Safety and Privacy in the Internet of Vehicles: An Expert’s Perspective

Josh Joy is a PhD candidate in Computer Science at UCLA, where he focuses on providing privacy and resiliency for the Internet of Vehicles.  Josh has a computer science background and worked at Toyota Info Technology Center, USA in summer 2017 researching connected vehicles.  I recently interviewed Josh to learn more about connected vehicle technology, the Internet of Vehicles, and the impact of connected vehicle technology on self-driving cars.

What is a connected vehicle?

Traditionally, cars provide rudimentary sensors and data, such as gas level and oil changes.  These sensors alert the driver to eventually take action.  The driver, however, is the ultimate decision maker.

A connected vehicle, in contrast, has sensors inside and outside the vehicle.  These sensors communicate data to the vehicle’s software system, to other vehicles (V2V), and potentially to surrounding infrastructure like roadways and traffic lights (V2X).  The vehicle, in turn, makes decisions based on that data as to how to drive and where to go.  Ultimately, human control is removed and the vehicle cooperates with other vehicles to maintain safety and deliver passengers in a timely manner.

Is a connected vehicle different than a self-driving car?

A connected vehicle may not be self-driving and vice-versa.  A traditional vehicle can be connected.  The implication is that a vehicle that is both connected and self-driving should be safer than a traditional vehicle with neither technology.

The purpose of connected vehicle technology is to enhance a car’s safety mechanisms via communication with pedestrians, infrastructure, and other vehicles.  The U.S. Department of Transportation (U.S. DOT) estimates that connected vehicles can eliminate close to 80 percent of crashes involving non-impaired drivers.[1]

For example, vehicles might be alerted about pedestrians crossing the street, infrastructure communication regarding pavement markings, traffic signs, and temporary traffic control, and vehicle-to-vehicle communication regarding sudden braking or intersection collision avoidance.

How do connected vehicles communicate with each other?

The leading technology for vehicles talking to each other relies on Dedicated Short Range Communications (DSRC), a type of WiFi for vehicles.  In December 2016, U.S. DOT filed a Notice of Proposed Rulemaking to enable DSRC communication technology on all new light-duty vehicles.[2]  There are already ongoing deployment efforts in Japan and Europe to equip vehicles with DSRC.

There are competing technologies, such as Cellular V2X from Qualcomm.  The difference between DSRC and Cellular V2X is that Cellular V2X adds the ability to talk to the cellular network.

That said, DSRC has been rigorously specified, tested, deployed since the early 2000s and is available today.  Cellular V2X is still a recently new development.

Other promising communication mediums include visible light communication and millimeter wave communication.  Both of these are more appropriate for platoon style fleets where vehicles communicate directly with the vehicle in front and behind. Millimeter wave has the potential to support the transfer of the large vehicle sensor data and the gigabit-per-second data rates required.

What are the problems with current V2V technology?

There are two pieces, technical and political.

First, V2V communication requires that senders and recipients have the same radio technology.  Adding a radio to a single vehicle will not add any extra capabilities unless another vehicle also has the same exact radio.  Even if a manufacturer deploys radios to its entire fleet, that would not guarantee the activation of collision avoidance as to vehicles made by a different manufacturer.

Thus, deployments are limited for now.  Manufacturers must show that the currently-deployed systems effect some expected number of accident reduction.  Naturally, the deployment process will be gradual.

This is where the political aspect comes into play.  Everyone must somehow agree to use the same radio technology and commit to installing it in all vehicles on the road.  However, there is a chasm between the carmakers and the cellular stakeholders.  Naturally, the cellular stakeholders prefer vehicles to back haul data over their networks in order to generate further revenue.  Carmakers, on the other hand, prefer to avoid the additional latency and expenses by leveraging their own vehicular cloud.

Government regulation has proposed the deployment of DSRC in all new light-duty vehicles because it is one of the first vehicular communication technologies developed, standardized, and tested.  However, it remains to be seen whether the industry will commit to and massively deploy DSRC radios, pursuant to the proposed regulation.

How will connected vehicle technology impact self-driving cars?

Self-driving cars will not fully evolve until they can communicate with each other.  The exponential increase of data capture and sharing in the age of connected vehicles (“Internet of Vehicles”) will overwhelm the current modes of wireless communication, meaning that data computation must move closer to the vehicles, as opposed to solely in the Internet cloud.

The Internet of Vehicles consists of vehicles communicating with each other as well as performing distributed processing among the vehicles (i.e., block chain processing), creating a “vehicle cloud.”

What is the end goal for connected vehicle technology?

Today’s trend is to place computation physically near the data source, as opposed to back hauling large amounts of data to the Internet cloud for processing.  The result will be real-time analysis enabling “smart” everything, including buildings, energy grids, vehicles, and entire cities.

What do you see is the single biggest issue carmakers face in building connected vehicles for mass market use?

Repeatedly, history has shown that while communication networks provide exponential benefits, they also usher in a multitude of security and privacy threats.  The Internet cloud is still trying to catch up with providing adequate security and privacy protection.  There is a lot we do not understand, and we remain unable to confidently prevent cyber-crime, cyber wars, data breaches, espionage, and state-sponsored attacks even on our most “secure” systems.

Connected vehicles will realistically only be fully deployed once these same security and privacy concerns are addressed.  Manufacturers’ primary focus has been on making self-driving vehicles “work,” while not paying close attention to the security and privacy issues.  Given this rushed state of development, it is inevitable that the same cybersecurity issues that plague the Internet of Things will only become amplified in the Internet of Vehicles. 


[1] U.S. Department of Transportation, U.S. DOT Advances Deployment of Connected Vehicle Technology to Prevent Hundreds of Thousands of Crashes (December 13, 2016),

[2] Federal Motor Vehicle Safety Standards; V2V Communications, 82 Fed. Reg. 3854 (proposed December 13, 2016) (to be codified at 49 C.F.R. pt. 571),