GPS World

Tag: cyber security

  • Detroit and Silicon Valley Tech showcased at LA Auto Show

    Detroit and Silicon Valley Tech showcased at LA Auto Show

    Janice Partyka at the LA Auto Show with a car representing the GENIVI Alliance, a non-profit automotive industry alliance committed to driving the broad adoption of an in-vehicle Infotainment open-source development platform. (Photo: courtesy of Janice Partyka)
    Janice Partyka at the LA Auto Show with a car representing the GENIVI Alliance, a non-profit automotive industry alliance committed to driving the broad adoption of an in-vehicle Infotainment open-source development platform. (Photo: courtesy of Janice Partyka)

    LOS ANGELES — The Los Angeles Auto Show’s Connected Car Expo, held Nov. 18-19, puts LA at the intersection of Detroit and Silicon Valley. Cybersecurity garnered attention, as did the impact of the sharing economy on connected features. Caution was urged that these new technologies be carefully vetted for safety and reliability, as failures will impede market acceptance. And research shows safety to be one of consumers’ highest valued attributes that connected vehicles can offer.

    Call to action on automotive cybersecurity. Safeguarding the vehicle with its hugely complex supply chain is an enormous challenge. Sensors can be spoofed, wireless sensors and radar can be forged, and cameras can be blocked, warned Andre Wiemerskirch of the University of Michigan Transportation Research Institute. A greater following distance between cars would allow other systems to kick in, should some sensors be hacked. Wiemerskirch appealed for a delay on all connected vehicle features that make a vehicle too vulnerable to hacking until there are better cyber security solutions. He proposed confidence levels for determining the integrity of information coming back from sensors. And he called for a resilient architecture to be created with mature security solutions, such as those used in iPhone security.

    A dependable car hacker? Faith in vehicle reliability is one thing; faith that the vehicle won’t be hacked is another. I was looking forward to Chris Valasek’s appearance once again at the Connected Vehicle Show. He is a skilled automotive hacker, who has helped the industry become more secure. You may have read the account by Andy Greenberg in Wired magazine of how Valesek and a cohort hacked Greenberg’s Jeep (with permission) while he was traveling on a freeway. This included disabling its brakes, accelerator and other core functionality. Valasek didn’t show up for his scheduled talk, which, perhaps, can’t be seen as unexpected.

    How well do they perform? Connected vehicles struggle with performance in certain environments, warned Thomas Form of Volkswagen. More testing and work are needed for automated cars to handle bad weather, particularly conditions in which visibility is obscured, like fog or sandstorms. Unusual objects, such as tumbleweed skittering across the highway, can cause an automated vehicle to make an emergency stop. What would happen when a traffic light is red, but a police officer points to a driver to go, or indicates she needs to stop at a green light? Form exhorted attendees to test all scenarios, even the unlikely ones.

    Will driver skills erode? One attendee asked panelists if with automation, drivers’ skills will become rusty from disuse and be less able to handle manual driving, pointing to the airplane disasters of Asiana in San Francisco and Aeroflot in China. Both flights crashed due to pilots’ confusion with autopilot. The U.S. Federal Aviation Administration (FAA) claims two thirds of pilots make mistakes because of their reliance on technology. A common error is not recognizing that the autopilot has been disconnected. A report from the FAA reads, “pilots sometimes rely too much on automated systems and may be reluctant to intervene.”

    Industry worried about sharing. The exponential growth in the sharing economy and declining interest among young people in owning a vehicle was one theme of the conference. If this becomes a massive disruptive trend in mobility, do we know its influence on the uptake of connective technology? The young are most ready to embrace new technology, yet teenage driver license rates peaked in 1982 and have fallen ever since.

    New mobility options. Millennials, those born after 1980, are showing less enthusiasm for car ownership and driving than their predecessors. Less than 70 percent of those aged 16-24 have a driver’s license. John Zimmer of Lyft reported that 60 percent of their rides in San Francisco and 50 percent of those in New York City are with Lyft Line, a service in which strangers heading in the same direction share Lyft rides. Not only are riders accepting an unknown person to drive them in a personal car, they don’t mind sitting shoulder-to-shoulder with strangers in the intimate confines of a vehicle. Zimmer reported that Lyft is now looking to offer themed cars, such as those showing sports or other types of entertainment on video screens to create new market “verticals.”

    Transforming a personal car into rental vehicle. Cars are vastly under-utilized with the average U.S. household using its cars just four percent of the time with only 1.7 seats occupied on average. This has been duly noted by some car owners, who have created an economy of renting out their vehicles with the help of services like RelayRides. Automakers are taking stock of how Airbnb sliced into the hotel market and are looking at ways to own shared mobility. Ford is one of the OEMs experimenting in the sharing market. Alicia Agius of Ford described Go!Drive, which offers access to a fleet of cars for flexible and affordable one-way journeys throughout London. It also serves to introduce drivers to the Ford brand and build a loyal base among those who become car buyers.

    How are we doing? The intersection of tech and automotive is going remarkably well, and the OEMs are proud of how they have cut long development cycles and become more open to new ways of thinking. Tech has prided itself as the innovators, but a speaker from Google humbly remarked, “The automotive industry has been thinking about the future longer than those of us living in Silicon Valley and working at Google.” A nice tip of the hat.

  • Markey Report Concerns Connected Vehicle Industry

    Editor’s note: Dennehy is GPS World’s editor for location-based services, writing a monthly column for the LBS Insider newsletter. The views expressed are his own. He will be covering the Mobile World Congress in Barcelona for GPS World. Contact him at [email protected] with your news. 

    Markey-report

    Sen. Ed Markey’s new car technology report, released earlier this month, basically says that connected vehicles can be hacked, causing danger to drivers and presenting major privacy concerns. While some critics believe Markey’s report was meant to drive media hysteria, others say it raises serious issues that the industry needs to address. In other location news, I’ll be covering the Mobile World Congress in Barcelona for GPS World. What will be the showcased location technology? Wearables? Connected vehicles? Or something new? 

    Kevin Dennehy
    Kevin Dennehy

    By Kevin Dennehy

    A report released by Sen. Edward Markey (D-Mass.) earlier this month says that even though drivers have come to rely on new connected technologies, automakers haven’t done their part to protect them from cyber attacks or privacy invasions

    First reported by CBS News’ 60 Minutes, Markey’s report, Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk, includes information from 16 automobile manufacturers who were given questions about security and privacy. However, few of the carmakers’ answers included how vehicles may be vulnerable to hackers — and what driver information is collected.

    Location industry veteran Kim Fennell, deCarta CEO, said the report should be a real concern to the industry. “But it’s more of an issue for autonomous driving and the security of the car’s electronic control system. Even today, the OnStar service, which was a pioneer in the connected car space, can remotely slow your vehicle down in the event of a theft,” he said. “This feature, if hacked, could definitely create massive problems if the proper security technologies are not implemented.”

    Markey’s report raised additional concerns about the use of navigation and other features that record and send location or driving history information.

    Markey-telematicsFennell said there should be a distinction between the infotainment systems in the vehicle and the on-board control systems of the car.

    “We believe that there should be a strict firewall between these systems so that nothing malicious can happen that is initiated from the connected infotainment system. Any data should flow one way — from the control system of the car to the infotainment system,” he said. “This is not to say that the connected infotainment system shouldn’t be secure, it should be. In working with our OEM and Tier One partners, we have implemented strict security protocols between our servers and their apps.”

    Markey’s report found that “[automakers] use personal vehicle data in various ways, often vaguely to ‘improve the customer experience’ and usually involving third parties, and retention policies — how long they store information about drivers — vary considerably among manufacturers.”

    In addition, the report found that customers are often not made aware of data collection and, when they are, they often cannot opt out without disabling features, such as navigation.

    Source: Kenvin Dennehy
    Percentage of Vehicles that can record driving history

    Overall, Fennell hopes that the most malicious thing that could happen in the event of a hack of an infotainment system is that a “Pandora station is changed to play nothing but Justin Bieber songs, the traffic information for your route is projected to be ridiculously long or the Yelp rating of the restaurant that you are going to is lowered down to one star.”

    Ultimately though, the driver should be in control of the car and nothing in the infotainment system should affect the behavior of the vehicle, Fennell said.

    In terms of driver safety, in a recent survey, deCarta found that more than two-thirds of respondents considered dashboard screens that display videos and other Internet content to be the most dangerous types of onboard information systems. Approximately 79 percent of those polled preferred “voice-activated mapping systems that allow drivers to keep their eyes on the road” as an essential safety-enhancing feature.

    “There are two things that infotainment systems could do better to prevent driver distraction. First, instead of replicating the stove-piped app store environment of the smartphone, in-car infotainment services could be better integrated,” Fennell said. “If I find a destination on Yelp, I’d like to send that to my navigation system instead of typing in the address. Second, with today’s better automated speech-recognition technology and text-to-speech engines, it’s now possible to make requests of your infotainment system using natural language commands. Voicebox is doing some great things in this area.”

    Fennell said that most existing systems are not connected. “But those that are, aren’t predictive enough. Your navigation/infotainment system should almost work as a concierge,” he said. “It should recognize what time it is and realize you are most likely leaving for work and offer up the best route based on traffic conditions. It should recognize that you are going to a destination in an urban area and offer the most convenient parking to your destination.”

    Company Rolls out Indoor Positioning Product that Doesn’t Require Retailer Involvement

    After testing and demoing the product in San Francisco last year, IndoorAtlas is rolling out a consumer app called GPSindoor, which uses smartphones to locate shoppers inside a mall. The product features product proximity advertising to allow shoppers to see where they are relative to a product for promotion marketing.

    The product includes a crowdsourcing function to allow user-generated data to build indoor maps, wayfinding and other options for shopping promotions, said Wibe Wagemans, IndoorAtlas president.

    “We don’t need any retailers per se. We need only the shopper and [their] smartphone,” he said. “There is no brand or retailer involvement if you use our app. Unlike Wi-Fi and Bluetooth beacons, since GPSindoor relies on a community of shoppers, it allows for higher accuracy than static maps. That gives us the confidence to take on the giants like Apple Beacons and Google Indoor Maps head on — we are completely independent of retailers and not dependent on them for our success in becoming the GPS of indoors.”

    In other location news:

    • HERE released a new version of its mapping system for Android, saying it made significant improvements. According to the company’s blog, after more than 3 million downloads, it is shedding the “beta” label with this version. In the beta version, when users asked for a route, the app gave them three car routes. If a user wanted public transit or pedestrian routes, they had to switch to the appropriate tab. This process was slow and inconvenient for people who don’t use a car all the time, HERE said.
    • In its recent financial statements, Garmin indicated a growing, and profitable, segment is its wearables/fitness band product line. Mio is also expanding its wearable offerings. This should be a big topic at next months’ Mobile World Congress.

    I’ll be covering the Mobile World Congress in Barcelona for GPS World. Contact me at [email protected] with your news.

  • Royal Institute Hosts New Navigation Conference

    Royal Institute Hosts New Navigation Conference

    INC_2015_logoThe Royal Institute of Navigation is launching a new international conference series, tackling some of the biggest issues across the domains of modern navigation: land, sea, air and space.

    The RIN is now accepting abstracts for the conference.

    The International Navigation Conference 2015, set for February 24-26, 2-15, is planned as a first event in a new series of world-class conferences. The first conference will highlight the state of the art in fields such as GNSS and Galileo, indoor positioning, autonomous transport, security and resilience of navigation in the world of cyber attacks, and new quantum technologies. The event will be of special interest to the maritime, aviation, PNT, transport, research and development and security communities.

    Speakers, and the topics they will discuss, include:

    • Privacy In Tracking (smartphones and indoor navigation) – Google
    • Security and resilience — Dana Goward, president and executive director, U.S .Resilient Navigation and Timing Foundation
    • Multi-Constellation GNSS — Gian Gherado Calini, GSA
    • Multi-Sensor Integration — Professor Dorota Grejner-Brzezinska, The Ohio State University
    • Quantum Technologies — Sir Peter Knight, professor of Quantum Optics and Senior Research Investigator, Imperial College London
    • Emerging Trends and Current Challenges — Colin Beatty FRIN, CBiL
    • Autonomy in transport — BAE, ASTREA
    • Legal Aspects of Navigation — Professor Frans von der Dunk, Institute of Space Law, Leiden University

    To learn more, visit the conference website.

  • Cyber Warfare: Report from the 30th Space Symposium

    Report from the 30th Annual Space Symposium, May 19-22, Broadmoor Resort, Colorado Springs, Colorado

    For the past five years, the first day of the National Space Symposium — now known simply as the Space Symposium, the largest symposium of its kind in the world — has started with an entire day dedicated to discussions of the cyber domain as it pertains to the DoD and civilian industry. The annual event highlights presentations from the major civilian cyber players and the senior cyber commander for the DoD, military services and government agencies. Several of the now-senior military officers worked for or with me as junior officers at some point in the past, and while that is an age-related humbling experience, it also makes me proud of them at the same time.

    One major talking point, among many, is crystal clear: the U.S. government and civilian enterprises alike understand that cyber security is a critical mission and that cyber warfare, especially from a nation-state point of view, is a credible and viable threat to every government and civilian program and and to everyone today.

    Major General Kevin McLaughlin, currently the commander of 24th Air Force and AFCYBER, the major command that takes cyber warfare to heart as a major mission, is one of those young officers in my past that make me proud today. Kevin was the luncheon speaker, and he put the Air Force role for cyber warfare in perspective as well as explaining how the Air Force role is integral to the overall Defense Cyber Enterprise. This integration role may seem like a small matter, but General McLaughlin’s explanation of Air Force and DoD cyber and IA (Information Assurance) synergy is critical to the success of his organization and mission.

    This is critical because throughout my Air Force career and even today I constantly encounter commanders that are quick — too quick in my book — to explain, usually with great passion, why their particular mission(s) are critically important and “unique” to the Air Force writ large enterprise. Unfortunately, history shows us that “unique” organizations within services do not always fare well in budget scenarios, especially seques-castration budgets.

    In my humble but experienced opinion, the senior officers commanding these “unique” organizations, be they cyber or otherwise, would fare far better if they conformed to Air Force budget requirements and still conducted their day-to-day unique missions just like a fighter pilot and fighter sortie. By that I mean you never know what you will encounter on a fighter sortie. You never know what the enemy will throw at you but you can rest assured that any plan, no matter how well conceived, will not survive initial contact with the enemy. The plan always changes and will hopefully be successful, but only because of flexibility, which has been described as the key to air power, and certainly not because of the “plan.”

    So, I was assured when Gen. McLaughlin described “A Day in the Life of a Cyber Warrior” just as I would a fighter sortie. Prepare for the known threat and expect the unexpected. Be innovative and flexible, and you may win the battle and live to fight another day, because make no mistake about it, cyber warfare is a life-and-death struggle.

    Fortunately, there do seem to be solutions that work, and a key point that was made numerous times by various speakers is that the small, small, usually local cyber warrior company is often times much more successful than the security behemoths that tend to get bogged down in their own administrative minutia. One of the companies mentioned was NDP, a small cyber and IA company in Boulder, Colorado, known for its work slaying the cyber dragons attacking the well-known SBIRS (Space Based Infrared System) program. The story goes that NDP, with only 50 employees, took on major global SBIRS cyber and IA issues and made it look simple. It is always the real experts that make it look simple. The chairman of one of panels really put it in perspective when he opined, “Would you really want Raytheon or Boeing providing anti-virus software for your home computer? Probably not! No slight to the mega companies intended, but I would go with the local, flexible and responsive small company, like NDP, every time.”

    Thankfully, a lot of what I heard this year, as opposed to years past, conforms to the scenario I just described. Bad cyber actors (villains), local or nation state, are anticipated, and while the white-hat cyber warriors win more times than they lose, it is clear there is currently no panacea for cyber and IA threats — just hard work, diligence and flexibility to hopefully win the conflict.

  • Why Data from Automated Vehicles Needs Serious Protection

    Concerns about data privacy aren’t going away and, in fact, are growing. Many retailers that have adopted in-store tracking technology to enhance shopping experiences and gather information on customer behavior have met with backlash. Increasingly, people are turning to a new crop of apps to safeguard how personal information is used in other apps. We have apps to guard other apps. The world is getting more confused and scary. The Heartbleed bug and other threats have heightened concern about an even more threatening vulnerability of our connected world. So how will drivers feel about increasingly automated vehicles that generate huge masses of data of an exceedingly personal nature? What happens when it is hacked?

    Automated vehicles require multiple types of sensors to obtain information about the vehicle, its movement, and the surrounding environment, which includes the roadway, other vehicles, obstacles and infrastructure. All sorts of ambient information may be captured. Perhaps activity outside of your house, or your kids on their way to school, or the licenses of cars in your driveway will be caught on camera.

    The massive amount of data collected needs to be crunched, and only some of it will be processed within the vehicle. Other captured data will be sent off-board to the cloud for handling, with results then returned to the vehicle. The amount of data that will be created by automated vehicles is uncertain, but I’ve seen estimates of 1 GB per second. Whatever it is, it will be immense.

    What’s collecting data in a driverless vehicle? Lidar, a laser technology that uses reflected light, is identifying everything around the vehicle with great precision. Cameras are taking pictures to detect phases of traffic lights, identify stop signs, and map road lane markings. GPS is tracking the location of the vehicles and helping with navigation. Sonar is detecting objects and measuring their distance, speed and direction. And each vehicle is exchanging positioning, braking, heading and speed data with other vehicles on the road to prevent collisions.

    The data generated is both of a critical and personal nature. And data that is moving in and out of the vehicle to be processed elsewhere or to communicate with other vehicles is particularly vulnerable. The consequences are far greater than a violation of privacy or a stolen identity. The operation of vehicles is at risk to be maliciously disrupted to disastrous outcome. This isn’t an issue we can put off until driverless vehicles are closer in reach. Vehicles today are increasingly equipped with safety and entertainment features that capture critical or sensitive data, any of which could present a threat in the wrong hands.

     

     

  • Locata Warns: Lessons to Be Learned from GLONASS Spasm

    Locata Warns: Lessons to Be Learned from GLONASS Spasm

    Calling it an “unprecedented and deeply worrying total disruption . . . [that] shook the industry,” Locata Corporation reiterated its call for redundant terrestrial systems to back up GNSS in the wake of the April 1 11-hour GLONASS system outage.

    Nunzio Gambale, Locata CEO, said “We have been telling the industry for years that you cannot have a critically important capability like GPS without also having a backup! What is Plan B if the satellite systems fail? What replaces the space signal when there is a problem? If anyone needed a sign to understand why Locata has spent years inventing and developing the world’s first local terrestrial equivalent of the GPS system, then last week’s meltdown of a complete global satellite navigation system is it. This event should terrify every nation, government, and company that depends on navigation satellites for their business or, in some cases, their very lives.”

    The navigation and timing functions of the global positioning systems underpin the world’s banking systems, stock exchanges, digital TV and Internet, cell phone networks, and, in some cases, the national electricity supply, Locata pointed out. GPS, in particular, plays a crucial role in transportation, shipping, and logistics, serving as the enabling technology for critical functions like air traffic control. Reliability is therefore not just important; it is essential across all applications. Locata, the Resilient Navigation and Timing Foundation (RNTF) in Washington, D.C., and others have persistently called attention to the need for redundant terrestrial systems that will back up expensive, vulnerable, and aging global satellite navigation constellations while simultaneously providing the local control and resiliency that satellite-based systems cannot deliver.

    Professor Chris Rizos of the School of Civil and Environmental Engineering at the University of New South Wales stated that “This catastrophic failure of one of the world’s two global satellite navigation constellations is a wakeup call for all of us. We ignore the possibility of these ‘Black Swan’ events at our own peril.”

    The GLONASS disruption was felt around the world, immediately upon its origination, especially in professional applications, such as tractor automation for farming, machine control and robotics in mining and heavy industry, and in the national infrastructure used by surveyors and industry across many countries.

    “This shows just how interlinked the physical and cyber worlds have now become,” added Professor Brett Biddington, a space and cybersecurity expert from the School of Computer and Security Science at Edith Cowan University, Australia. “The prospect of a software glitch, whether unintentional or intentional, seems highly likely [as a cause for the failure]. If it was a deliberate attack, however, it points to a changing face of warfare where the real enemy may be impossible to detect and deter until very damaging strikes, such as an attack on the GPS system, have already taken place.

    “The vital point here is that this is no longer just a question for scientists and technologists. A locally controlled backup system for this essential signal is a national policy question of the highest order.”

    Locata Corporation and other industry authorities have long testified on global satellite navigation vulnerabilities and the need for diverse technology options to strengthen and back up GPS, GLONASS, and other systems. Locata developed a robust solution and has been awarded a sole-source contract by the U.S. Air Force (USAF) to provide its terrestrially based alternative positioning for military applications where GPS has been completely jammed. The first wide-area Locata system is being deployed now at the White Sands Missile Range in New Mexico. The USAF demonstrated that the White Sands Locata network delivers what has been extremely high accuracy over a 2,500-square mile area, positioning aircraft flying up to 35 miles away to an accuracy of better than six inches.

    A pair of LocataLite transmit antennas overlook a section of the White Sands Missile Range blanketed by the Locata high-precision ground-based positioning system.
    A pair of LocataLite transmit antennas overlook a section of the White Sands Missile Range blanketed by the Locata high-precision ground-based positioning system.

    “There is no other technology that can do this, and it’s delivered in the complete absence of GPS,” continued Gambale. “What is being demonstrated at White Sands is that Locata supplies precisely the same function as GPS, even when there is no GPS available. That’s exactly what you need if the satellites fail.

    “If this event had been a GPS failure instead of a GLONASS failure – and it could very easily have been – then the entire world would have plunged into a catastrophe. This event is the navigation equivalent of a ‘close call moment,’ and from here on out no one can even question that this is a really serious problem that must be addressed. Another industry expert recently told me, ‘If there was a sustained GPS outage, it would cause a global financial nuclear winter from which it would take us decades to recover.’”

    Gambale concluded, “We need action to develop local backups like Locata around places like airports and other strategically important areas – now! We must not wait until we are faced with another seemingly impossible event like a complete satellite constellation failure. We may not dodge this bullet a second time.”

    Locata terrestrial positioning technologies complement GPS by setting up ground-based transmitters, called LocataLites, to create a local constellation called a LocataNet. Once properly deployed, Locata’s unique nanosecond-accurate TimeLoc system synchronizes the network, which allows it to replicate the positioning capabilities of GPS, locally. LocataNets operate today in environments ranging from small warehouses to open-cut mines, wide-area aircraft approach-and-landing systems, and wider areas for aircraft and unmanned aerial vehicle (UAV) uses.