Team-BHP > Technical Stuff
Register New Topics New Posts Top Thanked Team-BHP FAQ


Reply
  Search this Thread
21,217 views
Old 16th August 2013, 19:38   #16
Senior - BHPian
 
DerAlte's Avatar
 
Join Date: Mar 2007
Location: Bangalore
Posts: 8,069
Thanked: 2,919 Times
Re: Hacking into a car's software to gain control of it

Quote:
Originally Posted by mayuresh View Post
... It's immaterial whether a mechanic does it or a non-mechanic does. ...
Sure, a non-mechanic can also do what a mechanic does. He will look foolish if he doesn't know what he is doing, which is true for a mechanic too! The point is availability of points at which the mechanic (non-mechanic if you will) can do something to change behaviour. If one knows well enough about cars, one knows about these points. If these points are not accessible, neither a mechanic (for whom these are to be legitimately provided) nor the best of hackers can do anything. The legitimate form is provided for direct local access (mechanical or electronic). Nothing is provided BY DESIGN for remote access.

Quote:
Originally Posted by mayuresh View Post
... In other words, if you are referring to legitimate ways deliberately left open for mechanics to control the car, they do qualify as vulnerabilities, particularly if they can be exploited.
I hope you are not a Information Security Consultant by profession as is indicated by the language.

Yes there are legitimate ways left open, and no they are not called Vulnerabilities. Those legitimate ways are interfaces to tune the operation of a subsystem, for example
- the simple headlamp beam leveling screw near the headlamp housing, or beam height adjuster provided on the dashboard. Or the modern equivalent provided in the Chassis Electronics ECU
- the mechanical screws on the carburettors to adjust the idling speed, or it's modern equivalent the Map in the ECU accessible via the programming interface of the ECU
- the switches provided around electrically adjustable seats for changing height, etc. Or the Seat Adjustment Preference memory in the Chassis Electronics ECU which sets it back to the preference of the driver

These mechanical or electronic interfaces are called Adjusters or Tuning Points. Again, they are INTERFACES, not "legitimate Vulnerabilities". Like I said earlier, one has to know the systems in a car to differentiate, rather than broad-brushing them with IT terminology and having the Gaulish expectancy that the sky may fall on our heads.

It is legendary that IT designers were rather lax in their approach to security, which ultimately led to the creation of Information Security as a practice. That has never been the failing in automotive design. The difference is very simple: LIABILITY. IT designers were never liable for damages of any kind - just read any software license disclaimers. Automotive Systems designers have that Damocles' Sword of liability hanging over their heads. Automotive Systems have known Object Orientation for the last 100 years (even when the term didn't exist); IT designers are still struggling to come to terms with it. The key to good security practice lies in OO, if one understands what OO is.

Last edited by DerAlte : 16th August 2013 at 19:41.
DerAlte is offline   (1) Thanks
Old 16th August 2013, 20:22   #17
BHPian
 
Join Date: Sep 2011
Location: Pune
Posts: 447
Thanked: 377 Times
Re: Hacking into a car's software to gain control of it

Quote:
Originally Posted by DerAlte View Post
Yes there are legitimate ways left open, and no they are not called Vulnerabilities.
In nearly all posts where you quoted me you have ignored parts of the sentence. For the above one I had said "if they can be exploited".
mayuresh is offline  
Old 17th August 2013, 02:54   #18
BHPian
 
FlatOut's Avatar
 
Join Date: Apr 2013
Location: Yorkshire Dales
Posts: 300
Thanked: 385 Times
Re: Hacking into a car's software to gain control of it

Quote:
Originally Posted by laluks View Post
Yes, Remote diagnostics are possible these days especially in higher end cars. They are often coupled to the telematics systems in such cases.

There are several levels of security access algorithms to gain access, and change configurations.
Thanks for that. I was chatting to someone ages ago who suggested that a car can potentially be tele-investigated by the police, via the manufacturer after an accident. And that there is the potential to shut down an engine in a similar manner. I wonder if this is the case also?
FlatOut is offline  
Old 17th August 2013, 20:31   #19
Senior - BHPian
 
Join Date: Jul 2009
Location: Calcutta
Posts: 4,668
Thanked: 6,227 Times
Re: Hacking into a car's software to gain control of it

Say GMs OnStar system: To my mind the question should be how secure is the server at GMs end?

Regards
Sutripta
Sutripta is offline  
Old 18th August 2013, 23:19   #20
Senior - BHPian
 
DerAlte's Avatar
 
Join Date: Mar 2007
Location: Bangalore
Posts: 8,069
Thanked: 2,919 Times
Re: Hacking into a car's software to gain control of it

Quote:
Originally Posted by mayuresh View Post
In nearly all posts where you quoted me you have ignored parts of the sentence. For the above one I had said "if they can be exploited".
English is not that funny a language that it plays tricks on logic. A vulnerability still stays a vulnerability - "weakness" - whether or not it can be exploited! Exploitation is just an implementation detail if theoretically a Vulnerability exists. Ignoring or reckoning with "if they can be exploited" - will it change the logic?

What you are unable to differentiate is between regular use and intentional misuse. An accessible configuration point, which is intended for regular use for valid purposes, does not ever become a "Vulnerability" due the possibility of wilful intentional misuse. The "regular use" was my reference to a mechanic. The "intentional misuse" is the subject of the "hacking" paranoia.

One doesn't eat off the floor for the fear of thieves stealing the dinner plates, as a saying goes in my mother tongue. There have been innumerable instances of bombs being placed on buses and trains. Should the doors on the buses / trains hence be called "Vulnerabilities"?

OTOH, the "Vulnerabilities" which are legend in IT systems and software, do they follow the same logic? Are the two paradigms comparable? No, they are not.
DerAlte is offline  
Old 19th August 2013, 07:55   #21
BHPian
 
Join Date: Sep 2011
Location: Pune
Posts: 447
Thanked: 377 Times
Re: Hacking into a car's software to gain control of it

Quote:
Originally Posted by DerAlte View Post
What you are unable to differentiate is between regular use and intentional misuse. An accessible configuration point, which is intended for regular use for valid purposes, does not ever become a "Vulnerability" due the possibility of wilful intentional misuse.
Well, that's a perspective. I can understand what you are saying.

Fact remains, what matters to a consumer is whether he can be "troubled" in some way due to open interfaces - whatever name you want to give it.

Also I said it repeatedly that we can't go by today's knowledge of interfaces alone. Things change. New interfaces get added and they bring additional vulnerabilities (or put whatever word you like in place of this).

There was a time people thought of mobile handsets as embedded devices. Nobody imagined anything like security issues with them. More and more functionality necessitated regular operating systems that also brought additional troubles.

I find you making an assumption that cars' interfaces will always remain what majority of them have today and will never use general purpose interfaces, which I don't quite agree with.

Knowing the basic difference in perspective, let's agree to disagree on that. I am stopping responding further on this matter.
mayuresh is offline  
Old 19th August 2013, 08:30   #22
Team-BHP Support
 
Samurai's Avatar
 
Join Date: Jan 2005
Location: Bangalore/Udupi
Posts: 25,948
Thanked: 47,205 Times
Re: Hacking into a car's software to gain control of it

PC, laptops, smartphones are generic devices that can let create, change and view data in various formats. When they have to do action like print or make a phone call, they use dedicated hardware like printer or phone. You can't tell the printer to start climbing the wall or tell the phone to electrocute somebody, they have very narrow command set. That means you can't tell any dedicated device to do something it won't do.

Car is a collection of dedicated devices. Turning those devices into generic devices won't be a smart thing to do. It will be like opening pandora's box.

Last edited by Samurai : 19th August 2013 at 08:31.
Samurai is offline  
Old 19th August 2013, 09:16   #23
BHPian
 
Join Date: Sep 2011
Location: Pune
Posts: 447
Thanked: 377 Times
Re: Hacking into a car's software to gain control of it

Quote:
Originally Posted by Samurai View Post
Car is a collection of dedicated devices. Turning those devices into generic devices won't be a smart thing to do. It will be like opening pandora's box.
Precisely. Car _is_ so, just like mobiles _were_ before they turned smartphones.

I agree with the point that turning things into generic devices wouldn't be a smart thing. But whether the industry can hold back the temptation will be a thing to watch.

This does not obviously mean each and every subsystem has to become so (it won't), for that to be a concern.

Last edited by mayuresh : 19th August 2013 at 09:19.
mayuresh is offline  
Old 19th August 2013, 09:26   #24
Senior - BHPian
 
DerAlte's Avatar
 
Join Date: Mar 2007
Location: Bangalore
Posts: 8,069
Thanked: 2,919 Times
Re: Hacking into a car's software to gain control of it

Quote:
Originally Posted by mayuresh View Post
... we can't go by today's knowledge of interfaces alone. Things change. New interfaces get added ...
Quote:
Originally Posted by Samurai View Post
... You can't tell the printer to start climbing the wall or tell the phone to electrocute somebody, they have very narrow command set. That means you can't tell any dedicated device to do something it won't do.

Car is a collection of dedicated devices. ...
Absolutely correct, @samurai. Unfortunately, paranoia causes irrational thought.

One wishes that instead of pooh-poohing and discarding "today's knowledge", that such knowledge be known and understood first. No new mechanical interface has appeared in the last 100 years of automobiles, and no new electronic interface has appeared since electronic controls were introduced 35 years back.

The fact that those interfaces support a dedicated limited purpose-related command set is lost on those who are only exposed to generic interfaces of computers and software - which have been around (in standardized form) only for the last 15. Also lost is the fact that technology advancements have always been evolutionary. If there is no reason to discard an old paradigm or interface, it is never discarded. Nor a new one ever added. There has been no reason for discarding the programming and diagnostics interfaces in automotive electronics. Nothing has changed at the logical or physical level.

This is completely unlike how USB superseded the older parallel and serial connectivity in computers for the simple reason that the differentially driven fast serial communications over USB was more economical to implement as compared to synchronous parallel and asynchronous serial methods of yore. Ditto for SATA superseding IDE and SCSI. Rise one level above, and one realizes that at the logical level nothing has changed despite the physical interface changing.
DerAlte is offline  
Old 30th August 2013, 12:10   #25
Senior - BHPian
 
msdivy's Avatar
 
Join Date: Aug 2006
Location: Bangalore
Posts: 1,844
Thanked: 2,855 Times
Re: Hacking into a car's software to gain control of it

Any complex system consists of many modules and different components of a module trust & collaborate with each other to make the system work. The key here is trust, which is usually done by authentication.

If the authentication is weak, some rogue module may authenticate itself as genuine module and issue spurious commands to rest of the modules. For instance, car key authenticates itself before issuing the command to the receiver in the car to open the lock. If a 3rd party module performs the same authentication & issues the same command, the car receiver with trust & will unlock the car.

Why the authentication will be weak? Multiple reasons:
1) Due to limitation in hardware capabilities, choices of strong authentication protocol might be limited. Imagine the processing power of a car key compared to a PC or mobile phone - it is very limited.
2) A weakness might be found in the chosen protocol after the cars are sold.
3) Even though the protocol might be strong, the implementor (person who wrote the code) might not have implemented exactly as per protocol (may be due to limitation of the programming language, or he may not have complete understanding of the protocol).

So there are chances that cars might be hacked. Possible hacks are to gain entry to steal the items in the car or the car itself. It highly unlikely that somebody will hack and disable airbags or ABS (but that is possible).

Note: Recently, a Dell engineer listed the possible exploits in Tesla S. Check out: http://programming.oreilly.com/2013/...ion-flaws.html
msdivy is offline  
Old 31st August 2013, 12:17   #26
Senior - BHPian
 
DerAlte's Avatar
 
Join Date: Mar 2007
Location: Bangalore
Posts: 8,069
Thanked: 2,919 Times
Re: Hacking into a car's software to gain control of it

Quote:
Originally Posted by msdivy View Post
Any complex system consists of many modules and different components of a module trust & collaborate with each other to make the system work. The key here is trust, which is usually done by authentication.

... For instance, car key authenticates itself before issuing the command to the receiver in the car to open the lock. If a 3rd party module performs the same authentication & issues the same command, the car receiver with trust & will unlock the car. ...
Correct.

While what you say is generally plausible, there is a big BUT to it. The Immobilizer system is the only one which uses the conventional 'authentication' mechanism, as understood in the 'computer' world.

The other systems in the car don't use 'authentication' at all - just simple 'identification' so that the message conveyed in the communication protocol can be correctly interpreted from the *pre-defined* set of expected messages.
- No message outside this pre-defined set is acted upon, which prevents spurious messages from causing unwanted behavior (statistically possible)
- The message contents can only make the recipient take an action limited to it's set of valid actions. These actions are decided at design time, and cannot be changed at run time (you are in fact alluding to the same in a way).

This prevents the possibility of the sub-system doing something that is catastrophic (as precluded at design time). For example, it will not be possible to command the power assist (steering) to change the direction of assist to Right, if the steering is moving Left. But the Transmission ECU can tell the Engine ECU "Please reduce RPM, I want to shift gears", and the Engine ECU will do so. At the end of the shift, the Txn ECU tells Engine ECU "I am done", and the Engine ECU goes back to whatever driver demand was expecting. It will not act on a message that says "Hey, go to redline RPM" - it will act only to keep up when the driver presses the Acc pedal to maximum.

To correctly interpret the possibilities of external influence on a car's electronics, one has to understand that automotive systems are designed with the principles of Control Systems (a la Joseph Marie Jacquard), and not that of Computers (a la Charles Babbage). To the uninitiated, and to whoever has grown up only on Computers, the difference is not apparent - since both Computers and Controllers use microprocessors and software!

However, the rules of design and engagement are very different. Control Systems rely on sub-system autonomy (including overruling inputs that are out of range or implausible). Computers, on the other hand, are designed for general purpose usage where the usage is decided by the end user, even if that means the user can bring it to a complete grinding halt by a wrong action.

Control Systems implementations have far more severe restrictions that don't give any headway for malicious manipulation. When implemented, even automotive Ethernet-based networking will obey severe design restrictions in protocol implementations. One won't be given the facility to http/https to the Engine ECU and be presented a Configuration page like home ADSL routers do. Hollywood movies lead everyone to believe that such things are a plausible reality - it is as much fiction as the rest of the movie story is.
DerAlte is offline  
Old 22nd July 2014, 09:50   #27
BHPian
 
Join Date: Dec 2012
Location: Bengaluru
Posts: 50
Thanked: 70 Times
Chinese Hackers target Tesla Model S

Tesla Motors has promised to fix any “legitimate vulnerability” after Chinese hackers reportedly discovered a flaw which allowed them to honk the horn, unlock the doors and flash the headlights of its Model S electric cars, even while they were moving.
The news emerged from the SyScan360 conference (motto: “I hack, therefore I am”), which is intended to be a “platform for the international security community to interact with the Chinese security community”. A post on the social network Weibo said that the IT department from Chinese company Qihoo 360 Technology Co had been able to take control of the car’s door locks, horn, headlights and sunroof.
No details of the hack have been disclosed, but the functions which claim to have been attacked closely match those which are made available through the Tesla smartphone app. Drivers can download an app which connects to their car via Bluetooth and allows the doors to be locked and unlocked, the headlights to be flashed, the horn honked and the sunroof opened.
The app also allows the air conditioning to be controlled, offers GPS tracking and allows the owner to monitor the progress of charging. This means that a user can park at a charging spot and run errands until it reaches 100 per cent charge.
If hackers had been able to hack this app, or some layer of communication between it and the car, then all of these functions would be available to them – just as the Chinese group is claiming.

You may read the entire article at :

http://www.telegraph.co.uk/technolog...ctric-car.html

This certainly is a very very scary situation for the person driving the car!
Hulk is offline  
Old 22nd July 2014, 14:22   #28
Senior - BHPian
 
DerAlte's Avatar
 
Join Date: Mar 2007
Location: Bangalore
Posts: 8,069
Thanked: 2,919 Times
Re: Chinese Hackers target Tesla Model S

Quote:
Originally Posted by Hulk View Post
... If hackers had been able to hack this app, ...
If Tesla has provided a legitimate API and hardware interfaces, this can hardly be called 'hacking' - it is only using the same API and interfaces. If Tesla has provided a BT interface, they will also provide a method to disable it. Also, it is only in movies that one sees someone taking control of an unknown entity by using an App on a tab. In reality, there are simple security interfaces even at the hardware level (despite the possibility that the car owner forgets to change the BT default passcode from '0000' to something else).

Anyhow, the functionality controlled externally is part of Chassis Electronics, and not main 'engine' / drive-train functionality. One wouldn't worry about the car's main functionality being hijacked because of these stunts.

Sensationalism of this kind detracts from actually securing the interfaces from external manipulation with malicious intent. It only serves to draw attention to attention seekers.
DerAlte is offline  
Old 21st July 2015, 18:48   #29
BHPian
 
Cowardly Lion's Avatar
 
Join Date: Apr 2012
Location: New Delhi
Posts: 64
Thanked: 71 Times
Car Hacking

Being a sci-if aficionado I have often read and then wondered about a time when Car hacking will be a concern. If you will read the article it is shouting "we are there". Imagine the mess one can create if you can control multiple missiles of 300 kg+ on a road.....

Will this lead to a niche market for purely mechanical (read unpack able) cars...? I'm sure it will. What do you guys think...?

http://www.wired.com/2015/07/hackers...social_twitter
Cowardly Lion is offline  
Old 21st July 2015, 20:18   #30
DRC
BHPian
 
DRC's Avatar
 
Join Date: Dec 2004
Location: Cockpit
Posts: 911
Thanked: 66 Times
Re: Car Hacking

Interesting perspective.
There had been purely mechanical cars in the past. They were stolen too. some times along with their owners.. It was then known as carjacking.

If this needs attention, we may debate this topic on shifting gears section.
Mods may please do the needful.
DRC is offline  
Reply

Most Viewed


Copyright ©2000 - 2024, Team-BHP.com
Proudly powered by E2E Networks