What if an autonomous, driverless, or self-driving car is hacked or its cybersecurity is breached?
In Waymo’s self-driving car design, safety-critical aspects of Waymo’s vehicles—e.g. steering, braking, controllers—are isolated from outside communication. For example, both the safety-critical computing that determines vehicle movements and the onboard 3D maps are shielded from, and inaccessible from, the vehicle’s wireless connections and systems.
Waymo also considers the security of its wireless communication. Waymo vehicles do not rely on a constant connection to operate safely. While on the road, all communications (e.g., redundant cellular connections) between the operations centers and the vehicles are encrypted, including those between Waymo’s operations support staff and riders. Waymo vehicles can communicate with the operations center to gather more information about road conditions, while Waymo vehicles maintain responsibility for the driving task at all times.
These protections help prevent anyone with limited physical access to Waymo vehicles, whether passengers or malicious actors nearby, from impairing or altering the car’s security. Waymo has diverse mechanisms for noticing anomalous behavior and internal processes for analyzing those occurrences. Should Waymo become aware of an indication that someone has attempted to impair its vehicle’s security, Waymo will trigger its company-wide incident response procedure, which involves impact assessment, containment, recovery, and remediation.
Waymo’s security practices are built on the foundation of Google’s Security processes and are informed by publications like the NHTSA Cybersecurity Guidance (Download PDF) and the Automotive Information Sharing and Analysis Center’s (Auto-ISAC) Automotive Cybersecurity Best Practices. To help develop future security best practices, Waymo has also joined the Auto-ISAC, an industry-operated initiative created to enhance cybersecurity awareness and collaboration across the global automotive industry.