Hacking Cars: Security-Conscious Design for Auto Manufacturers
Last month, Chris Valasek, Director of Security Intelligence at IOActive gave a Duo Tech Talk at Duo Security's Ann Arbor office on automotive computers from a security researcher’s point of view.
Similar to their presentation given at the DEFCON 2013 conference, the talk focused on how Chris and Dr. Charlie Miller were able to obtain physical control over two late model vehicles (2010 Ford Escape and Toyota Prius) via the CAN (Controller Area Network) bus.
The CAN bus is a message-based protocol designed for automotive applications. In this Duo Tech Talk, Adventures in Automotive Networks and Control Units, Chris demoed software to show how data can be read and written to the CAN bus.
As Forbes.com reports, Chris and Charlie were able to send commands from their laptops to control power steering, GPS, speedometers, odometers and more.
According to Chris:
The gist of it is, if an attacker can reside on the CAN bus, whether locally on the physical wires / ODB-II or remotely through an external attack vector, almost all of the functionality relying on CAN traffic can be controlled with spoofed or diagnostic messages.
While we chose ODB-II, you could have easily clipped into the CAN lines with some kind of remote utility, or relied on a compromised external component, such as an infotainment system.
One of the main take-aways from the talk was that these systems were never designed with security in mind, especially from the external entry point perspective, so auto manufacturers need to become more security-conscious when designing and implementing new features that depend on an inherently insecure architecture.
Revenue from wireless car devices is estimated at $2.5 billion today, with projected growth to reach tenfold by 2025, as reported by mobile-industry trade group GSMA and Forbes.com. With the industry showing no signs of slowing in growth, the rate of innovation needs to be accompanied by adequate security controls.
As vehicles evolve from mechanical to software-based to meet consumer demand for connected infotainment systems, designing for security is more important than ever. Ensuring automotive security is more difficult than regular systems, as automotive software can’t be easily updated.
Watch the Duo Tech Talk video to learn more about automotive safety controls, and issues with car technology security today.
About Chris Valasek, Director of Security Intelligence at IOActive
Chris Valasek (@nudehaberdasher) is the Director of Security Intelligence at IOActive, an industry leader that offers comprehensive computer security services, where he specializes in attack methodologies, reverse engineering and exploitation techniques. While widely regarded for his research on Windows heap exploitation, Valasek also regularly speaks on the security industry conference circuit on a variety of topics. His previous tenures include Coverity, Accuvant LABS and IBM/ISS. He is also the Chairman of SummerCon, the nation’s oldest hacker conference. He holds a B.S. in Computer Science from the University of Pittsburgh.