Mitigating the risks associated with autonomous vehicles 

According to recent information published by the UK Government’s Centre for Connected and Autonomous Vehicles (CCAV), the CAV market in the UK could be worth between £52 billion and £62 billion by 2035.

Although the scope and potential within the sector is huge, public trust, perceptions, and the prospect of changing daily travel routines and ideologies pose significant challenges. Such challenges are being addressed to successfully implement CAVs, particularly in the context of proving that the new technology is safe.

CAV safety can be considered in the context of an automated vehicle’s physical attributes, or the physical interaction between such vehicles and the real world (e.g., roads, traffic lights, lampposts, and pedestrians). However, as automation technology advances, vehicles are becoming less about getting from “A to B” and more about the convenience of travel and the transfer of data between the vehicle and the road infrastructure. For example, gauging changeable conditions such as congestion, weather severity, lane closures and hazards in the road in real-time are all elements that depend on the effective transmission of data.

Given the complexities around this data transmission and storage, data and technology transfer for in-vehicle and extravehicular communications needs to be robust in terms of cyber security to mitigate risk. Solutions used to strengthen security mitigate threats to systems in several ways, helping make hacking unattractive. Such solutions also mitigate against data spoofing, replay attacks (an attack on networks to delay or repeat data transmission), eavesdropping (theft of information as data is being transferred), and impersonation. It helps maintain the privacy of data and increases difficultly to track a vehicle via its signals.

Maintaining safety through data encryption

Specialist SME Angoka provides embedded hardware-based solutions to mitigate cyber security risks, particularly in the Intelligent Vehicles sector. To test its new Device Authentication Unit (DAU) technology to authenticate and safeguard the identity and communication integrity within the vehicle, and from the vehicle to external sources, the company had to embark on developing a real-word demonstrator.

The SCAV project was launched in October 2019 and provided an opportunity for Angoka to collaborate with WMG. Having recently been completed, the testing phase made up a major part of the project. Carsten Maple, Professor of Cyber Systems Engineering at WMG, University of Warwick, and Principal Investigator for SCAV said:

“SCAV provided an opportunity for WMG to support a promising young company with the development of a unique piece of data encryption technology that could not only accelerate the company’s growth but also prove pivotal to the safety and security of CAVs in the UK. Through our facilities, expertise and experience we were able to successfully collaborate with Angoka, and I look forward to continuing the momentum built within SCAV to help apply academic and theoretical research within an industry context.”

Dr Dan Fowler, Research Fellow at WMG for SCAV said:

“The real-world testing was important to validate Angoka’s device authentication and communication security technology. Not only for the in-vehicle data communications but also Vehicle-to-Infrastructure (V2I) communications.

“To that extent, WMG’s Secure Cyber Systems (SCS) research group was able to support Angoka with a loan of V2I communications equipment to help further develop the IP and provide support towards the real-world testing phase.”

Support from WMG’s Intelligent Vehicles (IV) research group also enabled Angoka to retrofit its Device Authentication Units (DAUs) to the Catapult Open Innovation Platform vehicle and use it to replace the normal unencrypted vehicle control signals with encrypted ones, whilst allowing the vehicle to operate as normal.

The testing during October 2020 allowed the vehicle to operate autonomously with authenticated and encrypted control signals and V2I authenticated and encrypted control signals. This allowed completion of robust field testing, which would be the first real-world demonstration of the SME’s Device Authentication Unit (DAU) technology for in-vehicle and extravehicular communications.

Angoka’s solution uses embedded hardware-based fingerprinting technology, used to generate dynamic, unforgeable identities for the connected devices and encryption keys to encrypt or decrypt data. These look like typical vehicle Electronic Control Units (ECUs) but can replace a normal ECU to provide device authentication and data encryption at the main point of control in a vehicle.

The real-world testing revolved around the usage of the High Value Manufacturing (HVM) Catapult funded autonomous capable vehicle with a Drive-by-Wire (DbW) system, and SCAV prompted the first usage of this facility by an organisation outside of the University of Warwick.

The test vehicle is used to develop and test CAV hardware and software technologies and services. In addition to the DbW system, the vehicle is fitted with a sensor suite (cameras, LIDAR, RADAR, ultrasonics), GNSS, computing hardware, DSRC and 4G. With the support from the IV team, it enabled Angoka to trial its technology in the real world. Dr Graham Lee, Lead Engineer and Technical lead for the Catapult Open Innovation Platform vehicle said:

“The HVM Catapult Open Innovation Platform vehicle was pivotal in supporting the testing phases within the project, and SCAV provided the perfect opportunity to use this technology with industry for the first time. The test vehicle enabled Angoka to physically test their DAU technology on a vehicle to observe and validate the behaviour of their technology in a more realistic operating environment”

In addition to implementing technology to aid testing, the WMG Intelligent Vehicles Research Group provided the expertise to facilitate the testing and analyse the results. When reflecting on the research project, Tim Harrison, Engineering Lead at Angoka said:

“WMG gave Angoka access to top-rated researchers and experts in cyber security and Smart Mobility who provided us with an unbiased and independent assessment of our technology both from a security and practical perspective. This has enabled us to further develop and enhance our technology ensuring its resilience and interoperability within the rapidly evolving Connected and Autonomous Vehicle world.

“Furthermore, access to facilities and resources, such as the WMG test vehicle and open test areas for mobile testing, were essential to demonstrating the practical implementation of our DAU technology.”

Each DAU within a vehicle will generate a unique identity for the device, as well as multiple communication encryption keys. The identities and encryption keys will be stored in a secure chip within the DAU that cannot be copied or tampered with.

The hardware solution utilises the physical characteristic of the device to create an unforgeable fingerprint for the device, and uses Angoka’s S-CAN protocol to generate unique and dynamic identities and encryption keys to authenticate connected devices and data messages (for example, messages to control vehicle braking and vehicle signalling were used during testing).

If that data is manipulated in some way, then the DAU’s fingerprint ensures it becomes invalid. This hardware digital signature is the key to the authentication of the communication and ensures that the contents of a data message have not been altered or changed. Dr Dan Fowler added:

“An autonomous vehicle could be controlled remotely via a V2I message. For example, to slow it if traffic jams are detected. However, if control messages can be spoofed, the vehicle could be made to perform unintended, and potentially unsafe, operations.”

Tim Harrison added:

“Our technology is built around decentralising the authentication and encryption process, meaning we require no central authority to generate and distribute keys. Our approach eliminates the single point of failure and a single point of attack of a central authority.

“Any public key infrastructure (PKI) based system uses asymmetric encryption which has a significantly associated overhead to generate, distribute and manage certificates. Our encryption technology is based on symmetric encryption protocols which with our decentralised mechanism to generate and manage identity and encryption keys eliminates these overheads.”

Bringing Angoka’s technology to market

As well as helping Angoka to establish as a start-up, the collaboration with WMG through SCAV has resulted in several follow-on collaborations to allow the expansion of the team and activities in real-world testing. Angoka has recruited two new staff to broaden its expertise as a result of the project. Shadi Razak, CTO & Co-Founder from Angoka said:

“Testing on the vehicle has helped Angoka commit to further developments, whilst also generating client interest. The testing that was conducted at WMG as part of the project has directly led to several follow-on projects.

“The first is with the Zenzic Testbeds, which will allow Angoka to further expand our real-world testing into multiple autonomous vehicles and urban environments. We have also secured another Innovate UK project in partnership with WMG, BT and other partners to deliver a quantum key distributed autonomous vehicle network.”

The SCAV report, due for completion end of December, will contain the full findings from the testing.  

---------------------------------------------------------------------

Find out more about WMG's Transport research here.