Design Con 2015
Breaking News
How Hackers Can Take Control Over Your Car
7/8/2013

< Previous   Image 4 of 4   

Where vulnerabilities exist
Source: Technical paper -- 'Comprehensive Experimental Analyses of Automotive Attack Surfaces'
Source: Technical paper -- "Comprehensive Experimental Analyses of Automotive Attack Surfaces"

< Previous   Image 4 of 4   

Return to Article

View Comments: Newest First | Oldest First | Threaded View
<<   <   Page 7 / 8   >   >>
cedricfau
User Rank
Rookie
Re:
cedricfau   7/9/2013 12:20:57 PM
NO RATINGS
The problem is that it will cost a lot in work labor to install 2 networks and in available room into the car. I'm not sure that the industry will accept these drawbacks.

Olaf Barheine
User Rank
Manager
Technology is not the problem
Olaf Barheine   7/9/2013 7:54:21 AM
NO RATINGS
In my opinon, the main problem are the engineers and developers in the automobile industry (and not only there), who still seem to underestimate the crminal energy of the hacker scene. Everything that can be hacked, will be hacked!

prabhakar_deosthali
User Rank
CEO
Re:
prabhakar_deosthali   7/9/2013 2:34:43 AM
NO RATINGS
In my opinion, if any catastrophe as a result of attempted hacking into the car systems is to be avoided then there should be two networks in the car. One a private network controlling the critical operation of the car - accelerator, brake, engine, windshield wipers, windows etc. This network should be totally isolated and should have a manual override for every automatic function that it handles.

The other network containing the GPS, cell phone connectivity, entertainment etc can be connected to WAN and thus would not affect the critical functionality of the car even if it is hacked.

mcgrathdylan
User Rank
Blogger
Re: Cyber security for cars?
mcgrathdylan   7/9/2013 12:57:02 AM
NO RATINGS
Isn't it kind of taken on faith by now that anything can be hacked? Trust no one.

LarryM99
User Rank
CEO
Re: Unconvinced
LarryM99   7/8/2013 11:34:43 PM
NO RATINGS
Not bad, but keep in mind that the LED = "video on" association only works for commercial webcams. Build one yourself and you have the option of not following that standard!

It does bring up the dark side the current Arduino and Arm wave of innovation. It used to be that it took an engineer to build a system up from components. Now any reasonably smart person can assemble what you have described from $50 worth of parts - no soldering iron required.

David.Proffer
User Rank
Rookie
Re: Unconvinced
David.Proffer   7/8/2013 11:11:10 PM
NO RATINGS
Good points Larry. 

To your point 'The little LED on your webcam is the best indicator if there is a hacker watching you through':

A 'funny' event I recently had that may show a growing weakness in the 'I'm on' light:

I was staying at a hotel recently and upon coming out of the shower I looked up to see a blue LED glowing behind the grill of the bathrooms ceiling exhaust fan. Being the paranoid inquisitive tech guy I am, I of course popped the cover off and had a look. There was a small black plastic square device with a blue LED glowing in one corner. I took a few photos of it and the name plate tag of the exhaust fan. Five minutes of 'googling' found that the unit contains a humidity sensor with dual color LED to indicate what function the fan is operating in!

From the manual 'This product also incorporates a dual color (blue and amber) LED indicator to show if it is running at humidity sensor mode or full speed mode.'

http://www.ventingdirect.com/delta-electronics-vfb25ach-breez-80-cfm-humidity-sensor-exhaust-fan-less-than-0-3-sone/p1121978

I just wonder the prudence of this major hotel chain installing these blue LED equiped humidity sensors in all of their guest bathroom ceiling?

And of course, switching my 'white hat' to my 'black hat' wondering how quickly I could build a remote transmitting video and audio device to mimic this humidity sensor and LED!

 

David.Proffer
User Rank
Rookie
Re: Unconvinced
David.Proffer   7/8/2013 10:52:58 PM
Bert I hope you are able to continue to drive that 1975 AMC Pacer you own for a long time :-)

Because, bad news, cars that are sold today are far more integrated across all systems that I think you are aware. I took a 30 second review of the systems that you can have on the 2013 Mercedes C250 that the journalist Michael Hastings was driving when he was killed last month in Los Angeles. There are at least 20 more attack vectors and active break, steering and accelerator connections available in this car than were available in the 2011 hack that Junko cited. The possibilities to take over this car are astronomical!

https://plus.google.com/u/0/111718018022624143076/posts/KR7n78oj58H

In the case of the Mercedes C250 2013 and your points:

1) Brake system - software controlled with at least 4 non-brake system that I count that can active any single or combo of brakes.

2) Steering column - the least hackable control in the car that I found, I could only find control that 'alerts the driver by vibrating the steering wheel' HOWEVER, the Mercedes 'Active Lane Keeping Assist' will 'If the driver continues to drift, it can apply the brake to a single rear wheel to help guide the car back into its lane.' That is as good as steering. Think about how steering could easly be overridden by wheel braking combos...

3) Throttle - I could not confirm it, but if the throttle is not fully 'control by wire' it is still fully controllable by software.

4) Shut off the engine, bad news again, more and more cars today do not require a physical key to be inserted to enable the car. In the C250, 'A leap in ease and efficiency pioneered by Mercedes-Benz, KEYLESS-GO lets you unlock, start and drive away without removing the SmartKey from your pocket or purse.'

5) 'Still, brake and steering control are independent.' Unfortunately not. And less each year. Brakes crossed the threshold several years ago and steering by wire is in more and more cars each year. There are multiple cars today we parking assist, this is steering fully under software control.

Killing someone by inserting software into anyone of a number systems in cars today to 100% possible. As I stated in my analysis of the tragic death of Mr Hasting, I doubt we have forensics resources available today to draw a conclusion. And worse, the ability to defend ones car against a possible attack is nil today.

 

LarryM99
User Rank
CEO
Re: Unconvinced
LarryM99   7/8/2013 10:34:57 PM
NO RATINGS
The attack surface is increasing. Check out this article from a recent Wired magazine about a drive-by-wire car. http://www.wired.com/autopia/2013/05/al_drivebywire/

When I was at Northrop I was given training on the hacking process. It is surprisingly (at least to me) disciplined and codified into a set of procedures. The key is to look at systems differently. Most normal people (norps) think in terms of variations of typical use models while hackers will tend to turn them upside down. Even most engineers tend to not be good at creatively misusing systems. A good test engineer is probably the closest "normal engineer" to being a white-hat hacker, since they probe the limits of systems.

That being said, hackers are not omniscient. The hacks that were done to support this paper required extraordinary physical access to the vehicles and were not necessarily robust. They would have been tough to do on a moving car. Right now the wide-area access is relatively limited, but that will increase.

The best safeguards are the simplest. The little LED on your webcam is the best indicator if there is a hacker watching you through it, since it is a simple physical connection. An "off" switch (physical, not soft) pretty much guarantees that a device is not accessible. The more complex a system is the more vulnerable it is.

junko.yoshida
User Rank
Blogger
Re: Unconvinced
junko.yoshida   7/8/2013 9:37:47 PM
NO RATINGS
Prioritizing what's most urgent is always a good idea.

For those who are still unconvinced, take a look at the technical paper quoted in this story, written by researchers of Univ. of Washington and Univ. os Calif. - San Diego.

http://www.autosec.org/pubs/cars-usenixsec2011.pdf

Bert22306
User Rank
CEO
Unconvinced
Bert22306   7/8/2013 9:28:13 PM
NO RATINGS
Count me among those who aren't hyperventilating just yet.

The easiest way to investigate these scary stories is not so much to list all the systems that CAN be breached, but to look at the critical systems first. Ignore all the non-critical systems. They get listed just for the sake of the oooh-aaah effect.

Most cars still use vacuum-assisted hydraulic brakes with dual-redundant hydraulics. Can that be hacked? Most cars also use a mechanical steering column, even if the power assist may in some cases now be electric. Can that mechanical column be hacked?

The only thing I'd worry about here is throttle. While the brakes of any car can easily overpower the engine, if the throttle is wide open, you will lose most of the vacuum assist. So a remote attack to the throttle would be the most important one to defend against, as far as I can tell. A good defense there is to shut off the engine. If the car has a key ignition switch, being careful not to turn the key all the way and lock the steering column.

I agree that the OBD system is the most obvious path to mischief. If you make life easy for engine diagnostics, including emissions testing, there's your attack vector. Still, brake and steering control are independent.

<<   <   Page 7 / 8   >   >>
Most Recent Comments
Flash Poll
Like Us on Facebook

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Times on Twitter
EE Times Twitter Feed
Top Comments of the Week