Very interesting thread...which brings in my mind a key point whether cyber or physical threats are more important...when we discuss car hacking possibility it sounds worrysome...until we realize that 40,000 people annualy die in car crashes already...so even with the best technology you can get hit from behind by a teenager texting (nothing against teenagers, just an example)
Several years ago there was a demo of hooking into the bluetooth infrastructure on cars using directional antennas from a highway overpass (the authors injected audio into the sound system, and could visually confirm success by observing driver's reaction :)
The thinking then is that the car manufacturers could not resist introducing integrated in-vehicle networks, which opens up a possibility of a horizontal access escalation from the sound/entertainment network to the car control network. The demonstration of CAN/OBD vulnerabilities should make people think in terms of integrated, interdependent systems that need multilayer security.
Loser99, I am sorry that you feel that way. When modern cars are equipped with so much electronics (and its content is increasing), invisible hacking inside the electronics system in a car is going to be a critical issue just as much as visible hacking via glass windows is.
These glass windows can easily be "hacked" with a brick, enabling hackers access to the car. I would suggest making the car like a tank and using video monitors instead of the windows. Maybe TI's employees can work on that instead of this pointless illustration of "car security threats"
I couldn't agree wtih you more, prabhakar. I find it, however, fascinating that expertise the chip industry has developed over time -- be it in mobile or in smartcars -- can be now applied to automotive.
Much of the initial work on automotive security started several years ago within the automotive industry, culminating to the development of SHE (secure hardware module) spec and a framework such as EVITA, as described in the article.
We are now beginning to see electronics based on such specs and that meet with the framework.
Cars equipped with such electronics are not here yet, but they will start showing up soon.
I think the initiation of thinking about the car security is started at the very right time.
This will be more required in the public vehicles as compared to the private vehicle, as there are more chances and possible availability of the vehicle for any alterations.
If all the control electronics is from one vendor then it will be much feasible to put security protocols in the hardwired electronics itself, but if we talk about generalized security solutions across all the different vendors then this might take some years time to get the things standardized.
But it really seems that the topic requires very many considerations.