This time, I got to speak to Beth Cornils. She has a pretty cool job that involves making IoT cars safe!
Kim Crawley: Hi Beth! Tell me about what you do.
Beth Cornils: I am a product manager for an autonomous vehicle company. Prior to that, I was the security product manager at Puppet.
KC: What does Puppet do?
BC: Puppet handles infrastructure as code, thereby allowing using to automate processes and make sure they are staying in their intended state. We layered on tracking changes and integrating with security companies such as CloudPassage, Cyberark, and Conjur.
KC: Are the cars your current employer produces IoT?
BC: At Polysync, we are more in the IoT category. We can build a car for users, but we tend to build the middleware such as harnesses. In testing , we use joysticks, so I have literally been a back seat driver in an enclosed space while testing code. It’s pretty amazing thinking about the math and safety issues we need to take into consideration when assessing autonomous driving. We noticed a lot of autonomous driving companies focus more of the flash. At Polysync, we’re working on safety-critical software for producing autonomous vehicles and providing tools and platforms to enable others to build safer autonomy systems.
KC: What are the biggest cybersecurity risks of IoT cars?
BC: In my opinion, there are a few things. In order to assess and get it right, you need to get your threat model right. Or as right as possible. Cars without autonomy have so many ins already. You need to be aware of those areas like GPS, Bluetooth, and personal cell phones. New cars are basically computers on wheels.
Add (Read more...)
This is a Security Bloggers Network syndicated blog post authored by Tripwire Guest Authors. Read the original post at: The State of Security