Intelligent connected vehicles should pass the "digital space crash test" before selling

Biography

Zhou Hongyi

He is a member of the 13th National Committee of the Chinese People's Political Consultative Conference, a member of the Central Committee of the Jiusan Society, and the founder of 360 Group.

Notes on the performance of duties

At this year's two sessions, I will focus on issues such as intelligent networked vehicle safety. In both 2019 and 2021, I have proposed the regulation of intelligent networked vehicles. I recommend that vehicles be required to pass a "digital space crash test" before sale to ensure the safety of intelligent and connected cars on the road.

My wish

Intelligent connected cars sold in the mainland pass the "digital space crash test"

As soon as possible, build a set of intelligent networked vehicle situational awareness system with the automotive safety brain as the core

At this year's two sessions, Zhou Hongyi focused on digital security and intelligent networked vehicle safety. In an interview with Nandu reporter, he said that the "little hair thief" type of cyber threat has slowly become history, the professional forces represented by the national hacking organization have entered, critical infrastructure and cities have become the preferred targets of network attacks, and data has become a new target of attack - "the opponent has changed, and the battlefield has also changed."

He proposed that cybersecurity should be upgraded to digital security and included in the new infrastructure. In terms of intelligent connected vehicles, he suggested that vehicles be required to pass the "digital space crash test" before sales to ensure the safety of intelligent and connected vehicles on the road.

Talk about digital security

It is recommended that countries integrate digital security into the new infrastructure

Nandu: We have noted that in your proposal for this year's two sessions, you suggested that the state increase its investment in cybersecurity.

Zhou Hongyi: China's digital security investment is relatively low in the world, and only network security in developed countries accounts for 10% of the overall IT investment, while the domestic investment is less than 1%.

I think there needs to be a clear requirement for investment in digital security at the national level, at least to increase the proportion to 5%-10%. In addition, for digital security companies and corresponding talents, I suggest that the state provide some preferential and supportive policies in terms of taxation.

Nandu: You also suggest upgrading cybersecurity to digital security, how to understand?

Zhou Hongyi: What needs to be distinguished is that network security and digital security are not the same thing. Network security corresponds to the information age, and now it is the era of big data, cloud computing, and the internet of everything, the opponent has changed, and the battlefield has also changed. We can no longer solve the problems of the new era with the old methods.

I think that after entering the digital age, the biggest security threat actually comes from large-scale cyber attacks, and even national opponents, and the threat of "little hair thieves" and "little Trojan horses" is definitely not a climate. Nowadays, the Internet of Things, the Industrial Internet, and the Internet of Vehicles are developing rapidly, and many infrastructures, such as factories, substations, energy, and transportation facilities, have also become the targets of cyber attacks. In big data-driven businesses, data has also become an attackable target. In the past, data played a role in storage, and now once the data is paralyzed, it means that the business has "stopped" and has to stop.

Nandu: In this case, what changes need to be made to digital security?

Zhou Hongyi: So I think that in the response to digital security, we first need a top-level design, from the national level to the prefectural and municipal level, to establish a "distributed national security brain", that is, a distributed digital security big data analysis network. In terms of laws and regulations, the planning of digital security systems can also be strengthened. For example, the Internet of Vehicles, we can not say that enterprises have sold a lot of cars, data has also been collected, and then through the plug-in firewall and other ways to solve security problems, which is unrealistic.

I propose to build a digital security emergency response system covering all digital scenarios, including addressing challenges such as the Industrial Internet, the Internet of Vehicles, smart cities, and cloud security, data security, and supply chain security. At the same time, the state should incorporate digital security into the new infrastructure, so that all localities can take security into account at the beginning of digital construction, and interconnect and mobilize all social forces to participate in the construction of the digital security system.

Talk about the security of the Internet of Vehicles

Digital spatial collisions should be tested by a third party

Nandu: You made proposals to regulate smart connected vehicles in both 2019 and 2021. According to your observation, what changes have occurred in the cybersecurity risks faced by intelligent and connected vehicles in recent years?

Zhou Hongyi: Now the car factory often uses a set of cloud servers to control the car driving, once the cloud service is breached, hackers can issue various instructions to your car, and the car must be executed for the instructions sent by the car factory server, such as remote start and stop, which will bring great risks. On the other hand, a smart connected car is a large sensor that collects all kinds of information. In the future, every car manufacturer will become a big data manufacturer. Big data is attacked by ransomware or defaced, contaminated, or compromised, which also poses a security risk.

Nandu: What are your solutions to these security risks?

Zhou Hongyi: If you buy a smart networked car, such as airbags, chassis and other physical collisions are credible, but the network services behind its numbers have not withstood the crash test of the digital space, this also needs attention.

I think we can learn from the means of physical crash testing of automobiles to establish a long-term mechanism of "digital space crash test" for intelligent connected vehicles, and force intelligent connected cars sold in the mainland to pass the "digital space crash test". At the same time, the automotive industry will build a set of intelligent networked vehicle situational awareness system with the automotive safety brain as the core as soon as possible to help regulatory authorities and car companies realize the real-time "visible, controllable and manageable" of automotive safety, and ensure that the intelligent and connected vehicles on the road are always in a good safety state.

However, I don't think the digital space crash test can be done by the various automakers themselves, because it is difficult for them to remain neutral and should be done by a third party. My proposal should be forwarded to the Ministry of Industry and Information Technology, hoping that the state will coordinate and promote the construction of some laboratories for the collision of digital space.

Talk about the experience of performing your duties

3-4 proposals per year focus on the field of digitalization

Nandu: This year is your last year as a member of the 13th National Committee of the Chinese People's Political Consultative Conference. What are your experiences in the past five years?

Zhou Hongyi: It's been five years since I realized it, and Chairman Wang once gave us a speech, and he said that CPPCC members have no right to speak without investigation, and this is the most important thing I have learned. It turned out that for a period of time, the members of the "two sessions" were all hot spots in society, but if you don't understand many things, the depth of your analysis is not enough, you may just find problems, and you can't come up with suggestions for solving them.

My old line of business is security, it's digital, and I only understand these areas. And there are many problems in these areas that have not been solved, so we only write 3-4 proposals a year, hoping to implement them.

One of the ones that impressed me more was the proposal for cybersecurity talent training. I have found that many colleges and universities have concerns about teaching students network security attack and defense: for example, what if he attacks the Academic Affairs Office and changes his grades after teaching students? But the essence of cybersecurity is a confrontation between people, and if there is no young people to be trained, the strength of one or two companies to recruit will not solve the problem of Chinese reserves.

Nandu: You've really been following white hat hackers a lot over the years. Do you think the situation for white hat hackers has changed?

Zhou Hongyi: I don't think the improvements I have seen are particularly numerous, especially many people are confused, easy to stigmatize this group, more and more restrictions on research, and stricter management. In this case, many people go underground or join foreign companies. Personal white hat hackers are actually very important in the security system of network security and digital security.

So I'm still talking to the authorities about this, and I think we need to vigorously support the white hat hackers in The country, to give them a secure community, not only to let them make money by finding loopholes, but also to let them be recognized and respected, to provide them with a relaxed environment.

Writing/Photography: Nandu reporter Sun Chao Hu Gengshuo Li Yaning Intern Ji Hanya