On the Road to Assured Autonomy
August 17, 2021 | Jim Romeo
AUSVI’s XPONENTIAL 2021 in Atlanta, Georgia, began day one with a focus on technology and an accent on how technology affords assured autonomy. Panelists and speakers focused on the challenge of serving assured autonomy, delving into the processes and methodologies to ensure safe and practical systems for autonomous systems.
Panels tackled the issues via various topics. These included framing assured autonomy and developing ways to best think about assured autonomy. What is the best approach to safety? And how should these approaches influence the development of technology?
Panels also focused on the pervasive issues of cybersecurity. Autonomous vehicles of all types are connected devices that have endpoints vulnerable to security compromise and hacking. What approach should be taken to best address connected devices such as drones and other unmanned vehicles so they are adequately protected? And how can such protection be adequate to afford resilience when it comes to cyber threats?
Framing Assured Autonomy
Dr. James Bellingham is the executive director of the Johns Hopkins Institute of Assured Autonomy and led a panel discussion on framing assured autonomy and the hurdles ahead that stand as challenges to autonomy.
A notable challenge is to consider the wider ecosystem in which autonomous technology works. Uma Ferrel is a principal aviation systems engineer for The MITRE Corporation. When it comes to properly framing autonomy relative to assurance and safety, it’s important to take a holistic viewpoint. This would incorporate not just safety, but behavior, data, measurement and analysis of data, and many other things that make up the extended ecosystem.
“The systems behave in ways that you may not have predicted,” she says. “We should be able to measure how it behaves in real-time as it is changing constantly today. As we collecte data, we measure continuously. Right now, we have data scientists and big data collection analysis that helps us measure things.” Ferrel alludes to the system performance and the importance of knowing its actual performance within a larger ecosystem.
She also points out that the vantage point of performance can’t be limited to just one industry or just one company, but a larger viewpoint of other entities that may interact with the system. This lays a foundation that makes way for right regulation. Overall, Ferrel emphasized the importance of substantiating safety for public acceptance as one that centered on “how to show it, and how can it be measured.” Regulatory bodies and public acceptance are much more amenable to performance that’s based on evidence.
Devin Gladden is the manager of federal affairs for AAA National and raised the importance of public acceptance of autonomous technology – which hasn’t always been so easy. Gladden said AAA conducts annual consumer surveys indicate prevailing anxiety and consumer fear when it comes to autonomous vehicles.
“What we’re finding right now is that there’s still is a whole lot of consumer fear, misunderstanding and confusion about these technologies,” says Gladden. “One thing that AAA is really passionate about is making sure that we’re having a truthful, authentic, honest conversations with folks about the level of technology and what are the possibilities and limitations of the technology. We want to make sure, to the greatest extent possible, that we can really get information out to the public that enhances understanding autonomous technology so they can see the safety benefits of these technologies.”
Connected and Protected
A latter panel focused on cybersecurity and the challenges it poses to engineers, developers, and owners. The importance of the topic has been magnified not only by cybersecurity breaches making the news in the last year, but also more specific cybersecurity events involving autonomous vehicles that made the news.
Erwin Karincic, principal cyber protection engineer with Peraton, highlighted some infamous events that included the hack of an autonomous vehicle using a drone. As he explained, six years ago a hack made the news when hackers were able to demonstrate the vulnerability of autonomous vehicles by hacking into it and operating it erroneously.
Fast forward six years, and the same type of hack was performed – but this time with a drone. It only points to the deepening cybersecurity threats that autonomous vehicles of all types are so vulnerable. He provided other examples of a hacking event where a Tesla was not only hacked but was started with keyless entry and operated.
Andy Thurling is a former U.S. Air Force Test Pilot and CTO of NUAIR. When it comes to cybersecurity, he emphasizes the importance of not only safety but also cybersecurity but discusses it in the context of risk and risk management as it relates to assured autonomy. Safety is good for business, after all, and assured autonomy fits this category. But how do you put a risk requirement on a small or medium-sized business so that cybersecurity requirements are not so onerous on a business that they exit the marketplace, or perhaps fail to take measures because they are onerous.
He says that there are smaller things that make a big difference – a Pareto analysis of sorts – where 20% of certain things can make a significant difference. He points to the topic of passwords.
“Some of my cyber colleagues up in New York found that over 50% of those surveyed don’t change the password from when the device or equipment came to them,” he says. “Something right there is one of the easy things you can do that makes you more careful.”
He says that sometimes we think we’re doing the right thing by imposing a robust requirement. But, he says, small and medium sized companies may not be able to meet that requirement. “They’re going to exit the market or they’re going to operate without meeting an imposed requirement ant they’re going to become that weak link.”
The panel discussion then turned to identity and authenticating identity, keeping the underlying applicability to autonomy as it applies to aviation systems. Dr. Zachary Peterson, head of autonomous vehicle security, WhiteFox Defense Technologies said:
“When we’re talking about identity it doesn’t matter if it’s a person, a drone, or a vehicle. There’s all kinds of forms of identity. It basically boils down to a claim of identity and proving that identity to be true. The truth part is where the hard part is.”
Peterson uses the analogy of license plates for cars. When license plate numbers are assigned to cars, they are done so with authority. If someone were to forge that plate number assignment, there’s authority that regulates and enforce against such forgery. Peterson says that with drones there isn’t quite the same degree of authority. “These are new and interesting challenges that give us exciting opportunities to identity for drones.” He sees a need to authenticate the identity of drones so that whatever a specific drone is saying, is said by that drone and not by another drone.
“One of the things humans have not done a good job is thinking of what the security and privacy of technology developed today, will be in the future,” he says. Developing policies now and into the future are crucial as autonomous technologies come into full swing and mature.
XPONENTIAL 2021 was off to an exciting start with a load of challenges when it comes to assurance, safety, reliability, and the criticality that technology developers must be aware of and reckon with now and into the future. The entirety of collaboration during day one, placed technology front and center of assurance. It put the numerous attendees and thought leaders, however, well on their way on the road to assured autonomy.
- Industry News
