Team-BHP
(
https://www.team-bhp.com/forum/)
It will be a concern when a manufacturer is stupid enough to connect the engine control to the internet. Otherwise, it will be a concern only if a malicious person gets physical access to the car. In that case the malicious person can cause damage without hacking, but hacking can potentially enable subtle/"delayed" effects, maybe even enable remote controlling the car... [edit] reading the article, it looks like there was a vulnerability that let them communicate with the engine via the entertainment unit. Not sure how widespread such a "feature" is, or why Chrysler thinks the entertainment system should have any linkage with the engine. Their previous exploit involved wiring a PC to a car's onboard diagnostic port, but this one, they say, requires only knowledge of the car's IP address! One hopes manufacturers will take note and insulate the engine from other electronics.
A software can be robust but not impregnable. Look at Microsoft. They have been at it for years and still routinely we d/l patches. If it's a work in progress with them then the car companies are certainly not gonna be able to find this holy grail.
Carjacking is one thing but crippling a car in Delhi while sitting in Karachi is a whole new world. It is not about stealing but could create a whole new level of susceptibility.
Smart cars are upon us whether we like it or not and advances in technology will ensure that they will keep on getting smarter (
http://youtu.be/7Pq-S557XQU). Cars will be connected to the net eventually.
http://in.norton.com/yoursecurityres...d=car_computer
Quote:
Originally Posted by rsidd
(Post 3759144)
It will be a concern when a manufacturer is stupid enough to connect the engine control to the internet. ... |
I would like to respectfully disagree. Imagine upgrading your car by updating the firmware of your car. Already manufacturers like Tesla are discussing this feature. Connected cars will be the future.
The article and researchers are highlighting the lack of security on a car in production. All manufacturers should awake to this and incorporate security features. Its disheartening to see Chryslers response to the researchers inputs.
In future, car safety aspects should not be limited to only crash tests but also vulnerability tests. A simple option could be to give a control to the driver to override auto mode and switch to manual mode completely. (similar to aeroplanes)
Quote:
Originally Posted by druva
(Post 3759439)
I would like to respectfully disagree. Imagine upgrading your car by updating the firmware of your car. Already manufacturers like Tesla are discussing this feature. Connected cars will be the future. |
If they do this they deserve the security flak (and, in countries like America, lawsuits) that they will inevitably get. Firmware upgrades for the entertainment system are one thing, but firmware upgrades for the ECU should be done only at an authorised shop. Or, at most, by a knowledgeable customer who has downloaded the firmware image on a computer and know how to do the upgrade by connecting to the onboard port. Not via the internet! All software that controls the functioning of the car needs to be insulated from the internet.
Security experts used Fiat-Chrysler's telematics system Uconnect to hack into a moving Jeep.
Quote:
they turned on the Jeep Cherokee's radio and activated other inessential features before rewriting code embedded in the entertainment system hardware to issue commands through the internal network to steering, brakes and the engine.
|
Quote:
cybersecurity researchers have shown they can use the Internet to turn off a car's engine as it drives
|
Like with Smartphones, Fiat-Chrysler have come out with a security patch to plug this loophole. Where are we heading?!
Report from Reuters.
Quote:
Originally Posted by WindRide
(Post 3759356)
Couple of hackers gaining control of a Jeep in motion over internet. Truly scary. |
This is scary. Some points to note.
1. The head unit, touch screen or whatever it is called, must be connected to the public network/internet in some way. Wireless/3G/4G whatever and the hackers would require to first scourge the network to "search out" a suitable candidate i.e. the sacrificial lamb. Thankfully, it does not seem that one can hack this vehicle whenever it passes a doorstep/toll booth/restaurant. That would have been really freaky.
2. The OS/software on the head unit inherently has some vulnerability which has been exploited to "get access" into the head unit.
3. Once the OS access has been established, it is a question of putting in malicious piece of software which remotely accepts the commands and issues them on the vehicle's software/control bus. Frankly one need not know the exact bits and bytes of the protocol, all one needs to do is the ability capture and playback on demand the command sequences.
4. The question is how secure is the vehicular software bus and the head unit to these types of attacks.
I guess there would be many more points to chew on.
Interesting G+ thread
here, particularly these comments from Michael Mol:
Quote:
My step-dad helped write the code for these sorts of systems. He quit when he was asked to do implement functionality in a way he considered unsafe and unethical. And he's borderline anarcho-capitalist, if that tells you anything. Two big parts of the problem:
1) The engineers warn about these things, are told to stuff it.
2) Fines won't make a single bit of difference; auto manufacturers simply pass those costs on to the purchasers of the vehicles.
...
The problem isn't with the head unit being on the CAN bus. I actually would want that...I'd like to get Torque running on an Android head unit connected to my CAN bus.
The problem is that the CAN bus is legally required to expose functionality that, well, makes it unsafe. Well, that and the way it's exposed. The receiver of a packet is supposed to send its response by modifying the sender's packet on the bus while the sender is still transmitting it. No checksums, sender validation, nothin. And while I haven't devoted a ton of thought to it, I don't know how you'd even add integrity and authenticity checks to a bus that operates that way....
The problem is that the manufacturers have already calculated the risk and expense of recalls and lawsuits, and decided it's cheaper to manipulate the engineers into building safety-critical features into a non-safety-critical-supporting platform and play the odds on recalls and lawsuits than to pay the engineers to build a secure system on principles of safety. (And it is expensive...in large part because you can't have a standardized platform when you have to work with bleeding edge silicon for which a properly-working SDK hasn't yet been developed. And if you don't use that bleeding edge silicon, your offering for an infotainment system will look paltry compared to a competitor's, and you won't get the job.)
|
The solution is relatively simple in nature. Essential systems (e.g. steering, brakes etc) should be completely (physically) seperated from all the none essentials, e.g. radio.
Remarkebly, even on many modern airplanes that offer for instance WiFi access for passengers this is not the case.
Anything that cant be accessed (for lack of physical means) can't be hacked. Its that simple. Unfortunately, the IT crowd still believes that a logical separation is the same as a physical seperation, it is not.
Having said that, I'm not that concerned. I would like to understand a bit more in depth what it is they actually did. Especially the bit about how they issue commands to the engine and such. Here a lot of text on this little escape with remarkeble little technical information
http://www.wired.com/2015/07/hackers...-jeep-highway/
By the way, being able to remotely disable the engine is nothing new at all. In some countries (US States) it is considered a safety feature, so the cops can safely bring a vehicle to a full stop.
Jeroen
Quote:
Originally Posted by Jeroen
(Post 3759750)
The solution is relatively simple in nature. Essential systems (e.g. steering, brakes etc) should be completely (physically) seperated from all the none essentials, e.g. radio. |
This is not possible since the same user interface needs to control both. E.g. :
1. Touch screen interface controls Audio as well as HVAC
2. Same interface Tunes suspension
Quote:
Originally Posted by rsidd
(Post 3759470)
If they do this they deserve the security flak (and, in countries like America, lawsuits) that they will inevitably get. Firmware upgrades for the entertainment system are one thing, but firmware upgrades for the ECU should be done only at an authorised shop. Or, at most, by a knowledgeable customer who has downloaded the firmware image on a computer and know how to do the upgrade by connecting to the onboard port. Not via the internet! All software that controls the functioning of the car needs to be insulated from the internet. |
An ECU update at an authorised outlet is no protection. The weakest link and all that....
These days smart phones get connected to headsets automatically. Soon these headsets will be employed to display ECU data and that is where the primary gateway into the vehicle appears -->smartphone --> headset --> ECU
What is the purpose of leaving redundant code interfacing entertainment system with steering, brakes or engine? Doesn't make much sense. Unless we are talking about a on the fly 4x4 control, suspension control and abs traction control possible using a touch screen. And that touch screen capable of being remotely controlled by a smart phone or such.
I don't know why these software developers run after enabling everything on a smart phone. It is such an insecure device, capable of beings hacked or stolen.
This journalist that apperently drove this car also reported that these hackers managed to completely disable the brakes and the car ended in a ditch.
I'm not familiar with these new Jeep Cherokees (only owned a 1998 Cherokke), but as far as I'm aware on any car the basic brake system is still hydraulics/mechanical. There is obviously a booster which usually works on vacuum and then there could be all sorts of electronics involved in functions such as ABS. Disabling the electronics, would/should never disable the actual brake function, which is still hydraulically/mechanically operated.
Anybody any thoughts on how you can remotely disable a brake system on a car? If they were able to shut down the engine, you are most likely to quickly loose the vacuum and thus the boost, but you still have normal braking capabilities, you just need to push the brake pedal harder.
Jeroen
And I thought this was stuff of the movies. I read the article of the car being controlled remotely and the first thing that came to mind was the chase sequence in Fast & Furious 6 where after hacking into Interpol HQ at London, when the bad guys were being given a chase by Toretto's people in BMWs they fire a remote transmitted and use it to jam the brakes on these cars.
But given that we are talking about the future of cars and Internet of Things, being able to control a car remotely will surely be one of the requirements.
Like they say, if its on the net, it can be hacked into. As the industry matures, I am sure loopholes or vulnerabilities will be plugged in - Fingers crossed
All times are GMT +5.5. The time now is 00:26. | |