Embedded Systems Conference
Breaking News
Newest First | Oldest First | Threaded View
<<   <   Page 7 / 8   >   >>
User Rank
cedricfau   7/9/2013 12:20:57 PM
The problem is that it will cost a lot in work labor to install 2 networks and in available room into the car. I'm not sure that the industry will accept these drawbacks.

Olaf Barheine
User Rank
Technology is not the problem
Olaf Barheine   7/9/2013 7:54:21 AM
In my opinon, the main problem are the engineers and developers in the automobile industry (and not only there), who still seem to underestimate the crminal energy of the hacker scene. Everything that can be hacked, will be hacked!

User Rank
prabhakar_deosthali   7/9/2013 2:34:43 AM
In my opinion, if any catastrophe as a result of attempted hacking into the car systems is to be avoided then there should be two networks in the car. One a private network controlling the critical operation of the car - accelerator, brake, engine, windshield wipers, windows etc. This network should be totally isolated and should have a manual override for every automatic function that it handles.

The other network containing the GPS, cell phone connectivity, entertainment etc can be connected to WAN and thus would not affect the critical functionality of the car even if it is hacked.

User Rank
Re: Cyber security for cars?
mcgrathdylan   7/9/2013 12:57:02 AM
Isn't it kind of taken on faith by now that anything can be hacked? Trust no one.

User Rank
Re: Unconvinced
LarryM99   7/8/2013 11:34:43 PM
Not bad, but keep in mind that the LED = "video on" association only works for commercial webcams. Build one yourself and you have the option of not following that standard!

It does bring up the dark side the current Arduino and Arm wave of innovation. It used to be that it took an engineer to build a system up from components. Now any reasonably smart person can assemble what you have described from $50 worth of parts - no soldering iron required.

User Rank
Re: Unconvinced
David.Proffer   7/8/2013 11:11:10 PM
Good points Larry. 

To your point 'The little LED on your webcam is the best indicator if there is a hacker watching you through':

A 'funny' event I recently had that may show a growing weakness in the 'I'm on' light:

I was staying at a hotel recently and upon coming out of the shower I looked up to see a blue LED glowing behind the grill of the bathrooms ceiling exhaust fan. Being the paranoid inquisitive tech guy I am, I of course popped the cover off and had a look. There was a small black plastic square device with a blue LED glowing in one corner. I took a few photos of it and the name plate tag of the exhaust fan. Five minutes of 'googling' found that the unit contains a humidity sensor with dual color LED to indicate what function the fan is operating in!

From the manual 'This product also incorporates a dual color (blue and amber) LED indicator to show if it is running at humidity sensor mode or full speed mode.'


I just wonder the prudence of this major hotel chain installing these blue LED equiped humidity sensors in all of their guest bathroom ceiling?

And of course, switching my 'white hat' to my 'black hat' wondering how quickly I could build a remote transmitting video and audio device to mimic this humidity sensor and LED!


User Rank
Re: Unconvinced
David.Proffer   7/8/2013 10:52:58 PM
Bert I hope you are able to continue to drive that 1975 AMC Pacer you own for a long time :-)

Because, bad news, cars that are sold today are far more integrated across all systems that I think you are aware. I took a 30 second review of the systems that you can have on the 2013 Mercedes C250 that the journalist Michael Hastings was driving when he was killed last month in Los Angeles. There are at least 20 more attack vectors and active break, steering and accelerator connections available in this car than were available in the 2011 hack that Junko cited. The possibilities to take over this car are astronomical!


In the case of the Mercedes C250 2013 and your points:

1) Brake system - software controlled with at least 4 non-brake system that I count that can active any single or combo of brakes.

2) Steering column - the least hackable control in the car that I found, I could only find control that 'alerts the driver by vibrating the steering wheel' HOWEVER, the Mercedes 'Active Lane Keeping Assist' will 'If the driver continues to drift, it can apply the brake to a single rear wheel to help guide the car back into its lane.' That is as good as steering. Think about how steering could easly be overridden by wheel braking combos...

3) Throttle - I could not confirm it, but if the throttle is not fully 'control by wire' it is still fully controllable by software.

4) Shut off the engine, bad news again, more and more cars today do not require a physical key to be inserted to enable the car. In the C250, 'A leap in ease and efficiency pioneered by Mercedes-Benz, KEYLESS-GO lets you unlock, start and drive away without removing the SmartKey from your pocket or purse.'

5) 'Still, brake and steering control are independent.' Unfortunately not. And less each year. Brakes crossed the threshold several years ago and steering by wire is in more and more cars each year. There are multiple cars today we parking assist, this is steering fully under software control.

Killing someone by inserting software into anyone of a number systems in cars today to 100% possible. As I stated in my analysis of the tragic death of Mr Hasting, I doubt we have forensics resources available today to draw a conclusion. And worse, the ability to defend ones car against a possible attack is nil today.


User Rank
Re: Unconvinced
LarryM99   7/8/2013 10:34:57 PM
The attack surface is increasing. Check out this article from a recent Wired magazine about a drive-by-wire car. http://www.wired.com/autopia/2013/05/al_drivebywire/

When I was at Northrop I was given training on the hacking process. It is surprisingly (at least to me) disciplined and codified into a set of procedures. The key is to look at systems differently. Most normal people (norps) think in terms of variations of typical use models while hackers will tend to turn them upside down. Even most engineers tend to not be good at creatively misusing systems. A good test engineer is probably the closest "normal engineer" to being a white-hat hacker, since they probe the limits of systems.

That being said, hackers are not omniscient. The hacks that were done to support this paper required extraordinary physical access to the vehicles and were not necessarily robust. They would have been tough to do on a moving car. Right now the wide-area access is relatively limited, but that will increase.

The best safeguards are the simplest. The little LED on your webcam is the best indicator if there is a hacker watching you through it, since it is a simple physical connection. An "off" switch (physical, not soft) pretty much guarantees that a device is not accessible. The more complex a system is the more vulnerable it is.

User Rank
Re: Unconvinced
junko.yoshida   7/8/2013 9:37:47 PM
Prioritizing what's most urgent is always a good idea.

For those who are still unconvinced, take a look at the technical paper quoted in this story, written by researchers of Univ. of Washington and Univ. os Calif. - San Diego.


User Rank
Bert22306   7/8/2013 9:28:13 PM
Count me among those who aren't hyperventilating just yet.

The easiest way to investigate these scary stories is not so much to list all the systems that CAN be breached, but to look at the critical systems first. Ignore all the non-critical systems. They get listed just for the sake of the oooh-aaah effect.

Most cars still use vacuum-assisted hydraulic brakes with dual-redundant hydraulics. Can that be hacked? Most cars also use a mechanical steering column, even if the power assist may in some cases now be electric. Can that mechanical column be hacked?

The only thing I'd worry about here is throttle. While the brakes of any car can easily overpower the engine, if the throttle is wide open, you will lose most of the vacuum assist. So a remote attack to the throttle would be the most important one to defend against, as far as I can tell. A good defense there is to shut off the engine. If the car has a key ignition switch, being careful not to turn the key all the way and lock the steering column.

I agree that the OBD system is the most obvious path to mischief. If you make life easy for engine diagnostics, including emissions testing, there's your attack vector. Still, brake and steering control are independent.

<<   <   Page 7 / 8   >   >>

Most Recent Comments
David Ashton
Most Recent Messages
7:46:09 PM

Drones are, in essence, flying autonomous vehicles. Pros and cons surrounding drones today might well foreshadow the debate over the development of self-driving cars. In the context of a strongly regulated aviation industry, "self-flying" drones pose a fresh challenge. How safe is it to fly drones in different environments? Should drones be required for visual line of sight – as are piloted airplanes? Join EE Times' Junko Yoshida as she moderates a panel of drone experts.

Brought to you by

July 16, 1pm EDT Thursday
IoT Network Shoot Out
Top Comments of the Week
Flash Poll
Like Us on Facebook

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Special Video Section
LED lighting is an important feature in today’s and future ...
Active balancing of series connected battery stacks exists ...
After a four-year absence, Infineon returns to Mobile World ...
A laptop’s 65-watt adapter can be made 6 times smaller and ...
An industry network should have device and data security at ...
The LTC2975 is a four-channel PMBus Power System Manager ...
In this video, a new high speed CMOS output comparator ...
The LT8640 is a 42V, 5A synchronous step-down regulator ...
The LTC2000 high-speed DAC has low noise and excellent ...
How do you protect the load and ensure output continues to ...
General-purpose DACs have applications in instrumentation, ...
Linear Technology demonstrates its latest measurement ...
Demos from Maxim Integrated at Electronica 2014 show ...
Bosch CEO Stefan Finkbeiner shows off latest combo and ...
STMicroelectronics demoed this simple gesture control ...
Keysight shows you what signals lurk in real-time at 510MHz ...
TE Connectivity's clear-plastic, full-size model car shows ...
Why culture makes Linear Tech a winner.
Recently formed Architects of Modern Power consortium ...
Specially modified Corvette C7 Stingray responds to ex Indy ...