Connected vehicles could mean safer roads, but also represent an opportunity for hackers.

You’re heading to work in your new autonomous vehicle, but instead of turning left on the freeway, the car veers to the right and into a dangerous neighborhood.

Right now, that’s a scenario for a scene from a sci-fi movie, but as today’s cars become more and more dependent on digital technology – with the first self-driving vehicles expected to reach production by decade’s end – there’s growing concern about the dangers that hackers will begin shifting their attention from the desktop to the dashboard.

Even today’s cars typically rely on dozens of microprocessors. The majority already have black boxes, much like those on commercial aircraft. And a growing number are starting to be equipped with 4G links that allow high-speed data to flow to and from the car. And all those provide an increasingly attractive target for “the bad guys,” warns Karl Heimer, the senior research director at the Battelle Center for Advanced Vehicle Environments.

“It’s a relatively low risk today,” says Heimer, who has become a leader in cyber security in both the military and civilian sectors. But there’s already a lot of technology in today’s cars, “some of it known to be vulnerable.” And as cars become even more dependent on technology, “You will see an increase in attacks,” Heimer contends.

There have already been signs of trouble. The Center for Automotive Embedded Systems Security – a joint program of the University of California San Diego and the University of Washington – has already shown that a car’s vital systems can be taken over by plugging a device into the OBD-II diagnostics port. Other researchers have shown they can capture and duplicate the digital signals that allow remote key fobs to operate.

As vehicles get more high-tech systems onboard, and start to link with a roadway infrastructure, they will become increasingly vulnerable to hackers.

Getting access to a car’s OBD-II port or otherwise plugging in can be difficult, unless you work in a service garage. But cars are becoming increasingly loaded up with all sorts of wireless systems – those 4G hotspots, your Bluetooth phone link and even the tire pressure monitors required by law. And more are coming. The Department of Transportation wants to have every car linked to a roadway infrastructure system in the not-too-distant future. All provide a potential access point for hackers.

How to prevent such problems is becoming an increasingly urgent subject of debate. The easier the access, argues Heimer, the more likely hackers will shift to mobile targets, whether to take control of a vehicle or to access the personal data that might be stored onboard.

If vehicle security follows the conventional path, motorists might soon have to sign up for anti-spam and anti-virus software similar to what’s in use on their desktops, laptops, and even tablets and smartphones. But Heimer fears that solution will be too little, too late. He notes that the wave of attacks on conventional computers has become so fast and furious that anti-viral programs are falling further and further behind.

(Good times for the auto industry coming to an end. For more, Click Here.)

“The entire system structure is vulnerable,” he contends.

Heimer and his team at Battelle are working at a promising alternative, however, dubbed NEM – short for a Network Enforcement Module. The approach is surprisingly simple in concept, if not in execution. Basically, such a device takes a snapshot of what things are supposed to look like from a software standpoint when the vehicle is just rolling off the assembly line. If, suddenly, there’s an anomaly, the car wants to veer left when you’re steering to the right, a NEM would recognize there’s a problem. It might be because of an inadvertent system failure or because the vehicle has been hacked.

(Click Here to see how a recent alleged murder underscores the dangers of leaving children in hot cars.)

In reality, the concept is far from simple. Some cars today require as much as 100 million lines of software code, dozens of times more, experts note, than in even the most complex commercial airliner. Not only would a Network Enforcement Module have to digest all that, but it would need to do so with what industry types call Six-Sigma accuracy, essentially 3.4 of its own mistakes out of a million operations.

Heimer’s team has been working on developing the NEM concept for nearly three years and hopes to have it “production-ready by Spring of next year.” That doesn’t mean you’ll find it in your car quite that soon, he adds, noting that because of the long cycle times needed to actually develop new vehicles, it might take three to four more years before the concept actually is on the road.

(For details on the UAW’s new strategy for Volkswagen’s Chattanooga, Tennessee plant, Click Here.)

And even then, it will be a work in progress because hackers would inevitably try to overcome this new approach at high-tech defense.

One of Battelle’s goals is to lure talented young programmers away from what might be called the “dark side,” and get them working to improve vehicle security, rather than hacking into tomorrow’s cars. Heimer and his team will be in Detroit this month for the Battelle CyberAuto Challenge, a program that pairs students up with security pros to compete to see who can do the best job at developing secure vehicle technologies.