The cyber-risk of a connected transport system – is AI the problem and the solution?
Transportation systems of the future will be connected at a scale never seen before. Future transportation systems will encompass a complex data driven ecosystem of interconnected industries across many sectors, covering all forms of transport (road, rail, maritime and air) and a range of associated infrastructures, including smart cities and integrated supply chains.
The role of Connected Autonomous Vehicles (CAVs) are a much discussed important part of this environment, but it is so much more than just driverless cars. It will be ‘driven’ by many other technologies as data analytics, internet-of-things (IoT), and artificial intelligence (AI) and, perhaps most importantly, human factors will still be prevalent.
However, as much as connected transport systems are expected to assist and enrich our existence, the cyber-risk cannot be ignored for at least the following reasons:
- there are many more ports of access than in a traditional computer system due to the large number of connected devices;
- they are heavily data driven due to the nature of AI and IoT, meaning that gaining control of these technologies through knowledge of their vulnerabilities can lead to influence over an entire system; and
- they can still be influenced by unpredictable human behaviour.
This motivates the need for a resilient and vigilant security system. Especially one which can detect behaviours which are exploiting the vulnerabilities in our systems and which can protect the large amounts of data which will be generated on a second-by-second basis.
The challenge is that many modern cyber threat detection systems are limited to specific attack profiles. They are also still vulnerable to human input from malicious individuals who gain access to the system and, rather more crudely, all computer systems can be prone to the difficulties associated with physical attacks on hardware. Can AI, as much as it can lead to problems, also be part of the solution here?
Cybersecurity systems which are driven by AI can be configured to take a more holistic, qualitative approach to threat detection. That is to say, they are not limited to specific attack profiles and, even though they can still be open to human input, using AI to spot anomalous behaviours in a system means it is simpler to detect when a malicious human operative (e.g. a disgruntled employee) has provided input which can be a threat.
In other words, whilst it is fully appreciated that an AI can be intrinsic to a well-functioning connected transport system, a further layer of cyber-threat detection is required. A system which monitors an entire system can utilise the benefits of AI to determine the presence of threats which may not previously have been conceived. This may be by simply looking for anomalous patterns in data and system behaviours.
There is a large scope for innovation in this space, as we move towards more and more connected urban environments and smart cities, each with their own nuances and complexities which require solutions.