The exponential growth in connected and automated systems has increased the demand for the sensor technology necessary to make them operate safely. Light detection and ranging, or lidar, is just such a remote sensing technology that uses pulsed light to measure and map the surrounding environment. Lidar’s ability to quickly and precisely map complex environments has made it essential for autonomous vehicles, and has given it an increasing role in airports, infrastructure mapping, ports and other emerging connected systems.
For 2022, analysts estimated global automotive lidar revenues at $332 million per year, a number only expected to grow as the technology becomes more widespread and sophisticated. However, the rapid growth of lidar in connected systems and the predominant position Chinese companies have in the marketplace, coupled with the precise data the technology collects, expose the threat posed by untrusted lidar systems. The systems could easily be exploited by malign actors to conduct any manner of malicious actions, including clandestinely mapping U.S. critical infrastructure or conducting cyberattacks that disrupt operations.
American and European companies previously comprised the majority of the global market, but Chinese technology firms like Hesai, RoboSense, Seyond, and Livox (a division of the Chinese drone maker DJI) have rapidly expanded into international markets, including the United States. Hesai has grabbed over 47% of the global market share, benefitting from Chinese domestic industrial policies, including state subsidies and procurement preference. An analysis of filings from publicly traded lidar companies shows that Hesai and RoboSense gained approximately 50% of the North American market share in just a few short years.
While the presence of Chinese companies in lidar competition can drive innovation and competitive pricing, we must be clear-eyed about the threats posed by companies affiliated with the Chinese Communist Party and its strategy of military-civil fusion. Under the military-civil fusion, the Chinese Communist Party, or CCP, obfuscates the line between private companies and the government in order to direct technological research and development that would benefit the state both commercially and militarily.
Further, Chinese companies are subject to national security laws that require People’s Republic of China businesses to pass data to Chinese intelligence agencies when asked, even if their operations are overseas. These laws create the distinct possibility that Chinese technology can serve as an access point for CCP-directed intelligence collection and cybersecurity exploitation.
In a form sent to the SEC, Hesai directly admitted the “PRC government has significant authority in regulating our operations and may influence or intervene in our operations at any time.”
U.S. national security leaders have expressed serious concerns about the potential threat posed by Chinese malware installed in critical infrastructure, near military bases and even on American roads. Similar concerns about Chinese-connected systems and lidar have also been corroborated by our close allies. The Estonian Foreign Intelligence Service published a report highlighting the threats of Chinese technologies, including lidar, to Estonian national security. Specifically, the report warns the agency is aware of an effort to develop Chinese-manufactured lidar intended to scan the environment and exfiltrate that data back to China.
In addition to the direct cybersecurity threat Chinese lidar systems pose to the United States, they also risk oversaturating the market. Overdependence on foreign technology allows an adversary to disrupt the United States’ economy and security with the implementation of an export control, and limits the development of viable alternatives.
In 2022, the PRC’s Ministry of Commerce added lidar to its proposed “Catalog of Technologies Prohibited and Restricted from Export” because the country considers lidar a “strategic emerging industry.” In a crisis, the CCP could threaten to transition that list from proposed to enacted — and seriously disrupt the U.S. autonomous vehicle, agricultural and industrial sectors.
The U.S. government has begun to pay attention to these security concerns and take action. In November 2023, the House Committee on the Chinese Communist Party encouraged the secretaries of commerce, defense, and the Treasury to investigate PRC lidar firms for ties to the People’s Liberation Army. Two months later, the Department of Defense concluded that Hesai held close ties to the Chinese military and consequently placed Hesai on its so-called 1260H list of Chinese military-linked companies. Hesai’s designation was notable not only because it is the first lidar manufacturer added to the list but also because it is the first publicly traded company on the U.S. stock exchange to be added.
Hesai has since objected to its designation by the DOD as a Chinese military-linked company, claiming it does “not sell our products to any military in any country, nor do we have ties of any kind to any military in any country.”
However, contrary to their claims, Hesai’s lidar systems have appeared on Chinese military vehicles, highlighting the dual-use nature of lidar technology and underscoring the true extent of Hesai’s role in the People’s Liberation Army’s defense industry. The DOD even defended Hesai’s addition to the 1260H list after Hesai threatened to sue.
Hesai’s designation on the Section 1260H list should be a wake-up call about the growing threat posed by untrusted sensing technology companies from countries of concern. Shortly after Hesai’s designation, numerous lobbying firms terminated business with Hesai after reports that congressional offices were considering banning firms that represent 1260H-listed companies.
On March 1, the Department of Commerce issued a proposed rule to identify information and communications technology and services used in autonomous vehicles deserving of regulation, specifically citing lidar. This is an important step toward scrutinizing the use of untrusted lidar in commercial applications. However, more must be done to safeguard U.S. data and prevent dependence on geopolitical adversaries for a critical, emerging technology.
First, Congress should continue its scrutiny of the threat posed by untrusted lidar companies. It is imperative that American lawmakers and the public be aware of how this technology is being employed across the nation’s cities, infrastructure and homes — and what vulnerabilities it creates for malign actors to exploit. Based on their findings, officials should consider placing additional restrictions or regulations on untrusted sensor technology companies.
Second, the Department of Commerce should use its authorities derived from the final rule on “Securing the Information and Communications Technology and Services Supply Chain; Connected Software Applications” to inform an assessment of regulatory action needed to prevent Chinese lidar companies from posing a risk to U.S. cybersecurity interests.
At a minimum, the departments of the Treasury and Commerce should consider using their authorities to place companies found to have ties to the People’s Liberation Army on the sanctions list and entity list, respectively.
Third, the United States needs to invest in expanding its own trusted lidar-industrial base, drawing from domestic capacity and that of our allies and partners, to offer alternatives to subsidized Chinese lidar companies.
U.S. government investments in emerging sensing technologies, like lidar, through a CHIPS and Science Act-like program will likely be needed to strengthen the competitiveness of American industry.
If the U.S. government does not scrutinize lidar and other emerging technologies produced by companies from countries of concern, we run the risk of our automated future being dependent on untrusted systems that jeopardize our national security and undermine global competitiveness.
Retired U.S. Navy Rear Adm. Mark Montgomery is a senior fellow at the Foundation for Defense of Democracies think tank. He is also a senior adviser to the chairman of the Cyberspace Solarium Commission. He previously served as policy director of the Senate Armed Services Committee under Sen. John McCain, R-Ariz., and as director of operations (J3) at U.S. Pacific Command.
from Defense News https://ift.tt/XCUYB7c
via IFTTT
Post a Comment