Automotive Ecosystem Series — Chapter 5: Mobility Platform Specifics — Privacy, Security, and Life
Cars are life-critical applications. That’s why, successful digital transformation strategy is crucial to the long-term growth of any automaker. Implementing advanced technology in the automotive industry requires a clear understanding of the challenges so you can create a strategic plan and follow it with the help of professionals.
If you’re just joining us, I highly recommend you start from the beginning to discover why you need digital transformation, make the right OEM growth choices, understand the underlying features for success, and get tactics for implementing your strategy. By reading about the generic aspects of platform conversions, you’ll be able to gain a clear perspective to dig deeper into the specific features of mobility platforms and how they’re impacting your enterprise strategies.
These days, cars are more than just a way to get to work or the grocery store. They’re versatile products that have their own unique features. These features have a great impact on the design of platforms that incorporate safety-critical applications, have a high state of autonomy, and are aimed at global as well as local markets.
Life-critical app security
Cars are now seen as life-critical systems that must be designed with the safety of drivers and passengers in mind. Likewise, any platforms aimed at servicing automotive OEMs should also be focused on safety and security. Data collection pipelines, data processing, analytics tools, and client authentication and authorization procedures must meet the strongest security standards, such as ISO 27001 and TISAX. These issues are by no means less important, as with cars we’re dealing with people’s privacy, security, and lives rather than simply meeting PCI DSS standards as a payment provider.
The problem is that the crucial aspect of security in mobility seems to be largely overlooked by carmakers. Any OEM will be concerned about security application standards such as ISO 26262, which relates to driving controls, sensors, and instrument clusters. Meanwhile, anything related to connectivity, data processing, and the user experience is wrongly considered of less concern.
Having your vehicle’s control system on the same connectivity trunk as ECUs and virtualization systems is potentially a huge security vulnerability for all intra-car applications. Most importantly, it could risk the safety of passengers, and should be treated with extreme caution. Cloud systems, as the source of highly sensitive private data, must also remain under a vigilant eye, especially in cases of car sharing with multiple tenants and open environments. Safety and standardization in mobility networks are the key to customer satisfaction.
What must be done?
Open systems should remain in the hands of professional service providers that are able to establish, enforce, and control high security standards. Unfortunately, no OEMs or Tier 1 companies currently possess this kind of skillset, nor are they ready to consider all of the security requirements and absorb their costs and the implications of not following them as an integral part of their future mobility offering. Specialized third-party services like the HERE Open Location Platform are one of the best choices to address this issue. I’ve come to this conclusion by helping my company’s clients overcome many obstacles through the HERE OLP application while keeping costs in check.
Connectivity as a stumbling block for mobility platform development
Vehicles are a highly mobile product that can be used in rural areas with low or no network connectivity, creating the challenge of functioning off the grid. On the other extreme, high-density city traffic creates a huge challenge for system throughput. It looks like none of the current application protocols deals with these two aspects of autonomy equally well. The introduction of 5G as the transportation connectivity standard looks set to bring an end to this issue. With 5G technologies, autonomous vehicles (AV) will be able to link in P2P mode (forming mesh networks), making data easily available and interchangeable while establishing wide coverage using alternative frequency bands. Still, none of the existing protocols, including those developed by automotive newcomers such as MQTT as well as IoT-related companies, can properly address this mobility feature.
What’s the solution?
Let’s think about what features make enterprise mobility platforms effective. The idea I have in mind is to gather all industry-specific protocols and define your own that will incorporate all key features — highly distributed, seamlessly integrated into 5G networks, low latency, secure, transmission-free — to create an integrated mobility platform. I’ve previously explored some of the use cases in my article on merging AI and blockchain.
IoT integration as a chalice of salvation
As I’ve seen through personal experience, integrating IoT in an urban mobility platform can resolve many data transportation issues. Recipe-like automation (think IFTTT) seems to has gotten great traction and positive feedback from home automation enthusiasts. It provides value for non-tech savvy users as well, since people tend to think using the “if this then that” logic.
Enabling such protocols on mobility platforms using the constrained application protocol (COAP) is a trivial task now. Handling these recipes, especially combined with smart contracts, is the future of mobility transportation technology, and it may open up a realm of opportunities for platform providers.
Overcoming dependency on local legislation
Another aspect of future mobility is local dependency. A customer’s location and data privacy seem to be of paramount importance. The use of personal data and the inherent interest of users, businesses, and government agencies in it is another issue that must be accounted for. At this point, it’s hard to grasp how technology can cope with the increasing abundance of security regulations and personal data protection laws. Recent EU GDPR rules seem to invalidate many successful models on the market, as any user may deny the use of their personal data by third parties.
Although GDPR is mostly related to users’ data, the question remains how this legislation will treat data on the movements of autonomous shared vehicles. We’ve discussed how current automotive certifications have bid their farewell. But overall, the effect on the industry remains to be seen. Still, a sufficient level of flexibility in data location, access, and storage policies must be in place for any future mobility platform to be successful in its global coverage campaign.
What’s next?
In the next chapter of our series, we’ll focus on payment features and my view on the future of the mobility economy. Want to be among the first to read it? Subscribe to my Medium channel to be in the automotive loop.
