Tuesday, December 14, 2010


Security of auto control systems

While we’re on the joint subject of cars and security, I should dredge up this item that I’ve had hanging about for a few months. It’s from Ars Technica, and reports that researchers have hacked into the control systems of cars because those systems are often not secured:

The tire pressure monitors built into modern cars have been shown to be insecure by researchers from Rutgers University and the University of South Carolina. The wireless sensors, compulsory in new automobiles in the US since 2008, can be used to track vehicles or feed bad data to the electronic control units (ECU), causing them to malfunction.

Earlier in the year, researchers from the University of Washington and University of California San Diego showed that the ECUs could be hacked, giving attackers the ability to be both annoying, by enabling wipers or honking the horn, and dangerous, by disabling the brakes or jamming the accelerator.

The new research shows that other systems in the vehicle are similarly insecure. The tire pressure monitors are notable because they’re wireless, allowing attacks to be made from adjacent vehicles. The researchers used equipment costing $1,500, including radio sensors and special software, to eavesdrop on, and interfere with, two different tire pressure monitoring systems.

The pressure sensors contain unique IDs, so merely eavesdropping enabled the researchers to identify and track vehicles remotely. Beyond this, they could alter and forge the readings to cause warning lights on the dashboard to turn on, or even crash the ECU completely.

The earlier work, from May, said that there was some security built into the system, but it was insufficient. Still, someone needed access to the inside of the car at some point, to plug into the On-Board Diagnostics (OBD-II) port under the dashboard. Once they could do that, they could reprogram the workings of the car — an example given in the earlier article suggests a program that might wait until the car was going at 80mph, and then disable all the brakes.

With the newer work, attacking the wireless tire-pressure monitors, there’s the danger of attacks from the outside that take advantage of the wireless system. The researchers show how to track cars using that, but if more of the control system is exposed to wireless attacks, things can get very bad, indeed.

It boggles my mind that anyone could put any sort of control system into a vehicle and not secure it. The technology to do secure communication among parts of a system is well known, inexpensive, efficient, and effective, and there’s really no excuse for cutting corners there.

No comments: