News > i3

Connected Car Security

Connecting cars to the Internet and cloud-based services has clear benefits for both drivers and passengers with features ranging from navigation systems with live search functions to streaming audio options. But along with connectivity comes a certain level of risk—cybersecurity concerns recently exposed in hacks of a Jeep SUV and the Nissan Leaf EV (electric vehicle).

Now, experts say, the same connectivity may also offer a solution to this cybersecurity problem, in the form of over-the-air updates. And better computing power in a vehicle could offer a panacea, as well.

Separation Anxiety

“The main issue is not so much data privacy—information about where the driver is going and what he is doing—but it’s primarily a critical safety issue,” says Michela Menting, research director for digital security at ABI Research in Geneva, Switzerland. That’s because in the vast majority of vehicles sold, braking, steering and other systems related to propelling a vehicle were engineered before anyone thought critically about protecting them from intruders, she says. Yet with vehicles connected by 3G or 4G cellular modems in two-way communications with automakers’ cloud services, there’s definite vulnerability, and in many cases the threat is “just a matter of tracking [a car] down and launching an attack,” she declares.

More, standard vehicle development times of three to five years means critical electronic systems and computing chips were engineered as far back as calendar year 2013 and will roll out in model years 2016 through 2018, and “some of those are immutable,” says Richard Doherty, research director of The Envisioneering Group in Seaford, NY. Counting just 2016 to 2018 models containing chips and systems essentially finished years ago, “that’s probably dozens of millions of the world’s cars, with the U.S. being the highest base because of our penchant for convenience,” he says.“These are honeypots” to hackers looking for challenges, he asserts, noting they’ll have access to them sometime in 2016 and 2017 model years. “And these days it can be hours and days, not weeks or months, before they find a weakness,” he says. Car “exploits” are likely to be on the agenda at a popular biennial gathering of hackers from around the world named HOPE (short for Hackers on Planet Earth), which is scheduled for July in New York. “There’s nothing secure and now we’re putting chips into things that go 100 miles per hour and in Germany faster.”

On the other hand, Doherty says, an argument can be made that Tesla automobiles are an exception, inherently less susceptible to hacking, for two reasons. First, he says, the automaker includes a “closed system,” using a proprietary gateway device to separate a vehicle’s infotainment network from its driving controls network. The second reason, he says, is that the company hasn’t published industry papers disclosing its intellectual property.

Nevertheless, Craig Smith, author of The Car Hacker’s Handbook (2014, No Starch Press) says, “Really any vehicle on the market right now is susceptible.”

The Car Hacker's Handbook

The most critical weaknesses is any type of wireless connectivity, such as telematics and infotainment, which offers “a very large attack surface” that encompasses Bluetooth, cellular, near field communications (NFC) and digital radio plus a link to the vehicle’s internal “CAN (Controller Area Network) Bus” that “is usually unprotected,” Smith says. A telematics system could, for example, gather speed information from the vehicle via the CAN Bus, thus providing a hacker access to the system that controls the vehicle’s speed. And when a vehicle’s internal networks are kept separate, this is more often a result of bandwidth constraints on the Bus that separates them instead of a predetermined anti-hacking or safety consideration, he says.

In fact, legacy safety standards don’t address hacking at all, but rather deal with parts failing, “and safety testing doesn’t do hacking.” Smith says though, some hacking-related safety standards do exist in draft form, at SAE International and other standard-setting organizations.

Further, it would be unwise for an automaker to protect a critical safety system with data encryption. Smith says, “When you just want to brake, you don’t want to have to decrypt packets.”

Last year, a Jeep Cherokee hack first reported by Wired magazine led to a recall of 1.4 million vehicles by brand parent FCA US LLC. Researchers gained control of their own vehicle’s transmission and other driving functions from miles away via the entertainment system head-unit and its built-in Uconnect telematics/infotainment feature, which was wirelessly connected to the Sprint cellular network.

This past February, a researcher in Australia demonstrated remotely hacked into a Nissan Leaf owned by a colleague in England, taking control of features such as the climate control system through an Internet-connected computer. The attack leveraged the specific vehicle identification number (VIN) and open and unsecured APIs that had been factory-installed in the car to accommodate a dedicated mobile app that Nissan offers for Apple iOS and Android devices, intended to provide owners with remote access and control for convenience.

Robert E. Calem