Sorry, Junko, we've been over this already. Local connection to the OBD-II port makes all the difference. Unless you encrypt any content that can go into the OBD-II port, making it essentially useless for its intended purpose, it would be pretty hard to prevent "hacking" when the "hacker" is deliberately allowed to get inside.
This OBD-II port is meant for garages to use, e.g. for troubleshooting and emissions testing. They also have access to brakes, steering, and throttle, and every other system in that car, without needing wires to cause damage.
If you do encrypt that OBD-II port, and then you give garages the private key necessary to decrypt, so they can do their work, then we're back where we are now.
Having remote wireless access to the critical functions, such as brakes, throttle, and steering, through an unencrypted interface, is what has to be shown. If that's available, then that security hole needs to be plugged. But quite honestly, this stream of articles about hacking seems to obfuscate the attack vectors, by including a lot of extraneous information.
Show me where a remote wireless device can impair the function of throttle, brakes, or steering. Leave the rest out. Then we can see if there's a problem to be fixed.
Only a matter of time, do you think? What happens when cars become just a "thing" -- an end node -- on the Internet of Things, as this newly formed US Consortium is working toward? I bet wireless remote hacking will be possible. Researchers from the CAESS Center for Embedded Automotive Systems (the same UofW and UCSD group mentioned in article) say "we can call our car's cellular phone number to obtain full control over the car's telematics unit over an arbitrary distance."
In short, the focus has to be on brakes, steering, and to a lesser extent, throttle. Listing a lot of other stuff just adds noise to the discussion.
The question of what will be possible or not in the future isn't the issue. The future will have to be taken care of, in due course. The question at hand now is how vulnerable vehicles are, present tense, to remote hacking into the critical system (steering, brakes, throttle, not the stereo). It goes without saying that as new capabilities are added to cars, for safety, efficiency of operation, or convenience, new attack vectors will emerge that will need to be addressed. We need not assume right now that these eventual vulnerabilities will go unaddressed.
That's the way engineering of new things has always evolved, after all. You design something new, then you do your best to debug the new gadget before putting it on the market. Unless we're to believe that engineers are unable to discover vulnerabilities, and why that would be the case I don't know, then this network connectivity is just another new aspect to debug thoroughly. And yes, things are missed from time to time, and they have to be fixed quickly when this happens.
As to telematics hacking, that's not a major safety concern, unless you show that OnStar (or other) can incapacitate the brakes, steering, or throttle. Can it? It is probably possible to shut the car down remotely (anti-theft), but fortunately cars can stop passively, without incurring a huge risk. On the other hand, whether the hacker can determine your location, or whether your engine warning light is lit, is more of a privacy issue at best. AND, any car owner can incapacitate that OnStar system. Find the access panel, probably in the trunk, and disconnect it.
I agree with this. I've seen these people "hacking" cars in the news a lot recently, but they are given time inside the car to attach a computer. To me, this isn't as big of news as it sounds. Sure it is interesting that they are able to mess with things, but it is like saying my computer is at risk of hacking as long as I give someone full and unhindered physical access to every component.
As *not* an automotive engineer, but as an embedded firmware controls type of guy, I would agree with Bert's last paragraph - a "Show me the money" type of thing. If steering, brakes or throttle aren't affected, or can't be controlled, then I, too, see no real threat. However, show me that happening and would definitely sit up and take notice!
If you regard the latest reseach by Charlie Miller, a security engineer at Twitter, and Chris Valasek, director of security intelligence at IOActive, as some kind of a tool to judge whether your current car is safe or not, of course, this whole thing reads like just a scare story "without any proof."
I find that unfortunate and disturbing, because that would be, in my opinkion, entirely missing the point.
The research about the future. This is about how the next-generation connected cars -- which will have more exposure to the external world than ever -- should be protected from potentially malicious attacks.
As the two researchers noted in their paper:
The hope is that by releasing this information, everyone can have an open and informed discussion about this topic. With this information, individual researchers and consumers can propose ways to make ECUs safer in the presence of a hostile CAN network as ways to detect and stop CAN bus attacks. This will lead to safer and resilient vehicles in the future.
I would say that part of the issue is in the theoretical possibility as much as with any demonstrated vulnerability. I had always thought that these semi-automated cars would fail safe or could easily be over-ridden by the driver. This video does demonstrate that failure isn't always in a safe mode and manual override isn't necessary possible.
Attack vectors and system exposure are both important parts of the "car hacking" equation. For today, the safety critical systems aren't wireless. My understanding is that critical systems are on a different bus than non-critical, like entertainment and navigation. Please correct me if I'm wrong on that. Regardless, that these particular systems can be manipulated without authorization means that they will be vulnerable at some point.
I also don't think we should dismiss the potential for harm in accessing non-critical systems. Messing with GPS or remote ignition could strand someone or get them lost. That may be more on the level of mischief than danger, but there are of people that like to engage in mischief. People have made fake 911 calls leading to a SWAT team showing up at houses to very surprised residents. Onstar like systems could be used to do the similar things - send rescue crews out to spoofed crash reports.
I am in agreement. All this article illustrates is that local, physical access to a standardized physical communications port that is, by design, intended for easy access to numerous diagnostic and test functions of a vehicle is possible by people with communications and some embedded programming skills. And, what is the primary defense against malicious attack - control of physical access, of course!
Why else do companies put locks on the doors of their servers farms, or lock up their backups? Attempting to make the leap from this example, to postulating that the same or worse could be done through a wireless communication interface designed for different purposes, like OnStar, for example, is at best HIGHLY speculative and unlikely. If one allows a malicious person such unlimited physical access to diagnostic/test functions as this, they also could just as easily implement real physical sabotage with even less difficulty. Until someone actually demonstrate the ability to take over control of a vehicle's primary control systems of engine control, brakes, lighting, or steering through a remote wireless interface such as bluetooth, cellular modem interfaces or satellite links, count me in with the gang who feel this is just more hype to induce fear in the uninformed. The article basically shows us that with a CAN bus adapter and some code anyone can plug into an OBD-II port and snoop around. Guess what, many have been doing this for years now!
Blog That A-Ha Moment Larry Desjardin 10 comments Have you ever had an a-ha moment? Sure, you have. The Merriam-Webster dictionary defines it as "a moment of sudden realization, inspiration, insight, recognition, or ...