Category: Blog

28 January, 2021 . 6 mins read

Data Privacy on the Road: How to Keep Car Data Safe

Since 2007, policymakers, regulators, NGOs, and businesses from all over the world have gathered on January 28 – Data Privacy Day – to raise awareness on data privacy and to promote the latest practices and technologies used to safeguard privacy in this digital world.

As the world enters the IoT (Internet of Things) age, concerns on data privacy are no longer limited to traditional IT environments. Connected devices like CCTV cameras, AI speakers, and now even cars, all collect and stores data from our daily activities.

As cars become increasingly digitalized and connected, ensuring data privacy becomes a new challenge for the automotive industry. Cars today are computers on wheels. Just as a computer stores data inputted by its user, a car collects data generated from the drivers’ behaviours. A typical car today generates exceedingly large amounts of data from cameras and sensors, electronic control units (ECU), and in-vehicle infotainment systems.

Data from Electronic Control Units

There is no need to explain how cameras, sensors, or infotainment systems generate data, as they work just like any other digital devices. Instead, we will discuss how electronic control units (ECU) generate and store data.

ECUs are embedded minicomputers in a vehicle that control its electrical systems, which then determine the vehicle’s movement. A modern car today contains around 80 of these units. Some of the ECUs include the engine control module (ECM), powertrain control module (PCM), and transmission control module (TCM). These units serve as the car’s computer. In most vehicles, each ECU operates separately on its own. However, some manufacturers such as Tesla are looking for a new approach to combine all ECUs into a central computer.

How do ECUs generate data? Let us look at the engine control module (ECM) as an example. A mixture of air and fuel is needed for an engine to operate. Too much air and fuel will overpower the engine, while too little of this mixture will not be enough to power the car. The ratio of air and fuel is also important. Too much air would make the car slow, while too much fuel would be pollutive.

Traditionally, an analog metering device was used to measure and determine the injection mechanically. However, tighter environmental regulations and rising oil prices meant that relying on analog means was no longer sufficient to reach to high fuel efficiency needed today. This had led to the digitalization of cars. Today, instead of using analog measures, the ECM uses optimization equations stored in its chips to calculate the optimized amount and ratio needed and injects the perfect mixture into the engine.

Since the ECUs are computers that send signals to control the car, these signals can be tracked and stored in the form of data and later used for a variety of purposes, from vehicle maintenance, driving experience optimization, as well as fleet management.

Then, what are some of the types of data generated by cars?

Types of Car Data and Their Uses

1) Driving behaviour
The cameras, radars, and lidar sensors equipped around the vehicles contain information on the vehicle’s speed, acceleration, braking, and steering. Such big data can be collected and used to enhance the driving assistance systems and improve responsiveness in emergency situations. These can also be used by taxi and rental companies to manage their fleet, making sure that drivers operate the vehicles safely. Lastly, insurance companies can use them to calculate highly accurate insurance premiums to better serve its customers.

2) Vehicle condition
The ECUs can provide critical data on a vehicle’s health condition. Information on tire pressure, wheel alignment, engine status, as well as other measures can be used to indicate the vehicle’s health, so that maintenance and repairs can be done immediately, eliminating any underlying safety hazards. Such information can also be collected by OEMs to improve their vehicles’ quality and performance.

3) In-vehicle services
Other data generated from in-vehicle infotainment systems may not be directly related to driving, but do contain sensitive personal information such as contacts, calls, and messages. Data on the usage pattern of mobility services, such as frequently visited locations, parking lots, gas stations, are also collected so that third-party service providers can use them to offer more personalized services and seek for new business models, such as smart parking and pay-as-you-go services.

How Are Car Data Shared with Outside Entities?

Many OEMs would ask consent for the car owner to share the data generated by the cameras, sensors, and ECUs to enable better driving experiences for the future. For example, the BMW Group collects telematics data generated from BMW and Mini vehicles (only under consent), and stores them in its data center to further expands its services.

Cars can also connect to the Internet directly. Many cars today are equipped with a SIM card slot, allowing the owner to subscribe to cellular internet service for in-vehicle infotainment. This allows the vehicle to receive live updates for its navigation system, allows the passengers to stream music with the car, as well as using it as a Wi-Fi hotspot to power other mobile devices on board.

Lastly, car data are a crucial asset for autonomous driving. V2X (vehicle-to-everything) systems not only shares the vehicle’s location, speed, and direction with other vehicles on the road, C-V2X technology will soon allow the onboard units (OBU) to communicate directly with the cellular network. This would lead to an explosion of transportation and mobility data.

How to Keep Car Data Safe?

Due to the sensitivity of car data, safeguarding data privacy comes as a prerequisite for connected cars. This means that drivers can rest assured knowing that their cars are much better at protecting their data than their computers at home. To protect car data from unauthorized access, authentication and encryption technologies are used to ensure that the sender and receiver of car data are properly authenticated, and that the data stored in the servers are safely encrypted. These security technologies are usually embedded in the ECUs and other onboard units such as the infotainment system to not only ensure data privacy, but also to make sure that these data are not altered or manipulated to cause physical harm.

AutoCrypt V2X and AutoCrypt PnC are software-based security solutions that are built into the chipsets during the manufacturing stage, protecting data privacy in the age of connected mobility. Working with chipmakers around the world, AUTOCRYPT is a major mobility security supplier for some of the world’s largest OEMs.

To keep informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

27 January, 2021 . 6 mins read

The Role of Machine Learning in Strengthening Autonomous Vehicle Security

With Tesla considered one of the best bubble stocks for 2021 (shares soared 743% in 2020 and made Elon Musk the richest person in the world for a few days), the company is at the center of people’s attention as it’s been evolving on a very public stage. While the market indicates an increasing interest in autonomous driving, AAA’s 2019 annual vehicle survey found that 71 percent of Americans are afraid to ride in self-driving vehicles, especially after several high-profile incidents came to light the past few years.

The statistics above suggest that we may still be a few years away from driving fully autonomous cars. For self-driving cars to be fully autonomous, they need to deploy technologies such as RADAR (Radio Detection And Ranging), and LiDAR (Light Detection And Ranging) as well as algorithms to detect and respond to surroundings.

Can Autonomous Vehicles Be More Dangerous Compared to Traditional Vehicles?

Autonomous vehicles can be much more vulnerable than other devices we use in our daily lives as they utilize a combined deployment of various sensors and vehicle-related technologies. It’s known that even a single vulnerability can allow hackers to exploit the entire vehicle – meaning hackers may not only gain access to the operating system but possibly the entire network as well.

What’s more, autopilot has helped set the standard for numerous autonomous vehicles and gave a taste of what self-driving cars will be like in the near future. However, experts at the Tencent Keen Security Lab demonstrated that they could remotely compromise the Autopilot system on a Tesla vehicle. Even though the bug was promptly fixed after the presentation, this situation sheds some light on the potential for exploitation. As autonomous vehicles rely highly on “connectivity” itself, there’s no doubt that hackers see autonomous vehicles as tempting targets that contain countless amounts of data that can be used to exploit the system, which in theory could end up destroying every single aspect of the vehicle.

That is why in-vehicle security and the complexities involved have been the major focus of any discussion about autonomous vehicles. In-vehicle security isn’t just about protecting and securing the autonomous vehicle itself, but rather about mitigating as many risks as possible through the delivery of a comprehensive and holistic approach to automotive driving security.

How Can Autonomous Vehicles be Secured?

In order to secure the whole autonomous driving process, an important fact needs to be emphasized; these vehicles aren’t like the traditional ones out there. The complexity of autonomous vehicles makes it far more difficult to fully secure the vehicle – though it’s not impossible – and the only way to do that is by prioritizing security.

One possible solution is in-Vehicle Security (IVS) which is the car’s first line of defense that helps protect vehicles from external threats, monitors all relevant communications, and responds to any abnormal activity. As a result, deploying IVS is what’s most important in securing the vehicle. IVS needs a reliable Intrusion Detection System (IDS) that provides the security modules needed to guarantee safe communications between Electrical Control Units (ECUs).

Additionally, with the adoption of new regulations, it’s important to make sure that your provider is prepared to meet the requirements of WP.29 along with other industry standards of deploying a system that secures communication between vehicles, devices, and infrastructures.

This is where machine learning comes in.

How Can Machine Learning Enhance the Security of Autonomous Vehicles?

Machine learning is the process of using, storing, and finding patterns within massive amounts of data, which can eventually be fed into algorithms. It’s basically a process of using the data accumulated by the machine or device that allows computers to develop their own algorithm so that humans won’t have to create challenging algorithms manually.

With all the features and applications of machine learning, it’s easy to understand how our collected data are stored and used via a proper platform which in turn analyzes logs and patterns. In this way, this platform can warn and even mitigate risks occurring within the vehicle.

In other words, once the logs are collected and stored, machine learning technology can start analyzing and detecting these logs to see if there are any abnormalities. As machine learning enhances the detection model, it develops algorithms that can be used to detect malware activities and unusual behaviors of the vehicle. This process enhances the driver assistance technology by classifying the right data and patterns through various sensors attached to the vehicle.

Moreover, thanks to the advances in wireless technologies, a vehicular (ad-hoc) network is being formed among moving vehicles or RSUs (Roadside Units) and other communication devices. This network is considered a proprietary system that is seen differently from average computer networks, making it easier to predict the movements of vehicles. Machine learning can be employed in training algorithms from the very beginning to detect malicious exploits by differentiating normal from acute driving behavior which alerts the driver and prevents an attack.

In order to realize this, NXP is taking the lead in manufacturing microcontrollers with AI and machine learning capabilities that can be plugged into the OBD-II port. This not only observes but also allows the device to capture the vehicles’ data patterns to detect and monitor any abnormalities. Once it’s monitored, the microcontroller basically tries to prevent and alert the driver and becomes the replacement for traditional algorithms employed in vehicles.

Autonomous Driving is Not the Distant Future

It’s important to realize that autonomous vehicles that aren’t prioritizing security will cause far more serious consequences that involve physical harm or could even be abused by rogue nations and terrorists that are looking to cause chaos. Therefore, different security technologies must be considered when designing the security architecture from the very beginning.

Also, machine learning can become an essential tool for OEMs, Tier-1 suppliers, or manufacturers that are looking to secure their autonomous vehicle and driving-related resources. After all, the new transportation system will need a total security solution that covers from intelligent transport system to in-vehicle, charging and connections security.

AUTOCRYPT’s Automotive Cybersecurity Solutions

AUTOCRYPT provides a total vehicle security solution that secures all parts of a vehicle by providing various security modules such as firewalls, authentication systems, to secure the vehicle from end to end.

To keep informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

19 January, 2021 . 7 mins read

DSRC vs. C-V2X: A Detailed Comparison of the 2 Types of V2X Technologies

A Beginner’s Guide to V2X

V2X (vehicle-to-everything) is an umbrella term that is used to refer to a vehicle’s communication with all other entities, including other moving and parked vehicles, pedestrians, traffic signals, road signs, construction sites, and many more. A vehicle communicates with the outside world in two ways: 1) by receiving physical feedback from the lidar sensors equipped around the vehicle, and 2) by wireless communication that sends and receives messages to and from other entities. These two methods complement each other to complete the autonomous driving experience. For example, lidar sensors provide feedback from the surrounding environment to detect any immediate threats, while messages regarding every vehicle’s location, speed, and direction from as far as 300 meters can be obtained through wireless communication so that the car can adjust its behaviors far ahead of time.

Lidar sensors provide one-way communication, in which the car receives information from its surroundings by physically illuminating them with laser light. By contrast, wireless communication technology enables two-way communication, so that the vehicle not only receives information, but also sends messages regarding its behavior to all other certified entities. Today, the term “V2X” is mostly used to refer to the latter – wireless vehicular communications.

V2X technology significantly increases a vehicle’s autonomy. For instance, by communicating with traffic signals, the car receives real-time information about when to stop at intersections. By communicating with the pedestrians’ mobile devices, the car can stay ahead of itself to prepare to stop for jaywalkers. By communicating with construction and accident sites, the car can look for the nearest detour to avoid getting trapped in traffic jams.

Note that V2X must be complemented by lidar sensors because even though it provides perfectly accurate information, it is not capable of detecting entities that are not equipped with communication technology, such as an old conventional car or a rock on the road. Thus, the importance of cameras and sensors must not be neglected.

In this post, we will take a deeper look at the two different V2X wireless communication technologies currently used by automakers and infrastructure developers across the globe.

DSRC (defined by IEEE 802.11p: WAVE)

DSRC was first introduced as a V2X technology in the Institute of Electrical and Electronics Engineers (IEEE)’s 802.11p standard, a vehicular communication protocol intended for adding wireless access in vehicular environments (WAVE). As the first communication standard for V2X, WAVE uses WLAN technology to establish dedicated short-range communication (DSRC) channels so that the vehicles can communicate directly to other entities within short to medium ranges (typically 300 meters). Despite WAVE being the official name of the protocol, many still refer to the technology as DSRC to describe the underlying mechanism. In fact, many industry experts would use the terms DSRC, 802.11p, WAVE, or WLAN-based V2X interchangeably to refer to the same thing.

DSRC is essentially a modification of Wi-Fi. The technology was considered a huge breakthrough in the automotive industry because it allows for data to be transmitted between two devices without going through any intermediaries, making it highly useful for rural and remote areas without any telecommunication infrastructure. This is like sending a text message to another phone 300 meters away without the need for cellular network coverage. Moreover, DSRC is known for having very low latency due to the elimination of the intermediary.

After its initial approval in 2010, DSRC went through years of testing before it was first deployed in selected Toyota vehicles manufactured in Japan in 2015, and later adopted by some Cadillac models in the US in 2017. In 2019, the Volkswagen Golf 8, one of the most popular cars in Europe, became the most sold V2X-enabled car in the market.

C-V2X (defined by 3GPP Releases 14, 15, 16)

Introduced soon after DSRC, C-V2X is another vehicular communication protocol developed for V2X. Defined by the 3rd Generation Partnership Projects (3GPP), C-V2X utilizes cellular radio instead of WLAN, meaning that it utilizes the same set of cellular radio technology as cellphones do. The major difference that sets C-V2X apart from DSRC is that it allows both direct and indirect communication. In direct C-V2X, vehicles communicate directly with other vehicles (V2V) and roadside units (V2I) the same way as how DSRC works. Under indirect C-V2X, vehicles communicate with other entities indirectly via the cellular network (V2N), which is something DSRC cannot do.

Indirect C-V2X is useful because the cellular network can collect data from many cars, and thus can be more effective at managing traffic on a larger scale. Originally designed in Release 14 to use the LTE standard, 3GPP later added compatibility for 5G and 5G NR in Releases 15 and 16.

Even though DSRC had been gaining ground in Japan and Europe, C-V2X is becoming increasingly popular in the US, China, and other regions of the world. Furthermore, C-V2X has won support from many professional organizations such as the 5G Automotive Association (5GAA) based on its advantages to DSRC. Then, what are some of the pros and cons of C-V2X when compared to DSRC?

On the pros, supporters of C-V2X generally suggest that cellular radio technology has better growth potential for faster speeds and higher reliability. This means that looking at the long-run, C-V2X is more sustainable as it offers a long-term path for constant improvements. Moreover, the ability to connect to the cellular network could create a much smarter transportation system. Lastly, the price of cellular chipsets is cheaper than that of WLAN chipsets.

On a side note, some uncontrolled experiments show that direct C-V2X offers greater range than DSRC. But this is not scientifically proven, and that the 300-meter range of DSRC is more than enough for autonomous driving purposes.

As for the cons, supporters of DSRC believe that switching to C-V2X would delay the rollout of autonomous driving because DSRC is a more mature standard, proven to work in large commercial settings. C-V2X is still undergoing its final testing stage when it comes to large-scale deployment, and indirect C-V2X does not look like it will be ready for commercialization until at least 2024, though direct C-V2X is on schedule for commercial deployment in 2021.

DSRC and C-V2X Compatibility

At the end of the day, both DSRC and C-V2X have the same use cases, meaning that the real-life application is the same across both standards. Despite all the rhetoric from both sides, there had been no side-by-side testing proving that one performs better than the other in application.

Due to a lack of statistical evidence on the performance side, the industry has slowly shifted to prefer C-V2X as it exhibits better long-term prospects. The problem is that because DSRC and C-V2X run on different communication technologies, the access layer is not interoperable. Automakers and infrastructure developers face the difficult choice of adopting one or the other in their infrastructures.

The good news for automakers is that many chipmakers have started manufacturing dual-mode chipsets that are compatible with both standards, helping those undergoing the transition.

In terms of infrastructure developers, many of those with existing DSRC infrastructures are now working to add cellular network connectivity to them by combining them with indirect C-V2X.

The Role of Cybersecurity in V2X

Regardless of the communication technologies used, cybersecurity is an integral component of V2X. AutoCrypt V2X is a security solution that embeds itself in V2X chipsets, protecting the V2X system with both authentication and data encryption technologies. It ensures data integrity by verifying every entity to ensure they are who they claim to be, and protects sensitive information by encrypting the messages in transmission. Working with chipmakers around the world, AutoCrypt V2X is currently active in a number of C-ITS projects and is major supplier for some of the world’s largest automakers.

To keep informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

15 January, 2021 . 5 mins read

3 Ways of Testing Automotive Cybersecurity Management Systems

The future looks bright for connected and autonomous vehicles (CAVs) – in fact, analysts at McKinsey say that by 2030, 45% of new vehicles will be at SAE level 3 or higher, with market share value at 450 to 750 Billion USD. But as the market grows, so does the risk for cybercrime for new automotive technologies. This is precisely the reason that governments and manufacturers are on edge, implementing regulations like the 2020 WP.29 regulations mandating cybersecurity management systems be in place. In the next couple of years, manufacturers will have to ensure that their vehicle models meet the requirements to obtain type approval for cybersecurity measures. However, what many tend to forget is that implementation of cybersecurity management systems (CSMS) is not the end of the road. Testing is a major part of ensuring that the CSMS is fulfilling its duties. After all, there is really no point in implementing a system if you cannot be sure that it is working properly.

Here are the tests that will help make sure that the CSMS is really safeguarding your vehicle, defending your car and its systems from potential attacks.

1) Vulnerability Scanning

In any cybersecurity management system, assessing and mitigating any vulnerabilities is a key responsibility to ensuring that the product is functioning at the maximum secure level. Vulnerability scanning is not a one-stop check, but should be executed at each level of the product development process to allow for maximum mitigation and comprehensive analysis of additional threats.

Now, there are two specific testing analyses that should be taken note when vulnerability scanning, and both are just as important.

Software Static Testing

Software static testing is testing the source or object code without executing it to find and eliminate errors or ambiguities. It is usually done in the early stages of development. This step is crucial as it can uncover major issues like leaks, buffer overflows, and deviations from standards. Because testing is done at an early stage, it can ward against increased development timescales, and allow for fewer issues to be found at later stages of development, which can often be much more costly and time-consuming to fix.

Software Dynamic Testing

Static testing’s counterpart, dynamic testing tests with execution of code in order to find weak areas in runtime environments and in the behavior of dynamic variables. The main goal of dynamic testing is to make sure that the system is functioning properly without any flaws. Since the codes are actually executed, dynamic testing can take a bit longer than static testing and can increase the costs of the final product as the flaws that are found will take more resources to mitigate. However, dynamic testing will find the issues that were missed by static testing, usually finding more complex defects.

2) Fuzz Testing, or “Fuzzing”

The next step is “fuzzing” or fuzz testing. Fuzz testing is basically providing “fuzz” or invalid or random data into the application or software in order to monitor for crashes, potential memory leaks, or failed code. Generating this invalid or random data is usually done via an automatic program that generates the fuzz.
Fuzzing can be useful because it adds an element that cannot be generated by a human. However, there are limitations as it usually detects simple or basic threats, meaning it needs to be combined with other testing techniques to fully secure your security management system.

3) Penetration Testing

While fuzzing uses random or invalid data to test the system, penetration testing (also known as “pentesting”) utilizes known cyberattacks or vulnerabilities to initiate simulated attacks, identifying potential vulnerabilities and selecting countermeasures to mitigate those vulnerabilities. Think of pentesting as getting someone to act like a car thief to try to break into your car and gain access: through this “ploy” to take over, the manufacturer can learn a lot about how they can better secure their vehicle’s access systems.

Through pentesting and finding flaws within the cybersecurity infrastructure, manufacturers can upgrade their security systems to remediate any flaws in the system.

Testing is a major part of CSMS; arguably, it is just as important as the CSMS itself. However, as seen through the many different techniques, there is no single test that will ensure that a cybersecurity management system is perfectly foolproof. By utilizing regular different testing techniques like fuzzing or pentesting, manufacturers can ensure comprehensive security. As technological developments are constantly being applied in a vehicle, the system will need to go through multiple rounds and various types of tests to ensure that the risk is as minimal as possible.

If working with a security solutions provider to implement your CSMS, ensure that they will be routinely testing and working with you as the client long-term. For more information about AUTOCRYPT’s testing services as part of our WP.29 solutions, click here or contact us here.

7 January, 2021 . 6 mins read

How Plug&Charge Might Make EV Charging a Lifesaver

Electric vehicle (EV) ownership has grown steadily over the past decade and has begun exponential growth in the past two years, with 2.1 million vehicles sold globally in 2019. By the end of 2019, there were an estimated 7.2 million EVs on the road.

In this blog, we refer to EV as vehicles that need charging, such as battery electric vehicles (BEV) and plug-in hybrid electric vehicles (PHEV). Regular hybrid electric vehicles (HEV) and hydrogen fuel cell electric vehicles (FCEV) are not included in the discussion because they do not need charging. To know more about the different types of EVs, see the following infographic: The Different Types of Electric Vehicles.

Speaking of EVs, the number one concern for most consumers is charging time and range. Presently, battery capacity for sedans range between 40 kWh (Nissan Leaf 2018) to 75 kWh (Tesla Model S 2019). As chargers continue to improve, a typical 43~50 kW rapid charger can add up to 160 km of range in 35 minutes and fill a Model S from empty to full in less than two hours. With 150 kW super rapid chargers rolling out in the market, charging would only take minutes.

However, for many EV owners, gaining access to the charging stations as well as paying for charging become a hassle as they need to sign up for memberships of different charging providers and always carry multiple charging cards. This is where Plug&Charge (PnC) technology comes in. PnC allows for the vehicle and the charger to communicate in real-time, so that the driver can simply plug, charge, and go.

What is Plug&Charge?

Plug&Charge (PnC) is a technological concept outlined in ISO 15118 – the international standard for vehicle-to-grid (V2G) communication interface. Currently applied at many EV charging stations across the globe, it is essentially a secure communication protocol that allows the vehicle to communicate seamlessly with the charging station and the electrical grid.

Generally, two pieces of information are exchanged in these communications – charging-related information and payment-related information. Charging-related information enables the charging station to self-determine how much electricity to fill (or take away), while payment-related information allows for automated financial transactions between the charging station and the driver’s car. This removes the hassle of having to sign up for memberships at different charging providers and having to carry multiple cards at all time. In fact, the driver does not even need to carry a payment card. All they need to do is to register a preferred payment method to their car ahead of time.

Another technical aspect of PnC technology is that it allows for bidirectional charging, so that electricity does not only flow from the charging station to the car, but also from the car back to the charging station and to the electrical grid. This allows for the perfect match between the supply capacity of the electrical grid and the demand from the EVs. We will discuss how later.

Nevertheless, manual charging and conventional identification and payment methods are still supported by charging stations adopting ISO 15118. These methods are referred to as “external identification means (EIM)”.

What Are the Benefits of Bidirectional Charging?

Automated charging and payment help make the EV charging process easier for the driver. But what does bidirectional charging do? With unidirectional chargers, electricity flows from the electrical grid to the vehicle. Bidirectional chargers enable electricity to flow both ways, allowing the vehicle to give electricity back to the grid. The bidirectional charging process between the vehicle and the electrical grid is called vehicle-to-grid (V2G).

Many might ask, why having electricity flow from the cars back to the grids? Indeed, at an individual level, this may seem useless. However, at a regional and national level, this can help balance the supply and demand of energy. The electricity stored in parked EVs is great enough to power a house for several hours. Since an average car is parked (i.e., not in use) for 90% of its lifespan, why not make use of that time to distribute electricity to those in need?

The idea is to have EVs charge during off-peak hours and give back to the grid during peak hours when the demand is high. In simple words, EV can be used like power banks to smartphones, so that parked vehicles can provide the necessary electricity to fill in the demands of peak regions. This would significantly stabilize the electrical grids. Take vehicle-to-home (V2H) for example, the vehicle would charge at night when electricity demand is low, and have the car charge the home during day times when electricity demand is at peak. Many countries are implementing incentives to do so by offering electricity at lower costs during off-peak hours, so that EV owners can save on their energy costs in the long run. In other circumstances, energy credits are offered for the EV owners who give back to the grid, so that EV owners can make some extra money when they are not using their cars.

How Does Plug&Charge Help Save Our World?

PnC will become a crucial component of the energy supply chain when the world transitions to 100% renewable energy. It is not that renewable energies are less reliable, but some types of renewable energies – such as wind and solar power – do not offer constant and steady supply. Natural disasters could also affect the supply of renewable energy. Thus, instead of using non-renewable energy to fill the shortage, these EVs can serve as emergency power banks to the electrical grid during occasional power shortages. As long as the system and infrastructure are managed properly, PnC can help many parts of the world get rid of fossil fuels entirely.

The Role of Cybersecurity in Plug&Charge

The electrical grid is a highly sensitive infrastructure that is critical to daily economic and social activities. This makes them one of the most attractive targets for cybercriminals. Hostile states could attack the grid to trigger power outages. Financially motivated threat actors could attack the grid to steal customers’ personal, financial, and billing data, as well as charging-related information. Therefore, every device that connects to the gird, including EVs and charging stations, must be authenticated in the first place, and authorized before each attempt to connect.

AutoCrypt PnC (formerly known as AutoCrypt V2G) is a mobility security solution that utilizes authentication, authorization, and encryption technologies to establish secured communications between every player involved in the grid, protecting the personal and financial information of the EV owners from leakage, ensuring the proper functioning of the charging and transaction processes by guaranteeing data integrity, and protecting all energy users by safeguarding the power grids from intrusions.

To keep informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.

31 December, 2020 . 6 mins read

Top 5 Driverless Mobility Services in 2021

The automotive industry and the tech industry have spent the past five years developing and testing technologies for autonomous driving. As automakers (OEMs) focus on applying autonomous driving technology into our daily cars, tech startups are focusing more on leveraging the technology to provide driverless mobility services. Despite using the same set of technologies, their target markets are quite different because they serve different purposes.

Note that full automation does not necessarily mean driverless. In the consumer car market, the demand for eliminating the driver’s seat and steering wheel is low because the driver is most likely the car owner, and that the car owner would still likely want to take control and enjoy driving from time to time. As such, autonomous driving technologies are mostly used to assist the driver, not to replace them. However, this could change soon as people slowly adapt to the trend.

On the other hand, eliminating the driver’s seat and steering wheels brings significant benefits to the mobility services market because it allows the vehicle to carry more passengers and goods while saving on the cost of hiring drivers.

In 2021, the mobility service industry is expecting to see an initial wave of fully autonomous (SAE automation level 4 and 5), driverless vehicles hitting the road. Most of them are used to provide ride-hailing, ridesharing, and delivery services.

In this blog, we will take a closer look at a list of some of the early pioneers in driverless mobility services, along with their current standings in 2021.

Zoox (subsidiary of Amazon) – United States

Zoox is an autonomous driving technology startup founded in 2014 and sold to Amazon in June 2020. After six years of R&D along with prototype testing, it has finally put its robotaxis into production and revealed them on San Francisco streets in December 2020.

The newly introduced robotaxi is designed to provide ride-hailing services, tailored for crowded city streets. Looking at the specs, it is an all-electric four-wheeler with a maximum capacity of four passengers, equipped with eight LiDAR systems all around the car. The main features that set Zoox apart from its competitors is four-wheel steering and bidirectional driving. Built with four-wheel steering, the vehicle’s front wheels and rear wheels move in opposite directions to maximize turning angle, so that U-turns can be done on two-lane streets that would normally need a three-point turn. Additionally, the vehicle is bidirectional so that pickups and drop-offs can be done seamlessly.

Zoox also claims that its vehicle can travel at a top speed of 120 km/h, currently the fastest in the industry. Presently at its final testing stage, the company is preparing to launch a mobile-based ride-hailing service starting out in San Francisco and Las Vegas.

Waymo (subsidiary of Google) – United States

Beginning as the Google Self-Driving Car Project in 2009, Waymo has gone through intensive research and testing over the past decade. On October 8, 2020 – after 30 million kilometers of road testing, including tens of thousands of kilometers of driverless testing – Waymo finally introduced its first driverless ride-hailing service to the public in Phoenix, Arizona. Its mobile app is available for anyone to download, allowing anyone under its service area to enjoy driverless rides.

Instead of manufacturing their own vehicles, Waymo collaborates with several automakers to develop customized vehicles for their services. The company is currently on its way to expand the coverage of its ride-hailing service to other US cities soon. As of the end of 2020, Waymo is the only driverless passenger vehicle in the world that is under full commercial operation.

Nuro (backed by SoftBank) – United States

Founded by two of the founding engineers of Waymo, Nuro offers delivery services using driverless, all-electric vehicles. Less than two years after the initial launch of model R1 in December 2018, model R2 was finally released in 2020, and became the first autonomous vehicle to receive an approved exemption issued by the US Department of Transportation (DOT) and the National Traffic Safety Administration (NHTSA). This means that Nuro can now expand its coverage to a greater number of US cities.

Model R1 has completed various driverless delivery services by teaming up with Walmart and Domino’s to deliver grocery and pizza to customers in Houston, Texas. Today, Nuro’s R2 is currently operating in three US states – California, Texas, and Arizona. It has been delivering food and medical supplies to patients and doctors during the COVID-19 crisis.

AutoX (backed by Alibaba and SAIC Motor) – China and United States

As the only Chinese firm on the list, AutoX is backed up with investments from Alibaba and SAIC Motor. In December 2020, the company deployed 25 driverless robotaxis on the roads of Shenzhen, China, for final stage testing, making it the first driverless vehicle to go on Chinese streets without the safety driver.

Chinese autonomous driving tech hubs like Shenzhen, Shanghai, and Wuhan are rapidly putting up 5G infrastructure and offering subsidies to welcome robotaxi companies to set up their services. This is part of the Chinese effort to compete with Silicon Valley. Nevertheless, AutoX also obtained permits from California in December 2020 to test its robotaxis on American roads.

Like Waymo, AutoX’s vehicles look just like a regular passenger car from the outside. AutoX has not announced when these vehicles would be ready for public use, but Chinese consumers should expect driverless mobility services in the very near future.

Cruise (subsidiary of General Motors) – United States

Cruise is another autonomous driving startup owned by General Motors. Following Waymo, Zoox, Nuro, and AutoX, Cruise became the fifth company to receive a permit from the State of California for driverless vehicle testing without the safety driver. In December 2020, the company also started testing its driverless vehicles in San Francisco. Cruise expects to slowly increase the number of vehicles on the road over 2021 while preparing them for commercial use.

The Role of Security in Driverless Mobility

Safety is the number one priority in the development of driverless vehicles. Not only must these vehicles function properly, but they also need to withstand cyberattacks. This is why all V2X communications must be secured with the security credential management system (SCMS). By issuing enrolment certificates to each member of the V2X network, as well as authorization certificates for each communication message, AUTOCRYPT V2X takes charge of the security aspect of all autonomous vehicles.

To keep informed with the latest news on mobility tech and automotive cybersecurity, subscribe to AUTOCRYPT’s monthly newsletter.