MADISON, Wis. — As a tech paper disclosing how to hack into the network of electronic control units (ECUs) was making rounds on the Internet, many readers, including those of this publication, expressed skepticism: Taking the time to open up a dashboard and physically connect hardware (a laptop) into the car stretches the definition of hacking.p>
True, but the point of the car-hacking demo pulled off by Charlie Miller, a security engineer at Twitter, and Chris Valasek, director of security intelligence at IOActive wasn’t really about how they broke into a car. The focus of their exercise was the mischief that they -- attackers or corrupt ECUs -- are capable of doing after gaining access to the ECU network.
Automobiles today aren’t exactly designed to verify every CAN packet, to prevent someone with illicit access to a single ECU from gaining access to the whole network, or to refuse to process commands (injected by a corrupt ECU). The tech paper the two white hats put together illustrates that the automotive industry has a long way to go before it can write “monitoring and control applications” to help alleviate the threat to ECUs in its systems, Miller and Valasek wrote.
Certainly, not everyone in the automotive industry is dismissing the tech paper. The topic comes up in discussions with technology suppliers.
Texas Instruments isn’t taking it lightly, either.
Steve Reis, TI’s senior systems architect, infotainment processors, acknowledged that a TI engineer, for example, was at Def Con in Las Vegas last week attending the session in which Miller and Valasek disclosed details of the code and tools they used in car-hacking.
In fact, tech papers such as “Adventures in Automotive Networks and Control Units,” by Miller and Valasek, and also “Comprehensive Experimental Analyses of Automotive Attack Surfaces,” by a team of scholars by the University of Washington and University of California, San Diego, provide an opening for semiconductor suppliers to strike up conversation with car-makers and touting chips loaded with security functions.
Aside from TI, Freescale Semiconductor, Infineon Technologies, and NXP Semiconductors have been all hot to trot carving out shares in the secure microcontroller market for automotive in recent months.
From mobile to automotive
Robert Tolbert, director of TI’s product-marketing/business development automotive infotainment processors, observed that the automotive industry today is probably where the mobile industry was seven or eight years ago.
Back in the early 2000’s, security wasn’t a top concern either for handset OEMs or cellular network operators. As more apps came online, digital rights management for video streaming came under scrutiny and mobile e-commerce proliferated. Secure processing became a concern for everyone in the mobile industry. That’s when TI’s M-Shield security -- used in OMAP-based mobile processors -- gained market traction, Tolbert noted.
TI’s move to turn to its mobile processor heritage to go after carmakers draws a sharp contrast to moves by its competitors such NXP, Infineon, and Freescale, who have all cut their teeth in developing secure solutions for smartcard chips and are now using that knowledge and expertise for their own automotive security solutions.
Noting that “a high level of security has not been the focus of [automotive] OEMs and tier ones for long time,” Tolbert believes the time is ripe for TI to bring its tried and vetted M-Shield security to the automotive industry. “As more and more cars are connected and consumers’ desire for Internet-based services rises, the need for firewalled access to buses and the ability to accommodate secure key generation over buses are becoming real issues for the automotive industry,” explained Tolbert. “Security cannot be an afterthought.”
Security threats are in fact everywhere, according to TI. As illustrated below, they include: accessing all memory in read/write mode, spy keys, in-transit data and streams, modifying OS/firmware code, moving back in time, rollback attacks, exploiting communication flaws, exploiting OS security flaws, etc.
Security threats and protection mechanisms.
M-Shield security originally developed for the mobile space includes a complete security infrastructure with on-chip cryptographic keys, a secure execution environment, secure storage, and secure chip-interconnects. Tampering detection, for example, triggers effective protection actions. M-Shield also comes with high-performance, hardware-based cryptographic accelerators that reduce latencies.