The Commission’s Joint Research Centre (JRC) and the EU Cyber Security Agency (ENISA) published this week a reporton the cyber security risks of artificial intelligence (AI) in autonomous vehicles. The report makes recommendations and advocates a security by design approach in the development of AI functionalities in autonomous vehicles, where cyber security becomes a central element of vehicle design.

By removing the most common cause of road crashes – the human driver – autonomous vehicles should reduce road crashes and fatalities. However, they can present a completely different type of risk to drivers, passengers and pedestrians. Autonomous vehicles use artificial intelligence systems, using machine learning techniques to collect, analyse and transfer data, to make decisions that in conventional cars are made by humans.

Mariya Gabriel, Commissioner for Innovation, Research, Culture, Education and Youth said :

“Autonomous vehicles can only reach their potential in terms of reducing road accidents if they are able to cope with cyber security risks. I welcome this report and encourage car manufacturers, policy makers and researchers to work together to implement its practical recommendations to ensure the safety of future autonomous vehicles. »

These systems, like all computer systems, are vulnerable to attacks that could compromise the proper functioning of the vehicle. The JRC and ENISA report highlights the cybersecurity risks associated with the adoption of AI in autonomous cars and makes recommendations to mitigate them.

Internal Market Commissioner Thierry Breton said :

“Autonomous driving, connected cars, electric vehicles and shared mobility will be key drivers for the car industry in the years to come. We need to ensure that these innovations are safe and reliable from the design stage. Together with Member States, we are putting in place a strong framework to prevent and respond to cyber threats – including a new EU cyber security strategy, a proposal for a revision of the RIS Directive, the EU 5G security toolkit, the European Cyber Security Framework, and others. »

The report recommends systematic safety and risk assessments of artificial intelligence components before and throughout the development process. It also calls for security policies in the field of artificial intelligence and a culture of security, where all actors involved in product development are sufficiently competent in cybersecurity and work together with the common goal of creating a secure product.

Juhan Lepassaar, Executive Director of the EU Cybersecurity Agency said :

“When an insecure autonomous vehicle crosses the border of an EU Member State, so do its vulnerabilities. Security should not be seen as a positive consequence, but rather as a precondition for the reliable deployment of vehicles on European roads. »

The report is available in PDF HERE.

Dede, G., Hamon, R., Junklewitz, H., Naydenov, R., Malatras, A. and Sanchez, I., Cybersecurity challenges in the uptake of artificial intelligence in autonomous driving, EUR 30568 EN, Publications Office of the European Union, Luxembourg, 2021, ISBN 978-92-76-28646-2, doi:10.2760/551271, JRC122440.

Translated from Risques en matière de cybersécurité dans les véhicules autonomes : l’ENISA formule ses recommandations