"Any digital car is going to have issues with CPUs crashing," he said. "I had one of the original BMWs that came with navigation system, and that version had numerous software problems that they eventually corrected. I am sure cars will eventually be on the side of the road due to digital failures too — they may have already."
But, he said the auto industry, like aviation, will, "introduce digital controls into complex systems without incurring catastrophes through effective design and use of redundancy.
"A secure car will start with a security concept we call 'CIA' — not the spy agency, but confidentiality, integrity, availability. That means making sure that the communications channels are restricted to a well-known authenticated server and its failover systems over a secure channel that is always available. This has proven very difficult to do, but has effectively been put in practice already today in many fields," he said.
Kiefer said trust in security will increase with redundancy. "The security system would need to be built upon a secure communication protocol by which only authorized participants could talk," he said.
But, in the event of compromised communication, "a series of checks and balances would need to be put in place using independent verification methods. In other words, if one method tells the car to do something, at least two other methods would validate the requested action using other means to determine if the requested action is safe and secure," he said.
Sign up for Computerworld eNewsletters.