Cyber Florida
The Florida Center for Cybersecurity (also known as Cyber Florida) was established at the University of South Florida in 2014 under Florida statute 1004.444. The goals of the center are to: position Florida as a national leader in cybersecurity and its related workforce through advancing and funding education, research, and development initiatives in cybersecurity; assist in the creation of jobs in the state’s cybersecurity industry and enhance the existing cybersecurity workforce; act as a cooperative facilitator for state business and higher education communities to share cybersecurity knowledge, resources, and training; seek out research and development agreements and other partnerships with major military installations to assist, when possible, in homeland cybersecurity defense initiatives; attract cybersecurity companies to the state with an emphasis on the defense, finance, health care, transportation, and utility sectors.
With the shared mission of promoting cybersecurity awareness and enhancing the cyber resiliency of our Nation, Cyber Florida is eager to provide comments on the potential application of artificial intelligence (AI) in transportation, and the emerging challenges and opportunities in creating and deploying AI technologies.
Comment
Advancing research and development (R&D) and the responsible use and deployment of artificial intelligence (AI) for civilian benefit is timely and should remain a top priority in the United States. Cyber Florida commends the Department of Transportation (DoT) for its intent to adopt AI technologies to improve operations in the transportation sector, while being mindful of safety and security. The ARPA-I areas of focus can and will benefit through the use of AI if such technologies are implemented properly and responsibly.
AI techniques can now be adapted to virtually take any source of data and derive meaning out of it if trained correctly. The key challenge in leveraging AI technologies is carefully crafting the specified parameters that determine desired outcomes, while filtering out the noise. The most important aspect, even beyond the technicalities of AI R&D, is the ethical use of AI in the DoT’s mission, while simultaneously ensuring that the rights, responsibilities, and risks of AI are effectively managed.
Current AI Applications
AI is currently being used in many ways for optimizing driving. A vast array of sensors are present in modern cars that at any time process significant volumes of data for real-time situational awareness. A most straightforward application today is pedestrian detection on roads using image sensors (cameras) and AI algorithms operating on those images in real-time. Modern self-driving cars also use an array of sensors in planning the next course of action on the road. AI algorithms learn continuously about driver habits and patterns to make self-driving cars personalized for each driver. AI algorithms are trained to process voice commands to enhance overall driving experiences. These are some among the many ways where AI is radically transforming the driving experience today.
Opportunities of AI
Among many opportunities, we see the most impact in AI models further optimizing transportation systems through V2V (Vehicle to Vehicle) Communications. With the ability to detect what surrounding vehicles are doing/ likely to do (via AI algorithms processing image, audio, inertial, ultrasonic and other types of data), transportation systems are set for radical reform in many ways, including improved road safety, congestion control, superior platooning models for vehicle movement, early accident detection and avoidance, and much more. Another clear potential for AI impact is improving driver performance with AI. For example, AI models that can detect impaired and underage drivers. AI can also detect and warn young/new drivers of mistakes made and offer real-time coaching.
Autonomous Mobility Ecosystems
The most significant risk we see is false negatives or positives. A false negative or positive in applications like biometrics or financial fraud detection may mean a false accusation or loss of money, which is definitely problematic. But a false negative or a positive in transportation networks could result in physical injuries or even death, such as in the case of accident detection, for example. As such, the accuracy and execution time expectations have to be
immensely stringent, with no margin for error. Therefore, significant investments must be made in multi-modal sensor fusion for superior redundancy and fault avoidance. We anticipate new AI models focusing on multi-modal sensor fusion methods. A second, and unforeseen challenge yet, is privacy. With so much data collected from cars today, coupled with potential for inter-car and car-server communications, privacy of data stored is a key challenge. There is yet very little awareness of how humans perceive privacy challenges in transportation systems. We expect significant insights to emerge from human-computer interaction research on transportation privacy issues, which will govern design of future AI algorithms so that privacy risks are better understood and mitigated without compromising other performance metrics like accuracy, road safety, network optimization and more.
Managing Challenges & Risks of AI
It is important to create and enact well-defined cybersecurity policies to address the needs of AI applications and authorizations for further AI use. Cyber Florida suggests that a key element for the adoption of AI within the DoT is the development of a detailed compliance plan that is integrated prior to initiating its application. A comprehensive AI compliance plan must completely encompass aspects related to potential risks associated with the use of AI systems, the appropriate pathways to collect and protect data through algorithms or storage systems and the ethical usage of this data, delimiting specific cases in which it can or cannot be utilized.
As AI is being utilized in the DoT, Cyber Florida supports and encourages the documentation of AI use-cases, as well as the periodic review and modification of these cases as and when AI technologies and intended applications change. Additionally, Cyber Florida recommends due diligence in safeguarding data that was trained, validated, and tested while developing AI models, including access and data control policies. Specifically, we recommend a) storing all data within the geographical boundaries of the US; b) multi-layered and fine-grained access control to ensure that impacts of any information leakage are gradual and not catastrophic; and c) well-defined incident response policies should data compromise be detected.
Cyber Florida recommends a robust program at the DoT to periodically audit all aspects of the AI models, including fidelity of data, security controls, model performance, computing and storage requirements, use-case inventory, test scenarios (in lab and in the field), and more. Audits could be a potential opportunity for ARPA-I to conduct further research, alongside universities and governmental or military institutions, allowing for impartial reviews of the departments developing models.
Cyber Florida recommends the creation of an Incident Response Plan in anticipation of any unethical usage of both AI systems and data to appropriately assess and control any damage following a cyber incident. Aspects that fall under the umbrella of the Incident Response Plan would include identifying the stakeholders impacted, the existing data accessed, and the security policies and the audit history for all AI systems in place. Due to the complexity of the DoT, a base plan could only serve as a starting point to provide structure for the department as a whole but should be further adjusted to fit the needs and workflows of each operating administration.
Additional Considerations
Cyber Florida supports the White House Executive Order directing all federal agencies to designate a Chief AI Officer (CAIO) who is tasked with the broad oversight of the use of AI. The DoT CAIO should be technically adept with AI and have a deep understanding of its strengths and limitations. Equally important, the CAIO should be well versed with the agency’s priorities, understand the complex interdependencies of the DoT, and be aware of related risks. Cyber Florida recommends that the DoT implement a governance board to oversee and advise the CAIO on AI related topics. The governance board should include a diverse group of individuals with expertise in areas such as computing technologies, engineering, material science, neuroscience, physics, mathematics, cybersecurity, and much more. A trans-disciplinary governance body will assist in advancing decisions that are rooted in sound science, ethics, and practicality.
Contributing Authors
Dr. Sriram Chellappan
Academic Director of Cybersecurity Research
Cyber Florida
Professor, Computer Science and Engineering
University of South Florida
Jordan Deiuliis
Senior Cyber Program and Policy Analyst
Cyber Florida
Cristina Solis
Student Assistant, Partnerships and Policy
Cyber Florida
Contact Information
Ernie Ferraresso eferraresso@cyberflorida.org
813 974 1869
Director Cyber Florida