 Okay. Good afternoon. Welcome to CSIS. My name is Jim Lewis, and I'll be moderating this event which promises to be one of our more interesting panels for some time, particularly on this subject. Let me do brief introductions for the panelists, and then what the format will be is each of them will speak for five or 10 minutes or so, and then we'll open it up to Q&A from the floor. So to begin with, we have Kevin Vincent, who's the Chief Counsel of the National Highway Traffic Safety Administration. He's been there since 2009, so that's kind of a long tour for Washington. He was in private practice for 15 years, most recently with Baker Botts here in D.C., and before that was in the General Counsel's office at the Air Force, so a lot of experience and one of the key people working on this subject. We have Mike Westra, who's the Connected Vehicle Cybersecurity Technical Lead at Ford. Ford has been one of the leaders in thinking about autonomous vehicles, and I've been hearing from some of the reporters about your cars for a long time, so it'll be great to have Mike. Gooding-One, who said he managed to crash it in the, well, it's a long story, let's skip it, but it was his fault. He's been at Ford for 18 years and has worked on software problems and solutions there on security, and did supercomputing modeling? That's all right, that's what it says here, super good. Yeah, for computer aided engineering, that was a couple of jobs back quite a while ago. Okay, well, and has 14 patents either issued or pending, which is pretty impressive, thanks. Finally we have John Pescatori, an old friend. John is now at Sands with 35 years of experience. He was at Gartner before then, the Secret Service, NSA at one point, and is one of the gurus on cybersecurity here in Washington. So with that, what I'm going to do then is turn it over to the panelists, we'll start with Kevin, then we'll do Mike, then we'll do John, and then we'll see, apparently we're going to get questions from the Twitter sphere as well. So at various points we'll get interrupted with people asking things, but Kevin, why don't I start with you? So at NHTSA we're very bullish and supportive of the idea of autonomous vehicles, or we really like to talk about automated vehicle technologies, because our view is that there's a spectrum here. Everybody wants to focus on the long term when the car will completely drive itself, but that's not ready yet, it'll be ready in a few years, and when it gets there, that will be great. But right now today the automated vehicle technologies are being introduced into the fleet, some have been around for quite some time. Electronic stability control is an elemental building block for automation, and it's already in all your cars. It's mandated by NHTSA, and it was adopted by most of the industry before we ever did demand aid. So we view automation as a combination of different systems in the car that will end up taking the driver out of the loop, and either for certain periods of time, or eventually with full autonomy completely out of the loop when that is achieved. In the meantime, though, it can also provide assistance to the driver while the driver remains in the loop, which will be for certainly the short term for some time yet that the driver is going to have to be in the loop driving vehicles. They're not ready to quite drive themselves yet, except for in very carefully defined environments. But getting the driver out of the loop or supplementing the driver while he's in the loop, we view NHTSA as being very, very important for achieving safety, our mission safety, the name of the agency is National Highway Traffic Safety Administration. Safety is our name, that's our mission. Other than fuel economy regs, that's all we do is safety. So our job is not to promote the auto industry, our job is not to promote American commerce. Our job is, although we obviously want to support American commerce, but our job is to ensure the safety of the fleet on the road in America. And the best way you actually achieve that is controlling for driver error, because we actually know that 95% or so, I can't remember the exact figure, other folks at NHTSA are good at quoting it, but something like 95% crashes that occur are a result of human error. So if you have the vehicle, which can be much smarter than the human, and much more attentive than the human, taking control more often or completely, you can eliminate the greatest risk. So we view that possibility at NHTSA as being a great thing for promoting the safety of people on our highways. So for that reason, just generally, we are very bullish on supporting, promoting automated vehicle technologies, and then working with industry to make sure as the automated vehicle technologies are developed that they're done safely. And we are concerned about issues of privacy and issues of security, issues of security because it has huge safety implications. If you end up with having systems that can be hacked with malicious hackers can threaten people's lives. So that's very much part of our safety mission to make sure that security protocols are in place to make sure that the vehicles can remain safe while they're in operation. So that's really important. And then the privacy aspect, we know that automated vehicle technologies will not be accepted by the American public if the auto industry can't ensure that privacy concerns of the public are addressed. So we want to see these technologies adopted and we know privacy has got to go along with it. So all these issues are very important to NHTSA. We have dedicated teams working on these issues right now. But it's mostly in a function of how do we work with industry to make sure it's done safely and how do we get them on the roads as soon as we can't safely. Because right now we're losing 30,000, some thousand people a year getting killed on our highways. And most of those, again, most of those issues can be addressed, most of that risk can be addressed through automated vehicle technologies. I've probably gone over five minutes. That was great. Pass. Thanks. And it's five to ten. So if you want to... Dialogues probably better. Okay. Mike, please. Sure. Thanks. I'm going to talk a little slightly different subject. Just from a cybersecurity standpoint, just kind of where we've been, where we are now, and kind of where we're going in the next sort of five to ten years. So obviously for the first 80 years, the vehicle wasn't really, cybersecurity wasn't really a concern. The vehicle was primarily a mechanical invention. There were very few electrical systems in early vehicles. What sort of changed that was in the early 1980s, the emissions regulations that sort of came along in that period sort of helped accelerate the early electronic control units that began to appear in vehicles. So microcontrollers, microcomputers that basically were controlling the vehicle. And over the next sort of decade, decade and a half, these computers began to be sort of interconnected with each other. Often with either hard wires and then eventually with CAN, which is sort of an automotive standard that's used in most automobiles, a lot of medical devices. Even then, these systems tended to be very isolated and disconnected from everything else. And the ECUs within the vehicle were very purpose-driven and it was just informational sort of pieces of information that were flowing between these ECUs in the early sort of periods. In about the 2000, 2005 period, you started to see connectivity. So this is kind of the first wave of connectivity. In terms of Ford Motor Company, I was on one of the first sync products, which is our infotainment platform. So for the first time, you had a consumer device that sort of connected with a user's phone, with their media device. And what was unique in sort of Ford's case was we democratized the technology by introducing it on our lowest introductory vehicle. In parallel with what Ford did, there were a number of other automakers that introduced some very early embedded modems where you started to see sort of connectivity to the cloud. A lot of it was very voice-oriented, sort of making phone calls and things like that. And this is also the period when Ford formed its first cybersecurity team, recognizing that this was kind of an up-and-coming area that was going to demand attention. I was actually one of the original members back in 2007 when we first started looking at cybersecurity for the automobiles. Where we're at right now is a sort of second generation of connectivity. So there was sort of a lot of the industry said there was Ford in the brought-in sort of mode where you brought your connectivity and your device into the vehicle, and primarily GM that had the embedded modem technology where it was built in. What you're starting to see is both automakers and other automakers in general are kind of coming to a middle ground where that sort of debate is over and GM is building sort of brought-in capabilities into their vehicles. Ford's beginning to introduce modems into our electric vehicles especially. And so that's kind of where we're at now and we're seeing connectivity kind of becoming more pervasive. We're starting to see things where there's much more interaction with mobile phones. Apple and Google have both announced sort of an automotive initiative. We, with our Apple Inc., we've open sourced that and there are a number of other OEMs that are looking at taking that on our smart device link technology. Another key sort of indicated piece that's happening in this period of technology is the diagnostics port. The port that's sort of sitting underneath the steering wheel which was originally federally mandated for diagnostics purposes and mandated to be sort of open access so that under right to repair any technician would have the ability to service a vehicle. You're starting to see that being sort of shift in mentality to being viewed as a consumer port where you've got progressive and insurance companies asking consumers to plug what amounts to internet connections into the vehicle. So there's a lot of interesting security sort of concerns or things that need to be done to sort of look at that. And then sort of what ties it all together is a lot more in terms of privacy concerns as we can gather more data off the vehicle, the vehicle's location, sort of engine and other sort of tuning information. So the auto industry actually within the last six months all the automakers signed a consumer privacy protection principle sort of letter of understanding with our partners in government where actually I believe one of the first industries to do that where we basically said here's some very high level design principles that we'll keep in mind in terms of consumer privacy. And so just to highlight it our CEO when he spoke at CES mentioned this and talked about how privacy is very important and consumers data belongs to the consumer and that was one of the sort of places at which he got a standing ovation. So it's obviously front and center on consumers minds and very sort of a high area of interest. There's also a lot more joint effort between automakers kind of in this phase of greater connectivity. There's an SAE joint task force looking at best practice standards for cybersecurity. The auto industry is working with the auto alliance to look at an ISAC for automotive purposes where sort of cyber information can be shared and analyzed sort of as an industry consortium. That's sort of ongoing in its sort of early phases of definition at this point. So those are that's kind of where we're at right now. So there's a lot more interest in cybersecurity. The industry is coming together sort of looking at what we can do to to address sort of the concerns as well as as well as what we might see in the in the next few years. So some of the key things that we'll see in the next few years V2V technology which is which we're working with NITSA and Department of Transportation to develop is a key to enabling technology with a promise to save save a lot of lives inform and and warn the driver of an impending crash. Security is also a key part of that because the messages that are exchanged between vehicles need to be secure, authentic and anonymous so that consumers are feel feel that they're not being tracked and there's no and they're and we're not experiencing any of the downsides that potentially sort of come along with the abuse of that technology. And then and then the obvious next thing that's sort of coming along is the autonomous vehicle. It's certainly there. There have been a lot of demonstrations. A lot of things that capture the imagination from from Audi to Google to rumors of Apple looking at doing an autonomous vehicle. But behind the hype where the technology is today, there's a lot of limitations. All of the vehicles are generally have to be on a closed course. They need a live data connection to the Internet and they don't operate properly in non ideal circumstances like with there's weather conditions or traffic or any other complexity. There I mean there's there's horror stories. I'm sure that every company that's made an autonomous vehicle has where it hasn't quite worked out. I mean but the promise is definitely there sort of moving forward. But to highlight kind of where we where we have had some success. I'll give a couple of examples. So Ford obviously has prototypes for autonomous vehicles. What we're using autonomous vehicles today retrofitted into existing vehicles on our test tracks where we basically do durability and other analysis where we drive the vehicle over harsh conditions. And we can basically remove the consumer or the driver from the situation where we had a lot of instances where they were getting back injuries because they're driving over sort of extreme bumps and things like that. So that's an example where we've used autonomous vehicles today. It's not a closed course of course though. And another example is with some of our mobility experiments. In one example we're working with Georgia Tech on a sort of a self driving or not self driving but an autonomous sort of golf cart where they're basically use these to basically shuttle staff around the campus. But it's not autonomous. It's basically remotely driven by somebody on the staff but they can basically position the vehicles ahead of time where they would want to be. So you can basically dial up and have the vehicle delivered to sort of the location so that you can don't have to have an over abundance of vehicles and an over abundance of parking. So that's one example of some of the things that will be possible when sort of autonomous vehicles sort of are fully realized. There's a number of sort of interesting areas where we're going to have to as both an industry and a society answer some questions about autonomous vehicles where we are today it's really enabling the driver to drive more safely. As we move into sort of fully autonomous vehicles we have to ask questions about what will happen to sort of employment rates especially in trucking and some of these other industries where potentially we don't need the drivers. What happens to those folks that may or may not be needed to sort of drive trucks going forward. Law enforcement whenever we talk with them they've got a lot of very interesting use cases where if there doesn't have to be a driver in it what could somebody do operating a vehicle remotely for nefarious or terrorist purposes. And then the final example what happens if a consumer isn't in a condition to be able to take control of the vehicle back. So there's a lot of these sort of corner cases and misuse cases that really have to be understood even assuming that technology is sort of fully there. And that's something as a society as well as I mean the automakers will certainly play an intricate part of that but as a society that we all have to kind of come to terms with. Thank you Mike. Yeah that was actually what when I was talking to the reporter from the major newspaper. It was one of the stumbling blocks was when does the driver take control in a situation where you don't want to rely on an autonomous vehicle. And so this idea we have that we're all going to be sitting there reading our newspapers or looking at our iPhone. It's that second when you have to drop and retake control that's been a real obstacle. And it's this it's a mental shift between going from being an active driver to almost viewing your own personal vehicle as a form of public transportation. And that's that's going to take a sort of a large mental shift shift for I think as a society. Thanks John sort of feel like I was transported back in time with an email messaging association talks and we would have all the great things email was going to do for us an electronic bill. And you think about now no reputable company. Every reputable company says we'll never ask you for sensitive stuff over email because of the lack of security that was built in over the years as email exploded. So I'm going to start at the sort of broader Internet of Things level and sort of zero down on the automotive side. You know when you think about it we spent a lot of years trying to secure general purpose computers. Windows computers Unix Linux. And I look at is there's been sort of three waves. The first wave was computers were bought as computers by I.T. people. They worked them into businesses. They bought them. They've managed them. They tried to control them. They tried to make them all the same. We're going to be a window shop. We're going to be a Linux shop. We're going to use this version because that was the way we learned to control technology was to make it the same and reduce the cost of trying to deal with it. The second wave came about when users started buying computers iPads and iPhones. We tended to call it BYOD five or six years ago and the users would start to buy technology by computers as computers until I.T. I want to use this. And all of a sudden things began to change rapidly. When we look at this Internet of Things thing it's consumers buying computers embedded in other stuff. Nobody's buying the Ford Ranger or whatever Ford Expedition because of the computers built in it. But now the numbers have. Pick your numbers dozens of computers built into the car. Millions of lines of code five six seven eight different networks built in just the way people are doctors are ordering medical machinery. That has computers built in but it's not being built as or bought as a computer. So when we think about securing it we're in a consumer driven world. We have a pretty mature system one of your sister agencies for secure making sure the software and aircraft is developed securely. And aircraft mainframe stay around for what 40 years the 737 20 year life cycles we can do that. No consumers are buying airplanes. Consumers buy things on much more accelerated cycles than businesses do and certainly than aircraft manufacturers do. So we have this this issue of the fundamental way Internet of Things things are bought is changing its consumer driven. It's going to be heterogeneous. Consumers are not saying I want to use this car because it uses this operating system and all that it'll be different in every car. Ford has gone through several different ver as most manufacturers have different the different parts of the car have different operating systems. Whether it's what's in the engine or the safety side or what's in the infotainment side or what's running the tire pressure measurement or the maintenance port or whatever. So that the divide the things we're buying are actually have their own networks and their own number of systems. They're pretty complex beasts already when you start looking at just the automotive side. Look at the home. There's a nest thermostat over here. There's a BG and E meter over here. All these things are talking out. So when we think about the security challenges we've had in just dealing with Windows Linux Unix and a few other variants it's been pretty tough. When we got to that BYOD generation. What did consumers choose. We actually found the Apple iPhone is sort of how many people are using an iPhone. How many are using a Windows. Wow. That's the biggest number yet. How many are using an Android or Google type phone. Think about how how much more Google and the Android phones today look like iPhones. Remember when the Android phones first came out you could load any software Google had a campaign. Droid does it can do it. We don't lock you down like that Apple does where it forces you to use App Store in this App Store. You can do everything. Look today. Google Play is on by default. The Google phone operating systems look much more like why consumers wanted it that way. Consumers got tired of man every time I load an application it blows up in my face and somebody has to renaissance it. Best Buy has to fix my computer. It doesn't happen when I go through an App Store on iOS. It doesn't happen if I stick with Google Play. So consumers have actually been choosing safety in the BYOD generation of the devices they've been buying. They're not buying Windows phones. They've associated Windows phones with Windows and things exploding and that that's hurt Windows in the market. Again Google. You can see the shift in Google. So the consumers are saying we want our devices to be safer and based on all the identity theft that's been going on. We want our services to be better at protecting our information when they were years ago. So Jim mentioned years ago I worked for the Secret Service. One thing we used to do was counterfeiting surveillance. That's what the Secret Service does most of the time when it's not protecting people. And I ran the vehicle surveillance technology programs back in this was in the early 80s which basically meant sneaking under people's car to wire wrap on a beeper. And we'd follow them with a little thing that said they were left to right. We were looking at technology like GPS and actually used a little ran back in those days. But GPS what would it mean. And you know it turned out there were laws already when we attached a beeper to somebody's car. We didn't need to get a warrant to do that. But if we tied it into the electrical the battery of that person's car we needed to get a warrant. The courts had ruled that if you were following somebody and using something of theirs that they owned they had to inform them or get a court warrant. So as we start looking at the information coming out of cars and this applies to other Internet of Things that it's that issue of who does own that data. How does law enforcement what right did they have to that type of information. And final thing I'll throw out is a pretty popular thing in the press. The automotive industry is pretty global. I don't know what the market shares are but obviously the Toyotas and Hondas and Subaru's in this country and the keys and the Fords and GM's trying to sell elsewhere. Right now we're in the midst of a little issue between governments about software. Should the US trust Huawei because its software is has roots in the Chinese government. China is putting on blacklist US made software because how does it know NSA has an influence the Chinese software that's being put on the market. We're going to see that in cars. A great if I had technology when we were chasing counterfeiters back then where I could have remotely turned on a microphone in that car without the bad guy knowing without me having to get access to his car to install a microphone. So you know the cars that the businessmen drive are going to be targets and are also going to be suspected targets of national intelligence agencies. If a US company would cooperate with NSA or Kia would cooperate with South Korean government or someday for buying Chinese cars with the Chinese government. So the same issue what I'm getting at is the same issues same security issues around software and the same privacy issues around data that we're dealing with everywhere else. We will have to deal with cars and it's a consumer driven thing. It has to go a lot faster from both the technology and making sure we get security built in and from the policy side. Because again it's not going to work at the speeds of 747 is getting replaced every 20 years. It's it's two years from now the entertainment system and everybody's car is going to look a lot different than it does today. Just because that's the way the consumer fans go just like we're all eating pounds of kale today. Next year we'll be eating something else besides kale. It's just a you know a consumer driven way and security's got to keep up with that. And that means things have to get a lot faster than they have in the past. I had kale for dinner last night so you're making me feel bad. Next week you wouldn't have any more kale. Okay. Well a couple points we're going to I'm going to ask a few questions and we'll open it up. Some of the earlier work we did. We found that the average age of a car in the U.S. is 12 years. So people do hang on to their cars and I think that'll be a problem. You know what's the refresh cycle for a car. Most cars I think the average we saw was they already have 16 computers on or computing devices. So your car is basically already a computer and I get the idea of augmented driver performance. You know we all most of us probably have that own a car probably have a vehicle that has ABS or something like that or that controls you aren't actually controlling the engine. The engine is adopting itself to be more efficient less polluting. So we're used to having vehicles that are run by computers to improve safety improve performance. What I don't fully understand and maybe we can talk about is V2V right. So what are the what are the things we want. And this is for all three of you. What is it we want out of the vehicle to vehicle communication. The car doing it by itself. It's it's like you know as John said the ancient days of computing. When every computer was a standalone they weren't networked. Now we're going to be moving to networked cars. What's the advantage. What's the data they collect. What are the privacy implications. What data do you need to have V2V work. So I don't know do you know Mike do you want to start with that. Sure. So in terms of the standard right now for V2V and please correct me. I should jump in here. To actually explain what the motivation is. What's the motivation. What's the motivation. I'll let you know. This is actually an initiative. So vehicle vehicle communications is something the Department of Transportation has had on its agenda for something like 12 years. Long time there's a part of the spectrum is actually allocated to safety vehicles 5.9 gigahertz at the moment allocated to safety. We aren't going to touch that one. It's a big question for us how long it's going to last and help it last because we are in the process right now of implementing vehicle to vehicle communications. We have issued advance notice of proposed rulemaking. So essentially what what the advance notice does is it says we are going to propose mandating that there be vehicle to vehicle transmitters basically in every every vehicle. At some point in the future there's always an implementation period a rollout period for regulations. And what what those V2V systems will do is they will transmit a signal from each car to every other car that has a V2V transmitter or receptor in the car. And that provides great safety benefits for a number of different applications that haven't been developed yet and that have been developed at least as prototypes already. But mostly it's it's a way of mandating communications between vehicles to enable industry to develop all sorts of safety applications that could make use of those signals or to augment existing systems that are relying upon line of sight sensors radar or just cameras to right now we think there's great possibilities of taking the nonline of sight communication that will come through V2V signal and augmenting all sorts of existing safety features that are going on for lane control warning and for advanced cruise control. All sorts of different technologies which are already in existence today that are relying upon line of sight sensors can be augmented by the V2V signal which doesn't worry about how big the truck is in front of you. It can see ahead so when the guy ahead of the truck slams on his brakes your car would know it before the truck driver knows it in front of you. And when you're coming up to a blind intersection when someone's pulling out a blind intersection your car can get the signal from the other car that they're approaching the blind intersection they have not come into a stop. So you can get the warning or better yet your car can get the signal so it can automatically apply its emergency braking and stop your car before you run into somebody who's coming through a blind intersection. There's a left turn assist is really one of the great advantages that can really be augmented and can be provided by V2V because right now today the line of sight sensors really don't control that scenario very well. People misjudge all the time. They just miss the oncoming traffic and the V2V can do all the calculation that you can't actually turn in front of that car now. So there are a number of applications that we know right now from our testing that we're doing and from working with industry hold huge promise if you have the V2V communications going from each car. Now there's a lot of wrinkles here. One is that cars are on the road for 12 or 13 years that means even if you mandate tomorrow that every new car have a V2V signal there's going to be plenty of cars that are on the road that won't have the V2V radios. So this is going to be something that incrementally is going to roll out as we go into the future but it is a reality right now today that we can do it. Now there are some wrinkles. Security is a big issue here. So security credentials management system and how we're going to not technically how to make it work but how do you pay for and how do you manage the security credential management system is really a big issue for us right now. We actually issued a request for comments or request for information from the industry seeking suggestions really from industry about how can you manage and how can you and how can with our help can we all implement at this security credentials management system. And we're analyzing right now the responses we got to that request for information. We're going to be moving forward to the next step for V2V will be to issue the notice of proposed rulemaking and then of course the final step on that will be a final rulemaking where we will mandate vehicle communications. All sorts of things could go wrong spectrum could go away is the first order thing we're worried about going wrong. The security credentials management system may no one may ever step up to where that can actually be implemented. And until that occurs we won't be able to make this work or you could have all sorts of other issues could arise as part of the rulemaking and perhaps we'll never get there but we think it holds huge promise and we think it's going to happen when I say we it's not just. You can chime in on behalf of Ford the rest industry auto industry almost universally I wouldn't say every automaker there's a couple that are kind of naysayers in this but almost all the automakers are quite enthusiastic about potentials for V2V to enhance the security of automobiles and it also also offers great promise for things that go beyond security. Originally started as a way of enhancing mobility but how do you control for traffic if you can have a lot of communication ahead of time about where is where are the traffic jams as you're driving on the highway it doesn't allow you to control for those traffic jams. So it has great potential to actually increase mobility has great environmental benefits potential it has great ways of dealing with weather ahead so you can get reports back about how many cars ahead of you actually have the windshield wipers going. Can make a pretty good prediction about what you're running in the rain or not. So there's all sorts of different information that can be transmitted through V2V which has great safety implications but also has great benefit to enhance mobility and environmental benefits for the country. And I could go on about V2V and there's a lot of details here but. I think you did a great job of summarizing sort of the use cases and kind of where the status is from an OEM perspective I know that the supply base is sort of tooling up to under the assumption that it's moving forward. I know that the organization camp is continuing their proof of concept. They've successfully done a multi-year study in in arbor where they've they've outfitted several thousand vehicles with the technology. This year is a big year because they're building out the SCMS or the security management system. So that's kind of where where things stand now and I think I think you did a great job. Yeah from a security perspective you know we have we've had this for years in the military called identify friend or foe devices on each plane. And loads of security issues to make sure the bad guys couldn't pretend to be a friend and so on so that credentials management side is a huge issue. It's a huge issue where people drive their cars from different states and the other states and traditionally the license plates and driver's license or a state's rights thing. And it's one of the reasons I mentioned email we don't have strong credentials for email. We don't have the federal government giving us credentials to do electronic anything. So when we start talking about sort of federal mandates on credentials we quickly run into that good old electric third rail problem on who's who on the Internet. Yeah one of the things that somebody mentioned at one point was you wanted the car to be able to be authenticated. So you know it really was the car but you also wanted it to be anonymous. Yeah. And generally with having done this authentication stuff for a while generally the two are antithetical. So how do you how do you get that outcome. So in the technology the way that the technology has been designed the identity is actually maintained in two or more independent sort of sources and only when those are brought together is the original identity. Are both on board. No it's basically this is the there's an SCMS offline management system that will issue the credentials on a three year basis is kind of the current thinking and the identity is based on two identity providers and then and then those identities come together in the vehicle and then other units can verify the authenticity of it based on the messages that go out and then there's a new certificate that rolls over every one to five minutes. I know they've spent some discussion about how quickly but they basically roll through those and then every three years there's a renewal process. I'm envisioning a little yellow sticker that says identity on board the baby on board. I'm not sure how the marketing is going to work for that. But yeah that'll be interesting. But what they're authenticating is the vehicle not the driver. Exactly. Yep. So that takes care of some of the privacy problems. There's a lot of inherent anonymity built into the system. I mean there are the complexities about how you would actually have to use the credentials to track somebody and in the V2V signals first of all the short range communication. So this is something you've got to have snippers spread out all around the country to be able to track somebody with this. There's a much easier ways to track somebody including going to the bumper and sticking the device on the bumper. So we don't think it's a practical matter. This is going to be a huge opportunity for for surveillance. But because it is it will be a mandated signal that that every car would be transmitting. We would expect a lot of public concern that we're going to try to allay by describing the way the system works to explain it really not going to be a very effective way for anybody to try to track you. You know following the GPS and the iPhone you have in your pocket is much better way to track people. And I don't I think we can deal with that. I hope we can deal with that. But that's part of our mission is going to be this is essential for security and it's not going to be really a very effective way. Go ahead. We have a question in the front. Michael straight with MIT. The quick comment and a question. The V2V stuff. If I want to be clever I'm going to do a V2V emulator in a phone or device. You know and it'll give me 80%. And I can spoof it and it creates interesting anonymity. Other kinds of questions. So the whole notion of V2V I think is going to be disintermediated by very clever devices. There's a lot of debate going on right now how the certification regime is going to go forward. Certainly for automakers it's it's pretty it's it's it's more clear because it's a sort of directly sort of has oversight over the automakers. If there are aftermarket devices there would have to be a certification as well as they would have to get certificates just like any other. I don't doubt that at all. But as the majority of the people even the ones who held up their hands on the Windows phone you know unlocking a phone you know that used to be bad now it's fairly conventional. But your points very well taken on that. The thing that I the question is if you look at the history of CRM and cockpits you see that pilots are trained to inject themselves in the systems that they've they've overseen. And I'm just curious about how you see education and training being evolved and what what efforts you all are doing in prototyping that. And that ties into the other question which is one of the things that really transformed airline safety was identifying near misses as a criteria because near misses are by definition a bad thing. And I just see all manner of near misses in new metrics emerging that could lead to congestion design highway redesign forcing people to slow down or speed up in certain areas. So more systemically what kind of interesting research agendas have spun off from the kind of V2V and investments you all have been making. Well let me talk a little bit about one of our major research areas and that's dealing with the human machine interface. For both the question of the handoff when the car is operating autonomously and when the driver has to come back in the loop. And also as the automated vehicle technologies are developing before they get to full autonomy as the driver relates to the information that comes in. A lot of the stuff which is going to come from V2V will start out as just warnings for instance it's going to absolutely require the driver to react. And the human machine interface about the best way to design the information coming in from V2V or from the sensors for the other automated vehicle technologies is really critical. One to one make sure you're not adding to the distraction load. It's already an issue for the agencies trying to make sure that you don't have so much going on with the electronics in the car that the drivers concentrating all the time. Yeah. So what we used to call busy cockpit. Yeah. And I haven't right now I have a electric vehicle so there's a lot going on though. I watch you know I like to watch you know whether I'm in EV mode or whether I'm using the gasoline. So that's fascinating. I spend too much time looking at the screen trying to find which drive I'm on. And you know it's not safe. And so we need to think about what is the information that's being presented to the driver and how much of it is going to actually promote safety and how much is going to detract from safety. And you know we all have abilities to tune our radio while we're driving. So we're never going to get to the to the point of where people have a single task of only driving. I mean that would be ideal but it's not realistic. So the question is what is the accessible distraction load that can occur. So we're trying to control that but but it's really very complex. The whole question of the handoff. Sure. Do you have a metric underway for determining cognitive load that basically the car senses. No you can't turn on the radio because our predictive algorithms say you won't be able to respond to anything bad that happens if you have the radio on. I think some of the automakers have that we have. We always have ideas about what are the good metrics but they're just research projects. So there's nothing imminent on this because we don't know the answers yet. We have a lot of people looking at the questions. Okay. Go ahead. Steve Winters local researcher. You know ages ago there were all those studies where they compared the flow on on highways to fluid flow and figured out you know what the ideal speed would be for the cars to get through and then study the bunch ups and and in Japan I mean for years they've had systems where during the very high usage of the highways they broadcast you know what the situation is they've got monitoring things for hundreds of miles. They control the on ramps so they wouldn't actually even let people go on the highway just to keep those bunch ups from getting bunched up. I'm just wondering given that Japan has been thinking about this for a long time what's what sort of suggestions or influences are coming from that part of the world to this thinking. So some of the highway step is actually a little bit outside of NHTSA's realm because you know a lot of the infrastructure stuff ends up being federal highways administration rather than the NHTSA. And Americans have a little bit more resistance to control than other cultures so things that might be acceptable culturally in Japan would be a lot harder to roll out in the U.S. honestly. So I mean I think that we are definitely in communications with other countries about what they do to enhance safety. You know we all know if you made everybody drive 55 and not speed you know you would enhance safety but you also create all sorts of issues with American public and doing that too. So there's just some things that culturally are just very hard to do in this country. The issue of B2I though some elements of what's going on in Japan and are going on in Europe are actually part of B2I and there is actually a prototype in Michigan. I think they have 100 miles of roadway which the Michigan state authorities and DMV or somebody in Michigan. They're working to build it out now. It's about 100 miles. Governor Snyder I forget when they said it would be done but it's ongoing. And they'll have some elements of that tying into the V2V pilot program which is really an extension of what's going on in Ann Arbor which was a joint thing with camp and DOT was heavily involved in that test. It's a great way of proving out the effectiveness of V2V communications. We have two questions in the audience. I have a question and then I want to ask one. I have a question about data that I want to ask one about security but let's start with David over there. If you could wait for the mic. Thank you. Thank you. Good panel discussion. I'm interested on a security side. What kind of research you're doing to deal with malicious actors? So there's a lot of great technology out there for jamming. We've perfected that in many regards. Spoofing, hacking. We've talked about that. What's the research agenda? Particularly if your goal is safety and V2V is a way of getting there, you're also going to have the counter mission of protecting against malicious actors. So specifically on V2V or did you mean sort of in general? Specifically on V2V. So specifically on V2V and you can jump in if you'd like. NHTSA has engaged with DARPA and NIST to look specifically at the system with an eye toward sort of a malicious intent. And so that's an active sort of project or work that's going on where they're sort of coming in and looking at that aspect of it. In terms of research, I know Ford and others are sort of looking at various research areas. Everything from vehicle firewalls, intrusion detection systems, a whole host of sort of different technologies to basically make it more difficult. As we move into sort of a much more fully connected vehicle for bad actors to do things that they shouldn't be doing. I would say today, most of the sort of real world things that we see are mostly around, I mean it always comes back to where's the money. And a lot of it's focused on sort of theft, counterfeiting, things like that. With the understanding that as we move forward into a more connected world, those use cases and additional ones will sort of evolve as we go forward. I think the sort of common denominator areas when you look at previous generations of security, a lot of assumptions will only be talking to trusted people. We'll have credentials and other which we know isn't going to be true in the long run, right? It's not the internet if we only talk to trusted people. So consumers will be able to connect their cars to services of their liking. And as you mentioned, it'll take years to phase in vehicles that have the V2V approved technology built in. So I think the part, I think there's research to be really badly needed is around the security side of the software being written to date. So much of that research is focused on the traditional development cycles for those computers being built by IT people, servers and PCs. We now have mixtures of real time operating systems, semi-consumerized embedded windows or embedded iOS or embedded Android type operating systems. In real time in this, there's been very little research on what sort of vulnerabilities occur when that's all plugged together and how to securely develop in those environments. And the flip side of that is best practice standards so that the entire ecosystem of suppliers, OEMs, dealers, et cetera, basically can get on the same page. That's why the ISAC is so important that has been entered into or it's in the process being entered into, I guess, among the industry and deal with a lot of security issues. It's really important that we not have security be something that each automaker tries to keep proprietary because we have to make sure that best practices are shared around and that the researchers are going on within the companies. One thing about NHTSA, I say we have a lot going on. We have a lot going on for NHTSA. NHTSA is a tiny agency. Our research, you know, we have just a handful of researchers. So it is probably our biggest issue B2B is and the security aspects of electronics in general and the internet of things in cars is way up on our agenda of things we need to research. But we have a tiny amount of resources that is an agency we can devote to that. So what we mostly try to do is leverage the work that are going on with the automakers which we know is much more than we are devoting to it and making sure trying to suggest areas where we think could be useful for the automakers to be looking into and then sharing practices and sharing research results among the automakers as much as possible and running the safety realm as opposed to proprietary issues which have to be kept separate. And one of the things we find is that security isn't really a competitive advantage in the traditional sense. So that was made clear to me when I was asked by a reporter when one of our competitors vehicles had a demonstration of something that could be done and we were all the OEMs were kind of painted with the same stroke that basically well if it's possible on this particular vehicle how do we know that it's not possible on your vehicles and other vehicles. So it really kind of demonstrates that we're all in this together and we all have to as an industry kind of work together to meet any future challenges that come and face us. Okay. We had one over here and no one over there. But go this one first please. On the one in the back. Got you. Thank you Nick Farmer. I have a question about a very specific use case and that is fully autonomous. That means no driver vehicle in an urban environment where the vehicle is not owned by the consumer but by a fleet operator like Avis or Hertz or Uber. Do you think that this sort of environment is a reasonable interim step to a fully automated autonomous vehicle and the issues of security, regulation, technology, culture since it's limited to a particular jurisdiction. No consumer controlled by a company rather than many, many different individuals. Does it really change anything from your point of view? So there's a lot of questions buried in there but let me talk a little bit about the urban environment. We just released our numbers on the pedestrian fatalities. Every year we release our annual fatality numbers and I think the numbers went up slightly for pedestrian fatalities. I think they went up slightly but regardless they're way too high and the urban environment is actually that's where you have the pedestrian fatalities. It's not people walking on the side of the road. It's in the cities in the suburbs where people are getting killed. And again it's mostly human error. Somebody's not paying attention. So we actually think making the car smarter, providing automated vehicle technologies, the pedestrian crash avoidance mitigation in PCAM, is one of the early use cases we think provides one of the greatest utility that will be enabled by V2V and that is being developed right now with sensor technologies right now today. And we want to encourage that very much because we think we can save a lot of lives in the urban environment by getting automated vehicle technologies. And if you do solve the problem of having the fully autonomous car being able to operate in that very complex urban environment it's very complex. It's going to take more work to be able to operate safely for that fully autonomous car but it'll get there. And when it does it's going to be safer than the cars we have on the road right now today. So we actually view this as being a great opportunity, the urban environment for autonomy and for automated vehicle technologies. Okay, go ahead. Yeah, Barry Braindale. And listening to this, I was thinking about how you prioritize to do the work that goes along with this. For example, not fully autonomous but just going back to where you are now. If I think of like cities as large nodes, complex nodes, and then highways connecting them, then it seems like it would be a lot simpler to start working on the open highways to start implementing some of these things rather than diving into the middle of a city and all its complexities of driving through New York, for example, Manhattan, for example. Then I think about open highways like the Jersey Turnpike is notorious for having 100 car collisions in the fog. So I can see great benefit in saying that, hey, there's an accident up ahead and maybe you saved 99 or 98 of the 100 cars from hitting each other. And then the other part that goes with this is in defense work, it's usually a likelihood versus consequence of accidents. So in order to prioritize that you're looking at that kind of a model to say, well, this is not likely but it's a very bad consequence or whatever. So I guess the question is what's the architecture and how you're approaching all these different forces that are working with it together to come up with some answers in the short term. I'm not sure you have limited resources to do it, so that's another issue that goes with this. So this is about six or seven things. So pick whatever you want to talk about. I think the short term is it's really about semi-autonomous driving, things like safer cruise control with sort of forward looking, safe following, the ability to slow down and stop, warn, like you would indicate in fog conditions. V2V will address sort of a lot of those pieces of it and it might even help with congestion as the vehicles can more effectively communicate with each other. Going into sort of fully autonomous, it may well be that you see fleets and especially sort of trucking lines would make the initial sort of large investments because the technology will be likely quite expensive and they can justify sort of a larger investment before sort of automakers put, sort of try to democratize the technology where it's available to sort of everybody. So I think that's, you'll see an evolution of it. You'll already see a lot of the semi-autonomous today in high and mid-range vehicles. You'll see more of that and then as it gets sort of closer to being more fully autonomous, it'll be probably in more of the fleet space. Certainly the Europeans are looking, their view of autonomy was focused very much on fleet applications and you can see being able to solve the cost problem with fleets pretty easy and you also can control the environment a lot better with fleets. They have designated routes that makes it a lot easier than typical passenger car which is allowed to go anywhere, including I could say driving on dirt roads back in Alabama is going to be a very complicated issue for, I'm from Alabama is why I was mentioning that, for a lot of the applications, I mean a lot of the ideas of how to achieve autonomy. Do you ever get there? I don't know but if you have a designated route ahead of time, you can actually do autonomous vehicle today. From a just a quick security perspective, think about all the years the FAA has been working on free flight with the planes. Meanwhile, there's been 12 generations of infotainment systems in the plane that get more sophisticated each year. So earlier security issues we'll see from both the privacy and really going to be around that infotainment side of the vehicles, not on autonomous or V2V or any of this stuff we're talking about. I think spoofing would be attractive. We're getting a lot of questions, but I'll just throw that out. If it's a signal, I would think I could spoof it in some way to get either some malicious advantage, just to have all the lights turn green when I was driving home or something. In any case, we had a question in the back. We have multiple questions. Hello, I'm Barbara Simmons. I'm with Tubman University in Liberia where in Monrovia we're happy to see a stoplight. The area I live in, which is rural, there are no stoplights. But since I've been here, I've rented some cars that were driving me crazy because they were so technologically advanced. So back to the question of how do you prepare the consumer to be ready to effectively utilize the cars? I'll throw out an opposite. It's not prepare the consumer, but when airbags went into cars into the steering wheels, there was a huge market. People would break into your car and steal your airbag because then you'd have to have it replaced and they would sell these airbags to the repair places that were going to put them into your car. So you start looking at the value of the electronics that are in cars, whether it's the radios. I don't think it was Liberia, but one of the African countries put in traffic lights and street lights that were securely controlled and had SIM cards in them. People climbed the poles to seal the SIM cards because there was a market for that. So we're starting to actually look at, I'm not going to break into your car to steal your iPhone anymore. I'm going to steal the things that are built into the car. I was watching news last night and they had a thing in Ohio where people steal the copper wire and telephone lines. Just knock the internet out of Arizona. There's lots of ways to disrupt systems and it's probably always going to be there, but I do think with B2B we have an opportunity for a very robust system that's not going to be very dependent upon infrastructure. Mostly the transmitter is just something to put in a car. You're going to have to have some infrastructure for the SCMS and for the credentials as part of that. But I think it does have great promise to not be as susceptible to some of these issues as other things. If you break into a car you can do a lot of bad things to a car. Right now a lot of the hacking that's been shown by the different things that reach the media still involve physical access to the car in first place in order to hack those. I know eventually it's going to be able to be done completely remotely without even getting physical access and that is the risk and we're all going to be focused on. But right now there's a huge amount of concern about an issue, but little real world evidence that it's happening yet, but it's going to be happening so we all want to control for it. We don't want to say it's not there, but we also don't want to be paralyzed by the fear of the security risk here and to not move forward on the great safety potential that this is offered. And one other thing about the complexity of the electronics. We do want to encourage and as part of our distraction everybody to think about how to make the car smarter and less distracting. And right now a lot of things we're talking about with automated vehicle technologies will enable that car to do something without requiring the driver to even understand what's going on. Automatic emergency braking has great potential to either apply the brakes or when you even better or even more likely when you hit the brakes to make sure you apply enough brake force to actually stop your car because that turns out we've done a lot of research. A lot of people don't hit their brakes hard enough when they need to stop their car. And you have great opportunity to have the car make all the calculations that the human can't or has been proven to generally not do correctly. So it makes it less important for the driver to really understand maybe some of the things they're going to be doing as we implement automated vehicle technologies. I know there's a lot of questions out there, but I want to throw one in here because it was what I thought of at the end of the presentation. We talked a little bit about a research agenda and how you could use this data to improve vehicle performance, driver safety. But to do that you have to aggregate the data. So one of the issues would be when you think of the data that's being generated by a car that will be generated by cars, how do you aggregate it? Who holds it? Is it the manufacturer? Is it the insurance company? Does there have to be a consumer agreement? And then to get the benefits, you may have to have data aggregation. Does that mean maybe people might have to give up a little bit of privacy to get a safer driving environment? So out of the principles that the automakers sort of have agreed to, these include the ability to collect information based on the use cases that the consumer has explicitly opted into. So I'll use the example of our off-board sort of navigation system. So when the user uses that feature, obviously the backend systems need the GPS location. And the first time that that's used, the user is informed that, hey, we need your GPS location to do this, to sort of perform this operation. In terms of aggregating the data, the principles also sort of talk a little bit about that in terms of the need to aggregate the data and anonymize the data for automakers to improve the product. But in terms of selling the data with sort of specific customer markers, that would be something that either would be forbidden or it would be something that the consumer would have to explicitly opt into. In terms of who owns the data, the consumer sort of clearly would own the data. And there's a lot of debate right now in terms of how and who that data would be shared with. I know the insurance companies have had sort of a strong opinion that they should sort of own and have access to that data. From an automaker's point of view, that I think would be up to the consumer to decide if that's something that they would want to do or not. So when you talk about the aggregate data, the question in my mind is, is it anonymized? Or not, because I don't really think there's going to be a huge amount of privacy concerns by definition. If it's anonymized, there's going to be great commercial value to different people for that aggregate data. There's certainly great safety value from Knitz's perspective of getting all the aggregate data. So the question in my mind is, how do you make sure it is anonymized so you don't get and you can assure the public it is in fact anonymized. So you then don't have resistance to, from our standpoint, the aggregation of data for safety purposes or however industry wants to use the data. If in fact it's been not tied back to individual consumers, most of the issues go away, I think. So the question is, how do you provide those assurances? Either that they've opted in, they know they've opted in not because it's something buried in the fine print, but it's something very clear opt in. So one thing we talked about with the industry when we met with them on their privacy statement with their privacy, what's the title for the document? Privacy Raymond or consumer privacy protection principles? Yes. So we've talked to the industry about the privacy principles and we think they're really critical as the industry continues to adopt the new technologies. But we want to make sure it's quite clear to the consumers when they are opting in and that they have the option of opting out. And as long as everything that's being collected is anonymized or it's being clearly collected with the consumer's permission, I think that will make a lot of these issues go away. There's also a global aspect to that. Our definition of consumer privacy is very different than the European's definition. And what's considered private data shifts as you go to different regions. And the definition of opt in here tends to be if we can trick them into opting in, they opt it in versus very different Europeans. So I think there's definitely going to be issues around in the global market is what certain manufacturers agree is privacy. Does that meet the global definition? But on that, we made it quite clear and I think the principles are pretty clear on this actually that the idea is not just something buried in the fine print, what you're talking about with tricking people into opting in will not be acceptable. That gentleman mentioned the rental car agency is being the first to try this out. Tell me it's not going to be buried in the fine print of the rental car agreement? None of us can agree. I think we have four questions. Just having aggregate databases somewhere change the security profile in some way that we need to think about, John. What would you? So we're going to have piles of data. It'll be anonymized to some extent. Will it be anonymized when it leaves the car? Yeah. Okay. Because it's actually only collecting the security credential. Then you collect your VIN. So that V2V didn't know the VIN. Then certainly didn't know the driver's name. Then the VIN knows it's got a valid security credential that was issued by the security credential. On that side of things, I think a lot of the privacy fears more are convincing people that privacy is first. I really do think it's that info entertainment side where there's much more lucrative information for criminal aspects and other things going after the data, the combined preferences. We're all getting used to accepting ads to get things for free. And part of that bargain is letting them track us. So as that starts to play out info entertainment systems in your car where you see an ad for Ruby Tuesdays because you happen to be driving your Ruby Tuesdays. Now all of a sudden there's a lot more information being aggregated that could be used for mass scale of identity theft in school. Kind of a frightening thought. I'll just go around the room real quick and that'll be easier. So we'll start here and then we'll go. Good afternoon. Dave Weitzel from MITRE and supporting the NIST NCCOEFFRDC. Also, Vice Chair of the Privacy and Computer Crime Committee of the ABA. It seems you haven't, you talked a bit about aggregation, not so much about big data. You haven't talked about advanced persistent threat, which I think is coming right at you. I'd like to also mention that Metcalfe's law advantages the attacker as well as the person trying to defend. But I want to turn to the privacy side. You talk about privacy principles and I commend the industry for making that step. But privacy principles don't mean much if they don't get to privacy engineering. How are we going to make sure that the engineers that take this next step make sure they're paying attention to security engineering and privacy engineering at the same time? Well, it takes, first to have it a couple of those. I mean, SANS is a big training company and that's certainly been part of the biggest demand fastest growth is how to train developers. We have a securing the developer program. That's one of the fastest ones to say. How can they be thinking about security concepts when they're writing code the way they're used to writing code? Not that it's some separate thing. I think that this area, the whole Internet of Things, complicates that. Again, as I mentioned, it's not everybody using the rational development environment, writing, you know, million dollar, million line of code systems. Real-time operators. These tools, those who's different sets of libraries. So I think there's a, you mentioned the ISAC. There needs to be industry-specific efforts to say as a common way of both the independent software vendors that write things for our platforms and our developers that we do have that security-specific training. Just on a couple of other things you mentioned, you know, APT for the three people in the world who might not know what that means, Advanced Persistent Threat has tended to mean China attacking the U.S. In China, it means the U.S. attacking China. So in Russia, it means everybody attacking Russia and so on. With good reason. So there definitely is that issue that says in these platforms, whether it's a car or a thermostat or an MRI machine that's being built in one country and sold to the other, how do we demonstrate that it doesn't have bad stuff built in or that it doesn't have openings for advanced type targeted threats to be installed? I think we have an actual much less worry in this world of malware being a major issue just because of the variety of platforms. But this issue of how do we convince the rest of the world that our products were not influenced by our government who's funding lots of this V2V stuff and aren't they sneaking things in just the way we're suspicious of other countries? And with V2V, what you're finding is while there's a lot of commonality on the sort of base sort of pieces of the protocol, you've got the U.S., Europe, Japan, potentially other countries working on their own sort of flavor of that technology. So what you, hopefully you won't see it sort of diverge, but you're seeing that each region is kind of working on its own very... I guess if the steering wheel's still on two different sides, we're going to have these systems for a long time. And you can tell them to look at their budget and they can see we can't afford to deal with them various. We had one in the front here, and we'll bounce back and forth. Hi, my name is Andy Plansami. I'm a contractor for the U.S. Department of Transportation. I've been working with the ITS Joint Program Office for more than a decade now on a lot of the connected vehicle programs. Some of the questions that came up here, I just want to throw a point that we will have the TRB slash AUVSI sponsored event in Michigan in July that's focused on automated vehicle. It's the Automated Vehicle Symposium 2015. So that may be of use for this community. The number two issues for me, looking at it from somebody who's been engaged in this work for a while, I'm seeing what the UK government is doing in terms of putting their automated vehicles on the ground. And as they're doing the testing, they're also looking at simultaneously how they can change the laws. So from the legal perspective, what are all the steps that the U.S. is planning on taking in terms of meeting the technology when it's ready from the policy side. And the other question to you is also the U.S. Department of Transportation, knowing that this is such a hard topic for the community, everybody's interested in learning what's going on in the automated vehicle world. Why is there no website or web page that is dedicated to automated vehicle issues? As it's coming up, more people can visit that page and be informed about what the agency is doing. But unfortunately, there's no such place right now. So let me talk about the second question, which is sort of my bailiwick, because I'll confess the third question of what should we be doing on the website to address these issues. I just confess I actually almost never check our website. I actually have attorneys who work for me and I get to delegate to do things like go check on the website and see this. So I am probably one of the least informed people around about what the DOT and what the NHTSA website says. So let me just confess that right now. I do deal with the question of legal restrictions. And I don't think there's really much out there at all that's an issue right now. There are tort liability rears its head affecting industry actions across the board and a lot of things. And there are, I'm sure, Ford and every other company that's involved in doing anything. Automation is looking at the tort implications of doing something wrong, making a mistake as they roll out automated vehicle technologies. But there are very few legal restrictions and legal issues that need to be, that are actually roadblocks in terms of regulations or in terms of statutes, either on the federal level or state level to vehicle automation right now. And we've been looking at this pretty carefully and just really not much out there. There's actually quite a bit of a need conversely to use regulations to actually enable aspects of automation, particularly B2B. B2B won't actually happen unless we get B2B in all the vehicles and about the only effective way we know how to do that would be to do a regulation. I guess you could end up, the insurance industry decides this is really a great idea. They could make insurance policies cost ten times as much if you don't agree to put B2B in your car. So that may be one way of actually making B2B a reality without going through a regulatory model that requires it to go in each car. But right now we think effectively if we want to have B2B, you need the government to issue a regulation to require it. But that's different than saying there's a regulatory roadblock right now in the existing regulations. And people see it out there if anybody involved in vehicle automation knows of any federal regulatory framework which is staining in your way right now. Feel free to talk to me, it's in my area. I'm glad to talk to you about it because we don't want to stain in the way development of vehicle automation. We want to make sure it's done safely. And we do have regulatory power to deal with things if they're done unsafely as vehicle automation is developed. And we have authority to deal with defects if someone could certainly roll out a defect in automated vehicle technology and we would deal with it under a normal defect authority. But that's not to say there's any requirement to clear a roadblock right now. I was going to ask one quick follow-up question. Things that supported that by law. But with connected vehicles now we are allowing vehicles to be a little bit more closer and with automation it's even more closer I would say. Now how would you bypass that state law with something that's overarching? So there's a lot of what-ifs about people can apply. Right now again, VV is not out there other than one pilot program in Ann Arbor, Michigan and the state of Michigan is going to expand and a lot of test tracks. Certainly if people have vehicle convoys that they want to roll out using automated vehicle technologies and they can identify specific states that have tailgating laws then it's worth a discussion with those states but that's not something that's reality right now impeding anything. Okay we had one over there and then we'll bounce back to this side because we're getting closer so if I can ask you to- Yeah Tim Luke from TALIS. I had a question, you know a lot of the discussion has two points that I picked up in my interest areas. One, there's not a whole lot of frequencies available for these systems. And two, a lot of them look to be more stuff that stays within the roadway. But I'm curious as to how you would foresee a how much is going to start leaking out off the roadway as far as data collection or traffic management and that sort of thing. And then what would be the means to do that? Cellular frequencies are already congested. How do you see that developing? Throw that out. Well let me talk a little bit more. First of all let me say I have a electrical engineering degree but it was a million years ago and I had to go become a lawyer because I was technically not very comfortable. So it's kind of dangerous for me to be talking about the technical engineering stuff so you should step in when I start garbling it. But B2B uses dedicated short range communications. It's a signal that only goes 500 meters. It can vary a little bit but that's a fair set. It's short range. So you're not going very far off the roadway with the DSRC communications. You will be going off the roadway for the VDI applications because that's intended to be going, and you're going to have to have something else cellular or something then transmitting the data for VDI purposes that are being collected by roadway infrastructure. But right now for V2B we're dealing with a specific slice of the spectrum, 5.9 gigahertz and that's been dedicated for this purpose but it is to this short range. So it is a very specific issue of what are the limitations and what are the uses for V2B purposes what we're talking about. The other communications we're talking about with the Internet of Things, of course that opens up the whole question of Internet of Things. Denise, we had a question from you. Yeah, Denise Jung with CSIS. My question is more about sort of 15, 20 years out when you look at how this technology affects the auto industry and the marketplace. So when we have fully autonomous vehicles it's conceivable that we might actually sell less viewer vehicles because of the ability to provide transportation on demand or to carpool or maybe each family will not be owning their own vehicles. How does that affect the auto industry? How are you guys looking at this? And then the other question which is related to that is in some ways IOT and transportation is kind of like the divisification of your vehicle. So when you look at and John you had talked about iOS versus Android versus Microsoft these different ecosystems or platforms for mobile devices do you see sort of an equivalent or similar type of trend in the auto industry where we might have different platforms and different ecosystems for automobiles and that potentially auto companies could turn into sort of app manufacturers or companies that provide additional features on top of a platform that already exists. So my question is a little bit more forward-looking. How does this affect the marketplace? Sure, in terms of apps, I know Ford has put forward our own sort of technology in terms of integration with mobile app and the mobile app ecosystem. That's today. It's not necessarily the focus to compete with the likes of Apple or Google but to basically just provide additional capabilities to existing consumers and make a better case that they would want to drive our vehicles. Looking forward, a number of years, it's actually a really salient question and our CEO, Mark Fields, spoke on that at length in his CES keynote speech on what does mobility look like in the next decade or so. And he talked about a number of trends from larger mega cities and urbanization where exactly what you had sort of indicated individuals may not want a vehicle but they want the ability to sort of perform transportation functions as well as a larger middle class that's rising outside of the United States. So you're seeing while the United States has been fairly stable in terms of its vehicle consumption, you see areas like India, China and other parts of the world are rapidly increasing as the middle classes sort of in those areas increase. So what are some of the challenges that they would face both in terms of driving in terms of having affordable mobility and things like that. So Ford is looking at a number of experiments to look at sort of what mobility will look like 10, 15 years out and that includes everything from sort of driving in heavily urbanized areas, car sharing, having autonomous vehicles that basically could drive to where you are at and pick you up with Georgia Tech as I mentioned earlier as well as a number of partnerships with students and companies that have submitted sort of ideas in the various competitions that we've held sort of all around the world. And one of the challenges of automation is how does the driving experience change especially when the driving experience itself is so much of the sort of the pleasure that people get out of driving. I mean there's a lot of instances where it's not but you can certainly say, well I wouldn't drive a Mustang to basically just get from point A to point B, I would drive it because it's an enjoyable experience. And so you're going to have to sort of balance those two and I think they'll probably still be a place for driving for pleasure 15, 20 years out but I mean your points will take and there's going to be a very sort of utilitarian need for it as well. No but it's not a futuristic question, I mean it's right now today, I've got an app on my Ford app, I drive a Ford which you know I can control my car and it's a Ford app so they downloaded it from Ford. I've also got apps for its electric vehicles so for you know how I find charging stations which is from whatever the company was I actually got a couple apps on electric vehicles stuff. And then if you go to CES, I think all the authors are there at CES and basically the automobile is just a big platform for consumer electronics and we always send people to CES because it has been their age the last two or three years as everything going into that big platform which is your automobile that all of us Americans spend so much of our time in you know much more than the rest of the world you know we live in our cars. Which you know there's no secret to why Google is so interested in autonomous vehicles, right? If we live in our cars if we didn't have to pay attention to the road we could pay attention to the advertising. So if you think about everywhere else you go an elevator, an airplane you're saturated with advertising because the goal is to reach those elusive eyeballs. So when you follow the trail here on the autonomous vehicles side that's the end game why a lot of these people are interested until the society and the technology really catches up to that those infotainment systems when you start looking at the revenue GM on-star or Ford's equivalent or other things can bring in over the 12 year life cycle of a car. I don't know what GM actual profit is on selling a car but if you divide that by 12 years selling information services over 12 years to the owner of that car is significant chunk of revenue. And it's the Apple mentality where historically you sold a car and the consumer had it for 10 years and then you met them again in 10 years and said hey would you like to buy another car? Apple's model of what has been every year, year and a half there's a touch point where they'll give you sort of a new upgrade. Sort of continually sort of keep yourself sort of instantiated in the consumer's memory and I think you're seeing that in the automotive space as well where those infotainment platforms are sort of being refreshed longer than historically has been the case in the automotive industry. So you've got sort of mobile app integration, you've got sort of continual updates to the infotainment systems. It's really about not necessarily selling services but it's about continually giving consumers new value as they own the vehicle through its lifetime. Well I know there are more questions out there but we have reached our allotted time so this is a panel. Americans love cars, I guess that's what I was taught as a kid. I don't think, I wonder how that will change. But we could talk about this subject for much longer. Join me in thanking our panel.