Your role during the stakeholder process is to describe whether the self-driving bus fleet can be designed in such a way to guard against security vulnerabilities. You also must communicate the importance of cybersecurity to a diverse and broad audience. While many of the other stakeholders may advocate for the use of self-driving buses, you need to provide the committee with insight on critical security issues, including the possibility that the fleet might be vulnerable to hacking. Also, many privacy concerns are emerging related to the data collected and used by self-driving automobiles.¹ You are expected to describe and address cybersecurity problems related to the self-driving bus fleet.
As a cybersecurity professional, your main points of prioritization include:
- Identifying and communicating potential vulnerabilities, including the risk that the self-driving bus fleet’s system may be hacked in ways that might compromise the functionality of the vehicles
- Identifying the risks associated with collecting data from bus riders
- Describing the types of harms that could result if the self-driving bus fleet system is hacked
- Describing specific strategies that could mitigate or prevent the security risks
References
- Lim, H. S. M., Taeihagh, A. (2018). Autonomous Vehicles for Smart and Sustainable Cities: An In-Depth Exploration of Privacy and Cybersecurity Implications. Energies 11, no. 5: 1062. doi: 10.3390/en11051062. https://www.mdpi.com/1996-1073/11/5/1062/htm
Supplemental Readings
- Armerding, T. (2019, September 25). How to secure autonomous vehicles of the future, today: Synopsys. Retrieved from https://www.synopsys.com/blogs/software-security/secure-autonomous-vehicles/
- Lim, H. S. M., Taeihagh, A. (2019). Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks. Transport Reviews, 39:1, 103-128, doi: 10.1080/01441647.2018.1494640. https://www.tandfonline.com/doi/full/10.1080/01441647.2018.1494640