This post is also available in: heעברית (Hebrew)

As concerns over security risks for connected vehicles continue to build, an automotive cybersecurity company believes that a branch of machine learning called unsupervised machine learning will help keep threat actors out of the driver’s seats. This field learns from test data that has not been labeled, classified or categorized. Instead of responding to feedback, unsupervised learning identifies commonalities in the data and reacts based on the presence or absence of such commonalities.
SafeRide Technologies has recently launched its vXRay technology for connected vehicles’ security operations center (SOC), which uses unsupervised machine learning technology to provide behavioral profiling and anomaly detection to improve connected vehicle security.
Gil Reiter, vice president of product management and marketing at SafeRide, told searchsecurity.techtarget.com: “The vXRay technology establishes the normal behavior of the vehicle without dependencies or knowledge of the specific electronic control unit properties. Once the behavioral baseline of the vehicle is established, the technology can accurately detect and flag any abnormal behavior of the vehicle system and report the abnormal behavior to the connected vehicle’s SOC for further analysis”.
The machine learning and deep learning technology use an advanced unsupervised machine learning paradigm in a fully autonomous process to establish the normal behavior of the vehicle by looking at the vehicle’s internal network and the communication between the different components in the vehicle, Reiter said. “Unsupervised learning doesn’t require training data for the AI system to be labeled beforehand,” said Saniye Alaybeyi, a Gartner analyst and research director. “Unsupervised learning, in this case, is able to create clusters of vehicle behavior without depending on human-set labels — for example, ECU [electronic control unit] properties.”
Running a supervised learning algorithm of vehicle behavior would require the collection of all the specifications of all the different elements of the vehicle and then feeding all of that information to the AI for it to be functional, Reiter said. It can be a very long and tedious process because vehicles have different components from different vendors.
“In general, the benefit is the ability to detect an unknown vulnerability in the design of the vehicle and, through that, detect a cyberattack or malfunctions,” he said. “From the unsupervised nature, the other benefit is that you can do all that fairly easily, with very little investment from the customer.”
However, many newer connected vehicles and autonomous vehicles, specifically, have a more powerful AI processing engine, such as the Nvidia Drive platform. Such platforms are capable of running the vXRay technology in-vehicle, he said. Gartner estimated more than 250 million connected vehicles will be on the road by 2020. While connected vehicle security is a concern right now, there is broad disagreement about how to improve it, said Michael Ramsey, research director in Gartner’s CIO research group. “You may be able to detect that there is something that has happened, but the detection tends to lag somewhat from the attack. And the real issue is how can you prevent the attack and repair after there is an attack, not so much make the detection,” Ramsey said. This is an expensive problem to fix, especially when there is no current evidence of an issue, he said. No connected vehicle hacks have been observed in the wild, but several security researchers have demonstrated hacks and exposed potential weaknesses in the vehicles, he said.
“The main problem that exists right now in the auto industry is that the car companies cannot calculate a return on investment, and so they are not moving forward with strong cybersecurity,” he said. “What’s going to happen is there’s going to be some very expensive problem that will eventually come up and then, all of a sudden, that return on investment would be calculable.”