Waymo’s Approach to Cybersecurity: Identify, prioritize, and mitigate cybersecurity threats
What if an autonomous vehicle is hacked or its cybersecurity is breached? In Waymo’s autonomous driving technology, certain aspects of vehicle operation—e.g. steering, braking, controllers—are designed to be isolated from outside communication. For example, both the computing that determines vehicle movements and the onboard 3D maps are designed to be protected from the vehicle’s wireless connections and systems.
Waymo’s technology is not dependent on a constant wireless connection
Waymo’s autonomous driving technology, i.e., the Waymo Driver, does not rely on a constant wireless connection to operate safely. While on the road, all communications (e.g., redundant cellular connections) between the operations centers and the vehicles are encrypted, including those between Waymo’s operations support staff and riders. The Waymo Driver can communicate with the operations center to gather more information about road conditions, all while maintaining responsibility for driving tasks.
Waymo vehicles are not dependent on a constant wireless connection
Waymo also considers the security of its wireless communication. Waymo vehicles do not rely on a constant connection to operate safely. While on the road, all communications (e.g., redundant cellular connections) between the operations centers and the vehicles are encrypted, including those between Waymo’s operations support staff and riders. Waymo vehicles can communicate with the operations center to gather more information about road conditions, while Waymo vehicles maintain responsibility for the driving task at all times.
Waymo can identify attempts to impair vehicle security
These protections help prevent anyone with limited physical access to Waymo vehicles, whether passengers or malicious actors nearby, from impairing or altering the car’s security. Waymo has diverse mechanisms for noticing anomalous behavior and internal processes for analyzing those occurrences. Should Waymo become aware of an indication that someone has attempted to impair its vehicle’s security, Waymo will trigger its company-wide incident response procedure, which involves impact assessment, containment, recovery, and remediation.
Cybersecurity through global collaboration
Waymo’s security practices are built on the foundation of Google’s Security processes and are informed by publications like the NHTSA Cybersecurity Guidance (Download PDF) and the Automotive Information Sharing and Analysis Center’s (Auto-ISAC) Automotive Cybersecurity Best Practices. To help develop future security best practices, Waymo has also joined the Auto-ISAC, an industry-operated initiative created to increase cybersecurity awareness and collaboration across the global automotive industry.