As vehicles are increasingly computerized, researchers and industry officials consider it inevitable that cars will face the same vulnerabilities as PCs. Internal computer networks monitor and control everything from brakes, engines and transmissions to air bags and keyless-entry functions. Wireless connections, meanwhile, are becoming more common in reporting a vehicle’s position or providing information about the car’s functions. Some auto companies are creating applications to allow users to control some features in their car with their smart phone.
- Cars can be hacked and remotely controlled, researchers find
- Auto industry guards against hacking
- Could the computer in your car be hacked?
- able to “bypass rudimentary network security protections within the car”
- “adversarially cont” adversarially control a wide range of automotive functions and completely ignore driver input — including disabling the brakes, selectively braking individual wheels on demand, stopping the engine and so on”
- an attack could embed malicious code in a vehicle and then erase any evidence of its presence after a crash
- found ways to compromise security remotely, through wireless interfaces like Bluetooth, mechanics’ tools and even audio files.
- In one example, a modified song in a digital audio format could compromise the car’s CD player and infect other systems in the vehicle.
- Researchers were able to “obtain complete control” over the car by placing a call to the vehicle’s cell phone number and playing an audio signal that compromised the vehicle.
- showed vulnerabilities of in-car wireless networks that operate tire-pressure monitoring systems that tell motorists if their tire needs more air. From a distance of 40 meters, they bypassed security to tap into information identifying the tire and tire pressure of cars driving down the road.
- “I hope it’s more of a warning for the engineering groups that certain systems are vulnerable,” said Ivan Seskar, associate director for information technology at the Wireless Information Network Laboratory at Rutgers University.
- “When people first started connecting their PCs to the Internet, there wasn’t any threat, and then over time it manifests,” said Stefan Savage, a University of California, San Diego, computer science professor who conducted the research. “The automotive industry, I think, has the benefit of the experience of what we went through.”
Research Papers can be accessed from here. The project Electronic Vehicle Controls and Unintended Acceleration has been completed and the reports have been generated that can be read from here:
- the need to secure the security software components on board the cars (starting system, braking system, and ABS urgency braking system…)
- the securing of the control station updates for the manufacturer car dealers.
- the need for quality control by software certification especially for subcontracted software.