Not a day goes by without news of some sort of development in the autonomous or self-driving car space. While the likes of Elon Musk have managed to make the technology mainstream, to the extent that the common man is talking about self-driving vehicles, there’s a lot happeningg behind the scenes that few ever talk about.
One of the biggest concerns with autonomous cars has to be that of security. How do you trust your life to a vehicle that has a mind of its own? What’s to stop a hacker from taking over your vehicle and kidnapping you, or worse, running your car into a brick wall?
Where machines are concerned, trust doesn’t come easy.
To understand this aspect of our increasingly automated world, we spoke to Sanjay Gupta, vice president and India country manager for NXP Semiconductors. NXP brushes shoulders with the best in the semiconductor space and plays a significant role in the design and development of systems for autonomous vehicles.
Safety above all else
As Gupta explains, the most important aspect of any vehicle, of any system that is to be trusted with handling human lives, is safety and security.
The biggest challenge is to ensure that devices have zero defects. “Regardless of innovation, there must always be a fail-safe mechanism”, says Gupta. “You cannot play with human life,” he adds.
With autonomous cars, the challenge is, in fact, heightened. “If a chip fails, the device must still be operational,” says Gupta.
“Functional safety” is a phrase that comes up often during our conversation. NXP’s goal is to develop electronics that are functionally safe under all circumstances, be it internal or external threats and failures.
To that end, Gupta says that there’s a strong need for a global standard. The biggest challenge facing companies right now is on how to develop chips that are functionally safe, chips that will ensure that the requirements of “fail-operational” are met.
Another challenge is that of cybersecurity, which is in some ways an even bigger challenge simply because there are literally no global standards for cybersecurity. Worse still, such threats are “external, intentional and random”. It’s impossible to predict when or how a chip would be vulnerable. “If hackers can hack a car, they can kill people,” says Gupta.
Citing an example of a hack in 2015 where a Chrysler jeep was hacked into, Gupta points out that the hackers, security researchers in this case, had absolute control over the car’s braking and acceleration. The hack was just a proof of concept and no real harm was done to the volunteers in the vehicle, but the demonstration starkly highlights the very real threat that hackers can pose.
In the case of the Chrysler, the researchers hacked into the vehicle via its infotainment system and from there, gained control of the vehicle.
NXP’s work, says Gupta, is designed to avoid such an obvious vulnerability.
Gupta likens the security of a car to the security of a house. NXP considers the car to be a system of interconnected domains, like rooms in a house. To secure your house, you’ll need multiple layers of security. First and most obviously, a lock on the main door. A guard posted to protect that door would also help. The next point of entry could be, say, an unsecured window. What if a thief gets in through your dining room window? Wouldn’t he then have access to the rest of the house? To protect against such an eventuality, it would make sense to also have each room of your house isolated and protected from burglars, limiting the damage they can do even if they do infiltrate your security.
Applying this analogy to the systems in a car, Gupta describes a total of six domains that make up a vehicle.
The first is the powertrain, the system that generates power and delivers it to the road. This domain includes aspects like power delivery, fuel efficiency, etc.
The second and third domain are body and control. This includes the handling of mirrors and wipers and technology that keeps you comfortable and safe.
These, says Gupta, are traditional domains and have remained largely unchanged for decades.
The fourth, and possibly the most interesting domain, is what Gupta is calling the “driver-replacement domain”. This refers to all the sensors and technology that will help replace the driver. Sensors like radar, lidar, microphones, cameras, AI chips, etc. This domain is key to autonomous vehicles.
The fifth domain is the connectivity domain. This describes every mechanism in your car that helps connect you with the outside world. This is another aspect of a car that is integral to autonomous vehicles. “You cannot have a driverless world without a connected car,” says Gupta. And it’s not just internet connectivity that he’s talking about. This domain includes human-machine interactions (using a touch panel, say), infrastructure (gathering and sharing data), etc.
In sum, these are the domains that make up a vehicle.
A cohesive approach to security
There’s also a sixth domain that NXP works on, one that they’re calling the “gateway domain”. Think of this as the gatekeeper that keeps outsiders at bay, the watchman patrolling your fence.
If each of these domains is a room, the security of each of these domains is the responsibility of the gatekeeper. Each of these domains are designed to be isolated from each other and from the rest of the system. These domains can communicate with each other, but only over secure channels.
As with the open window analogy, if, say, your infotainment domain is vulnerable to the world, any damage there must not spread to the rest of the vehicle’s systems.
NXP handles all of this security with dedicated ECUs (electronic control units) and other such chips, but more importantly, it does this with intelligent design.
Gupta notes that the Chrysler hack happened because automakers are not using systems that are designed specifically for vehicles. They’re integrating disparate systems that may not be secure to begin with. “Today’s cars are clustered without any planning. Playing with a lot of consumer gadgets not designed for automotive. They’re a quick addition, but they’re not safe. ” says Gupta.
For safety, it is imperative that everyone involved is complying with safety standards, believes Gupta.
At NXP, Gupta claims that as far as possible, they adhere to the ASIL D standards (automotive safety integrity level), where D signifies the highest level of security. The standard prescribes a secure developmental methodology for chips from the early concept stage all the way to production, ensuring maximum security.
The standard challenges engineers to build a chip that is inherently, architecturally secure. It’s a chip whose foundation is built on security.
Chip design for automobiles also has to deal with a vastly different physical environment. Where your phone only needs to be operational between, say -10 and +60 degrees C, a chip in a car needs to still function at temperatures below -40 and above +160 C. At these temperature ranges, semiconductors don’t behave as they normally would.
A new world order
Gupta thinks that the point when machines surpass human intelligence isn’t far off. In fact, he predicts that by 2020, machines will have an IQ that is a million times better than Einstein’s. He also believes that within 10 years, driverless cars will be everywhere.
This future is inevitable, and it’s necessary to lay the groundwork for such a future right now. NXP at least, believes that it is doing just that.