Apps Become Spanners For Driverless Cars, Says BlackBerry

The days of aftermarket, do-it-yourself repairs could come to an end as automakers strive to secure their vehicles from an onslaught of cyber-security threats.

Depending on the make and model, minor repairs (such as changing a light bulb) have already become too difficult for the average driver to execute. Automakers might eventually lock down their cars entirely, preventing consumers from performing any kind of maintenance.

“I think it’s going to get worse for the consumer than it is today,” said John Wall, senior vice-president and co-head of BlackBerry Technology Solutions (BTS). He added that he can currently visit any auto parts store, pick up a component and pop it in but he expects automakers to eliminate this freedom. “In the future you won’t be able to do that. You’ll get a module, it’ll have a certificate and need to validate against something within the vehicle. If it doesn’t get validated it’s not going to work.”

Engine chipping would then become a thing of the past, along with numerous other tweaks. This is likely to be a huge disappointment to petrolheads who had planned on modifying their cars for years to come. For everyone else, there might be an easier (if not more expensive) alternative: an app store.

“We’re not talking about OpenTable or Yelp in the infotainment system,” said Wall. “We’re talking about the car being an app ecosystem and the need for standardized software throughout the vehicle. As the vehicles are evolving from these small ECUs to these domain controllers, we are seeing that more and more.”

Wall jokingly referred to this concept as “Android for the car – except that it has to be safe, secure and reliable, everything that Android is not”. He sees is this as a bigger story than autonomous driving, which is still years off and continues to be plagued by delays. “This is how the car companies are going to monetize services into the car,” he said. “They’ll be able to sell features that you didn’t buy at the dealership.”

Those features could include auto brand-produced options, such as ADAS, or third-party offerings like user-based insurance. Long-term, app developers are likely to get as creative as they have when building software for smartphones and tablets. “Being able to monetize the data from the vehicle and selling apps to the vehicle, that’s where the future is,” said Wall. “That’s why Google, Baidu and Alibaba want to get into this game. Not because they want to sell low-margin, high-liability products that are cars.”

Assuming the apps are appealing enough, the average commuter might forgive carmakers if the components are no longer accessible. This strategy already worked for smartphone manufacturers. Apple and Samsung are among the companies that locked their hardware by soldering and gluing components to the point where they are no longer user repairable. Most people didn’t seem to care.

Of course, if all modifications are done though apps and all repairs need automaker approval, it will be very clear who benefits the most from this transition. Wall isn’t sure that’s the motivation behind the concept, however. “The motivation I see is one way to secure your system,” he said. “If all modules in the car have to authenticate to a master authenticator, then I know I’ve got the right parts in there and somebody hasn’t tried to tamper with it. Is some bean counter going, ‘Oh by the way, we can make sure aftermarket parts are never used’? I’m sure somebody is thinking about it but the guys I’m having discussions with, it’s about security.”

Security may not end at the vehicle level. Just as corporations hire companies and teams of individuals to monitor their networks, automakers might, ultimately, do the same to keep an eye on their fleet of AVs. “Vehicle health monitoring – you can be sure there will be a lot of start-ups trying to do this,” Wall affirmed. “Is the car in good shape? Does the software look how it’s supposed to look? Is it running the right version? Do we have the right certificates? Are there any vulnerabilities that have been identified within the car? I think that’s going to be a thing.”

Not all security measures are being embraced, however. Wall believes that while carmakers have upped their game, they aren’t eager to spend a fortune on every concept developed. “There are a lot of very specialized security companies doing things like binary sealing, where if an application running on the car gets modified, it knows,” he said. “Nobody is buying these things.”

Niche security concepts might become more relevant in the distant future but for now automakers seem to be content securing their cars in other ways. “With a lot of these security companies that I see, there’s a lot of overlap in what they’re doing,” said Wall. “I say, ‘What do you think you’re going to get?’ They say, ‘Oh, we think we can get five bucks an ECU.’ I’m thinking, ‘You don’t know this industry, you’ll be lucky if you get five cents.’ A lot of them get bought out by a Tier 1.”