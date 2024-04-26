Being a panelist at the recent EETimes Autonomous Tech Forum was a privilege. The panel titled “How to Make AVs Trustworthy and Safe From Cybersecurity Threats” touched on the three critical themes of system-level approaches to AV security, hardware-based security as a foundation, and the criticality of security in supply chains.

First, Securing AVs requires considering the entire system, including hardware, software, and interactions. As a result, security must be built in from the ground up, not added as an afterthought. Attackers will exploit the weakest links, so every component matters. Second, the foundation of such a holistic approach is strong hardware security, as software security measures can never fix fundamental weaknesses in the underlying hardware. We discussed techniques like physical unclonable functions (PUFs), secure enclaves, and hardware root of trust. The third but certainly not least theme was supply chains. Given the complexity of the supply chain required for building AVs, securing the integrity and provenance of hardware components and software is critical. Therefore, critical challenges the industry must address head-on include traceability, trust verification, software bills of materials (SBOMs), and countering threats like counterfeiting and malicious insertions.

