operating system and the security products from Certicom that secure the manufacturing supply chain and securely manage cryptographic keys and certificates.  Doing so will help you understand Blackberry makes autmotive not just secure, but BlackBerry Secure.