Two white hats who checked out how to hack into the network of ECUs used in modern cars have now released all the code and tools they used in a 100-page technical paper.
MADISON, Wis. -- News stories about hackers successfully taking control of cars, using old Nintendo game pads, have been popping up on the Internet over the last few weeks.
The car hackers were actually two security researchers -- Charlie Miller, a security engineer at Twitter, and Chris Valasek, director of security intelligence at IOActive. These two white hats used a grant from the Defense Advanced Research Projects Agency (DARPA) to suss out how to hack into the network of electronic control units (ECUs) used in modern cars and see what mischief they could do once they gained access.
The cars they hacked into were a 2010 Ford Escape and a 2010 Toyota Prius.
The methods they used were unveiled last Friday at Def Con, a security conference, in Las Vegas. The two researchers also posted a 100-page technical paper here.
Obviously, Miller and Valasek didn't do this just for the heck of it, or even for the sake of media attention.
In the tech paper, the two researchers make clear that they released "all technical information needed to reproduce and understand the issues involved including source code and a description of necessary hardware."
Also acknowledged by Miller and Valasek was the genesis of their work in earlier research by a team at the University of Washington. Collaborating with colleagues from the University of California-San Diego, they put together a technical paper entitled "Comprehensive Experimental Analyses of Automotive Attack Surfaces."
The same tech paper was quoted in EE Times' previous story, How Hackers Can Take Control Over Your Car.
The work at Washington and Cal-San Diego was tightly circumscribed. It "was meant to only show the existence of such threats" of malicious actions that could affect the safety of automotive systems, wrote Miller and Valasek in their tech paper. "They did not release any code or tools. In fact, they did not even reveal the model of automobile they studied."
So, the mission Miller and Valasek undertook in their latest exercise was to "expand on the idea" of the previous research and "to demonstrate how on two different vehicles that in some circumstances we are able to control the steering, braking, acceleration and display." The two researchers are also proposing a mechanism to detect these kinds of attacks in their paper.
A laptop communicating with the CAN bus.
(Source: tech paper authored by Charlie Miller and Chris Valasek)
In all fairness, in their demo, Miller and Valasek took over some of the car's systems using a laptop computer connected to its OBD (on-board diagnostic) port, before they went out to drive it using a video-game controller.