I was asked to meet with the some of the staff from the Office of Management and Budget (OMB) this week. To be clear, the OMB is a White House department but sadly the meeting wasn't in the White House itself -- it was a couple of blocks west.
The OMB's job is to run a cost/benefit analysis on any new regulations to make sure they're worth doing. Since February, the OMB has been analyzing the Department of Transportation's proposed mandate for Vehicle to Vehicle (V2V) Communications using a technology known as Dedicated Short Range Communications (DSRC).
At the end of June, a Request for an Emergency Stay was submitted to stop deployment of DSRC, stating that "the FCC must impose adequate cybersecurity and privacy protections before allowing automakers to activate any DSRC systems." The petition then resorts to scare tactics, claiming "the one thing that has prevented cyberterrorists from creating a ‘car zombie apocalypse’ by infecting thousands of cars with malware designed to crash them into crowds or one another has been the inability of cars to communicate with each other."
As the lead editor of the IEEE 1609.2 V2V security standard, I helped draft a response to this petition and invited to meet with the OMB, along with Regina Hopper, the CEO of ITS America. There have also been a number of responses against the petition from the Telecom Industry Association (TIA), Alliance of Automobile Manufacturers, CalTrans and many others.
The response I helped draft laid out the reasons the petition's claims are overstated. "Security and privacy have been fundamental DSRC technical and policy requirements since its inception. IEEE Std 1609.2-2016 is comprehensive and informed by industry best practices and by academic research in cryptography, privacy, and anonymization. The standard has been through a series of revisions since 2006, with a thorough review at each revision by the Working Group, by the IEEE Standards Association balloting process, and by industry and academic experts."
There is no doubt that connected cars are vulnerable to hacking and the examples the petition provided do an excellent job proving that. However, all of those attacks were done through cellular connections, On Board Diagnostic (OBD-2) port dongles, Remote Keyless Entry fobs and other wireless connections. Unlike each of these technologies, DSRC was designed from the start with security and privacy in mind. The basic safety messages (BSMs) that are being transmitted by the DSRC contain no personally identifiable information (PII) and requires "ID changes" periodically to make tracking through the BSMs a very difficult task. This article explains the steps taken to protect privacy in V2V systems.
It is disingenuous to claim that DSRC systems cannot be hacked or used to invade driver's policy. But it is entirely accurate that DSRC’s in the V2V environment represent a much more difficult barrier to hacking than any other connected car technology. Hackers go after the path of least resistance with the biggest payoff. DSRC is not that path.
V2V communications will prevent 80% of unimpaired multi-car accidents. Preventing this technology from deployment will allow more than 1,000 lives to be needlessly lost each year. Hopefully I am able to convince the OMB of the folly of delaying this life-saving technology over some unfounded privacy and security fears.
