Fully autonomous vehicles not practical: cybersecurity expert

Moshe Shlisel, GuardKnox
GuardKnox's CEO Moshe Shlisel is busy developing robust cybersecurity solutions for automobiles, but concedes that fully autonomous vehicles at this time present a number of difficult challenges. (GuardKnox)

With a background in developing security solutions for aircraft, GuardKnox’s founder and CEO Moshe Shlisel is no stranger to the challenges in securing transportation vehicles. Concerned over the myriad technical difficulties in securing automobiles, Shlisel believes the vision of fully autonomous cars will not materialize anytime soon.

Shlisel believes the ethical questions with the public accepting autonomous vehicles is one large hurdle. He said that given security concerns, would people feel comfortable riding them. Using the example of a robotaxi, Shlisel asked, “Would you want one of your family members boarding one of those vehicles?”

Shlisel said, “We will never see a Level 5 (fully autonomous) vehicle. On top of ethical concerns, you have the obvious cybersecurity challenges. The more connectivity the vehicle has, the more security issues.”

If there’s anyone qualified to speak on the difficulties of securing transportation vehicles, it would be Shlisel. A veteran of the Israeli Air Force, he served as the Deputy Commander of Special Operations and oversaw the development and application of highly complex products, including the development and implementation of hardware-based security solutions. 

Shlisel hopes to leverage that expertise with GuardKnox, which specializes in hardware-based solutions for automotive cybersecurity, prevention of vehicle hacking and electric vehicle charging. The company also develops customizable cybersecurity solution for OEMs, Tier 1s or the aftermarket, with only software or with customer-specified hardware.

The company’s solutions use what Shlisel terms as a “Communications Lockdown” approach borrowed from the security hardware deployed in Israeli jets, whereby a formally verified and deterministic configuration of communication is enforced among the various networks of the vehicle. According to Shlisel, GuardKnox has made a number of developmental agreements with Tier 1 automotive OEMs.

For automobiles, Shlisel said this involves a central gateway ECU (Electronic Control Unit) typically linking 5 to 10 networks and 100 to 150 individual ECUs controlling various car functions. The trick is to have all these elements work with one another in a manner that does not cause interference or adversely affect car operation.

Because of the complexity of debugging software, Shlisel overwhelmingly favors a hardware-based approach. “With hardware you can just plug in. If you change a piece of software code, you have the issue of integrating that code with systems from different companies.”

Shlisel added that cybersecurity challenges in automobiles is complicated by the fact that the vehicle is not traveling a fixed path, as would be the case if it was on a guideway, such as it would be with automated trains carrying passengers between terminals at airports.

One step toward improved vehicle security could be standards, and Shlisel noted that ISO/SAE 21434 “Road vehicles – Cybersecurity engineering” would be a step in the right direction. That proposed standard, slated to roll out later this year, would provide a global standard for automotive cybersecurity through a common terminology set that would be deployed across the entire automotive supply chain.