article

Cyber security in a transport revolution

Posted: 20 January 2017 | James Gleave, Foresight Analyst at Transport Systems Catapult and owner of consultancy Transport Futures | No comments yet

James Gleave, a Foresight Analyst at Transport Systems Catapult and owner of consultancy Transport Futures, discusses cyber security in intelligent mobility and provides steps on staying secure.

Cyber Security in a Transport Revolution

The world of mobility is undergoing nothing less than a technological revolution. Such technologies pose significant issues, most notably cyber security. Hacking of connected vehicles and traffic signals regularly hits the headlines and news. How this issue will evolve, and how the automotive, public transport, maritime, aviation, and other sectors of mobility react will be critical.

The Transport Systems Catapult, in collaboration with Digital Catapult, IBM, Coventry University, and the Institution of Engineering and Technology, has undertaken research on the future of cyber security in intelligent mobility. That research has culminated in the publication of a new ‘Cyber Security and Intelligent Mobility’ report. But what does it mean and what does the future hold?

Intelligent Mobility will be a whole new cyber security proposition

The future isn’t just an extension of the current issues. As demands for integrating technology into mobility become insatiable, Intelligent Mobility will be a whole different proposition to securing current transport systems. It is one that we need to understand quickly if we are to remain safe. This proposition is characterised by the following elements:

  • Deep levels of integration across all mobility sectors and new forms of mobility. As Mobility as a Service-style services that integrate several aspects of several systems gain advantage, the technological relationships between infrastructure providers, service operators, and technology solutions will become deeper. All providers will need to understand and plan for security issues at a system level.
  • Decentralised control of customer and operational choices. The customer will utilise new technologies to put themselves in control of their mobility. Single points of control that are characteristic of modern intelligent transport systems will be replaced with decentralised systems of coordination, information-sharing, and decision-making between multiple organisations and individuals, enabled in real time by technology.
  • Autonomy as standard, but with humans. Vehicle manufacturers are increasingly taking the mindset of designing new vehicles with future autonomy in mind. Safety-critical systems are the manifestation of an increasingly cyber-physical challenge, and is one of most concern to cyber security and transport professionals.
  • New business models and services emerging. The business model of mobility is rapidly changing. Shifting away from selling vehicles or running public transport services, into being whole mobility companies will radically change the economics of the mobility market. This affects the business case for investing in cyber security.

There will be big challenges

Mobility companies, governments, academics, cyber security practitioners and people using our mobility systems every day face new challenges. Our research indicated that even securing current systems whilst maintaining levels of services is a huge challenge.

Levels of maturity in tackling this challenge vary across the sector, and each sector is fast trying to improve its understanding of this space, while the numbers of cyber-attacks are rapidly increasing. The future is only likely to see more attacks, happening more often, with a greater potency.

Cyber Security in a Transport Revolution

Intelligent Mobility brings more challenges, not just related to technology. New security governance structures crossing mobility sectors will need to be in place, sharing intelligence and solutions between traditionally conservative sectors. As the business model for mobility shifts, cyber security companies will see new Mobility as a Service customers emerge. Demand for an already limited supply of cyber security skills will sky-rocket further.

So what can I do?

The tempting thing to do will be to run, hide, and unplug all of your connected infrastructure. But that time has been and gone – the technology is here to stay. Luckily, there are things you can do to deliver technologically leading services, and keep yourselves secure:

  • Perform basic cyber hygiene. If you’re an individual, take basic actions like making your password easy to remember and hard to guess, and don’t leave your screen open when making a cup of coffee. It sounds simple, but it makes a big difference.
  • Take the same attitude to cyber security as you do to safety. Get trained in cyber security basics – it will benefit you and your organisation. Lobby before and become a lead person within your department who will act as a cyber champion.
  • Be aware of what you sign up to. Ask yourself – does this app really need access to my Facebook profile? Can i just get away with giving them my email address? For professionals, get to know the security contacts in your suppliers, potential suppliers, and users of your data.

None of this is a barrier to Intelligent Mobility. They are basic steps that go a long way. Future users of our mobility system will demand a personalised service offering, where technology puts them in control of their journey experience. But they will expect all of us to keep them safe and secure. Let’s give that to them.